Class RoleLDAPStorageMapper
java.lang.Object
org.keycloak.storage.ldap.mappers.AbstractLDAPStorageMapper
org.keycloak.storage.ldap.mappers.membership.role.RoleLDAPStorageMapper
- All Implemented Interfaces:
Provider,LDAPStorageMapper,CommonLDAPGroupMapper
public class RoleLDAPStorageMapper
extends AbstractLDAPStorageMapper
implements CommonLDAPGroupMapper
Map realm roles or roles of particular client to LDAP groups
- Author:
- Marek Posolda
-
Nested Class Summary
Nested Classes -
Field Summary
Fields inherited from class org.keycloak.storage.ldap.mappers.AbstractLDAPStorageMapper
ldapProvider, mapperModel, session -
Constructor Summary
ConstructorsConstructorDescriptionRoleLDAPStorageMapper(ComponentModel mapperModel, LDAPStorageProvider ldapProvider, RoleLDAPStorageMapperFactory factory) -
Method Summary
Modifier and TypeMethodDescriptionvoidaddRoleMappingInLDAP(String roleName, LDAPObject ldapUser) voidbeforeLDAPQuery(LDAPQuery query) Called before LDAP Identity query for retrieve LDAP users was executed.createLDAPRole(String roleName) createRoleQuery(boolean includeMemberAttribute) voiddeleteRoleMappingInLDAP(LDAPObject ldapUser, LDAPObject ldapRole) protected List<LDAPObject>getLDAPRoleMappings(LDAPObject ldapUser) protected StringgetRoleMembers(RealmModel realm, RoleModel role, int firstResult, int maxResults) Return empty list if doesn't support storing of rolesprotected RoleContainerModelgetTargetRoleContainer(RealmModel realm) loadLDAPRoleByName(String roleName) loadRoleGroupByName(String roleName) voidonImportUserFromLDAP(LDAPObject ldapUser, UserModel user, RealmModel realm, boolean isCreate) Called when importing user from LDAP to local keycloak DB.voidonRegisterUserToLDAP(LDAPObject ldapUser, UserModel localUser, RealmModel realm) Called when register new user to LDAP - just after user was created in Keycloak DBproxy(LDAPObject ldapUser, UserModel delegate, RealmModel realm) Called when invoke proxy on LDAP federation providerSync data from federated storage to Keycloak.Sync data from Keycloak back to federated storageMethods inherited from class org.keycloak.storage.ldap.mappers.AbstractLDAPStorageMapper
close, getGroupMembers, getLdapProvider, mandatoryAttributeNames, onAuthenticationFailure, parseBooleanParameterMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface org.keycloak.storage.ldap.mappers.LDAPStorageMapper
getGroupMembers, getLdapProvider, mandatoryAttributeNames, onAuthenticationFailure
-
Constructor Details
-
RoleLDAPStorageMapper
public RoleLDAPStorageMapper(ComponentModel mapperModel, LDAPStorageProvider ldapProvider, RoleLDAPStorageMapperFactory factory)
-
-
Method Details
-
createLDAPGroupQuery
- Specified by:
createLDAPGroupQueryin interfaceCommonLDAPGroupMapper
-
getConfig
- Specified by:
getConfigin interfaceCommonLDAPGroupMapper
-
onImportUserFromLDAP
public void onImportUserFromLDAP(LDAPObject ldapUser, UserModel user, RealmModel realm, boolean isCreate) Description copied from interface:LDAPStorageMapperCalled when importing user from LDAP to local keycloak DB.- Specified by:
onImportUserFromLDAPin interfaceLDAPStorageMapperisCreate- true if we importing new user from LDAP. False if user already exists in Keycloak, but we are upgrading (syncing) it from LDAP
-
onRegisterUserToLDAP
Description copied from interface:LDAPStorageMapperCalled when register new user to LDAP - just after user was created in Keycloak DB- Specified by:
onRegisterUserToLDAPin interfaceLDAPStorageMapper
-
syncDataFromFederationProviderToKeycloak
Description copied from interface:LDAPStorageMapperSync data from federated storage to Keycloak. It's useful just if mapper needs some data preloaded from federated storage (For example load roles from federated provider and sync them to Keycloak database) Applicable just if sync is supported- Specified by:
syncDataFromFederationProviderToKeycloakin interfaceLDAPStorageMapper- Overrides:
syncDataFromFederationProviderToKeycloakin classAbstractLDAPStorageMapper
-
syncDataFromKeycloakToFederationProvider
Description copied from interface:LDAPStorageMapperSync data from Keycloak back to federated storage- Specified by:
syncDataFromKeycloakToFederationProviderin interfaceLDAPStorageMapper- Overrides:
syncDataFromKeycloakToFederationProviderin classAbstractLDAPStorageMapper
-
createRoleQuery
-
getTargetRoleContainer
-
createLDAPRole
-
addRoleMappingInLDAP
-
deleteRoleMappingInLDAP
-
loadLDAPRoleByName
-
getLDAPRoleMappings
-
proxy
Description copied from interface:LDAPStorageMapperCalled when invoke proxy on LDAP federation provider- Specified by:
proxyin interfaceLDAPStorageMapper- Returns:
-
beforeLDAPQuery
Description copied from interface:LDAPStorageMapperCalled before LDAP Identity query for retrieve LDAP users was executed. It allows to change query somehow (add returning attributes from LDAP, change conditions etc)- Specified by:
beforeLDAPQueryin interfaceLDAPStorageMapper
-
getMembershipUserLdapAttribute
-
loadRoleGroupByName
-
getRoleMembers
public List<UserModel> getRoleMembers(RealmModel realm, RoleModel role, int firstResult, int maxResults) Description copied from interface:LDAPStorageMapperReturn empty list if doesn't support storing of roles- Specified by:
getRoleMembersin interfaceLDAPStorageMapper- Overrides:
getRoleMembersin classAbstractLDAPStorageMapper- Returns:
-