Package org.keycloak.federation.kerberos

Class KerberosFederationProviderFactory

java.lang.Object

org.keycloak.federation.kerberos.KerberosFederationProviderFactory

All Implemented Interfaces:

ComponentFactory<KerberosFederationProvider,UserStorageProvider>, ConfiguredProvider, EnvironmentDependentProviderFactory, ProviderFactory<UserStorageProvider>, UserStorageProviderFactory<KerberosFederationProvider>

public class KerberosFederationProviderFactory
extends Object
implements UserStorageProviderFactory<KerberosFederationProvider>, EnvironmentDependentProviderFactory

Factory for standalone Kerberos federation provider. Standalone means that it's not backed by LDAP. For Kerberos backed by LDAP (like MS AD or ApacheDS environment) you should rather use LDAP Federation Provider.

Author:

Marek Posolda

Field Summary

Fields

Modifier and Type	Field	Description
protected static final List<ProviderConfigProperty>	configProperties
static final String	PROVIDER_NAME

Constructor Summary

Constructors

Constructor	Description
KerberosFederationProviderFactory()

Method Summary

Modifier and Type	Method	Description
void	close()	This is called when the server shuts down.
KerberosFederationProvider	create(KeycloakSession session, ComponentModel model)	called per Keycloak transaction.
protected KerberosServerSubjectAuthenticator	createKerberosSubjectAuthenticator(CommonKerberosConfig kerberosConfig)
protected KerberosUsernamePasswordAuthenticator	createKerberosUsernamePasswordAuthenticator(CommonKerberosConfig kerberosConfig)
protected SPNEGOAuthenticator	createSPNEGOAuthenticator(String spnegoToken, CommonKerberosConfig kerberosConfig)
List<ProviderConfigProperty>	getConfigProperties()
String	getId()	This is the name of the provider and will be showed in the admin console as an option.
void	init(Config.Scope config)	Only called once when the factory is first created.
boolean	isSupported(Config.Scope config)	Check if the provider is supported and should be available based on the provider configuration.
void	onCreate(KeycloakSession session, RealmModel realm, ComponentModel model)	Called when UserStorageProviderModel is created.
void	onUpdate(KeycloakSession session, RealmModel realm, ComponentModel oldModel, ComponentModel newModel)	Called after the component is updated.
void	postInit(KeycloakSessionFactory factory)	Called after all provider factories have been initialized
void	preRemove(KeycloakSession session, RealmModel realm, ComponentModel model)	Called before the component is removed.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.keycloak.component.ComponentFactory

create

Methods inherited from interface org.keycloak.provider.ConfiguredProvider

getConfig

Methods inherited from interface org.keycloak.provider.ProviderFactory

dependsOn, getConfigMetadata, order

Methods inherited from interface org.keycloak.storage.UserStorageProviderFactory

getCommonProviderConfigProperties, getHelpText, getTypeMetadata, validateConfiguration

Field Details

PROVIDER_NAME

public static final String PROVIDER_NAME

See Also:

• Constant Field Values

configProperties

protected static final List<ProviderConfigProperty> configProperties

Constructor Details

KerberosFederationProviderFactory

public KerberosFederationProviderFactory()

Method Details

create

public KerberosFederationProvider create(KeycloakSession session,
 ComponentModel model)

Description copied from interface: UserStorageProviderFactory

called per Keycloak transaction.

Specified by:

create in interface ComponentFactory<KerberosFederationProvider,UserStorageProvider>

Specified by:

create in interface UserStorageProviderFactory<KerberosFederationProvider>

getId

public String getId()

Description copied from interface: UserStorageProviderFactory

This is the name of the provider and will be showed in the admin console as an option.

Specified by:

getId in interface ProviderFactory<UserStorageProvider>

Specified by:

getId in interface UserStorageProviderFactory<KerberosFederationProvider>

isSupported

public boolean isSupported(Config.Scope config)

Description copied from interface: EnvironmentDependentProviderFactory

Check if the provider is supported and should be available based on the provider configuration.

Specified by:

isSupported in interface EnvironmentDependentProviderFactory

Parameters:

config - the provider configuration

Returns:

true if the provider is supported. Otherwise, false.

getConfigProperties

public List<ProviderConfigProperty> getConfigProperties()

Specified by:

getConfigProperties in interface ConfiguredProvider

Specified by:

getConfigProperties in interface UserStorageProviderFactory<KerberosFederationProvider>

init

public void init(Config.Scope config)

Description copied from interface: ProviderFactory

Only called once when the factory is first created. This config is pulled from keycloak_server.json

Specified by:

init in interface ProviderFactory<UserStorageProvider>

Specified by:

init in interface UserStorageProviderFactory<KerberosFederationProvider>

postInit

public void postInit(KeycloakSessionFactory factory)

Description copied from interface: ProviderFactory

Called after all provider factories have been initialized

Specified by:

postInit in interface ProviderFactory<UserStorageProvider>

Specified by:

postInit in interface UserStorageProviderFactory<KerberosFederationProvider>

close

public void close()

Description copied from interface: ProviderFactory

This is called when the server shuts down.

Specified by:

close in interface ProviderFactory<UserStorageProvider>

Specified by:

close in interface UserStorageProviderFactory<KerberosFederationProvider>

createSPNEGOAuthenticator

protected SPNEGOAuthenticator createSPNEGOAuthenticator(String spnegoToken,
 CommonKerberosConfig kerberosConfig)

createKerberosSubjectAuthenticator

protected KerberosServerSubjectAuthenticator createKerberosSubjectAuthenticator(CommonKerberosConfig kerberosConfig)

createKerberosUsernamePasswordAuthenticator

protected KerberosUsernamePasswordAuthenticator createKerberosUsernamePasswordAuthenticator(CommonKerberosConfig kerberosConfig)

onCreate

public void onCreate(KeycloakSession session,
 RealmModel realm,
 ComponentModel model)

Description copied from interface: UserStorageProviderFactory

Called when UserStorageProviderModel is created. This allows you to do initialization of any additional configuration you need to add. For example, you may be introspecting a database or ldap schema to automatically create mappings.

Specified by:

onCreate in interface ComponentFactory<KerberosFederationProvider,UserStorageProvider>

Specified by:

onCreate in interface UserStorageProviderFactory<KerberosFederationProvider>

onUpdate

public void onUpdate(KeycloakSession session,
 RealmModel realm,
 ComponentModel oldModel,
 ComponentModel newModel)

Description copied from interface: ComponentFactory

Called after the component is updated.

Specified by:

onUpdate in interface ComponentFactory<KerberosFederationProvider,UserStorageProvider>

oldModel - old saved model

newModel - new configuration

preRemove

public void preRemove(KeycloakSession session,
 RealmModel realm,
 ComponentModel model)

Description copied from interface: ComponentFactory

Called before the component is removed.

Specified by:

preRemove in interface ComponentFactory<KerberosFederationProvider,UserStorageProvider>

model - model of the component, which is going to be removed