Class LDAPOperationManager
java.lang.Object
org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager
This class provides a set of operations to manage LDAP trees.
- Author:
- Anil Saldhana, Pedro Silva
-
Nested Class Summary
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
addAttribute
(LdapName dn, Attribute attribute) Adds the givenAttribute
instance using the given DN.void
authenticate
(LdapName dn, String password) Performs a simple authentication using the given DN and password to bind to the authentication context.createSubContext
(LdapName name, Attributes attributes) decodeEntryUUID
(Object entryUUID) getAttributes
(String entryUUID, LdapName baseDN, Set<String> returningAttributes) getFilterById
(String id) lookupById
(LdapName baseDN, String id, Collection<String> returningAttributes) void
modifyAttribute
(LdapName dn, Attribute attribute) Modifies the givenAttribute
instance using the given DN.void
modifyAttributes
(LdapName dn, ModificationItem[] mods, LDAPOperationDecorator decorator) void
modifyAttributes
(LdapName dn, NamingEnumeration<Attribute> attributes) Modifies the givenAttribute
instances using the given DN.void
modifyAttributesNaming
(LdapName dn, ModificationItem[] mods, LDAPOperationDecorator decorator) void
passwordModifyExtended
(LdapName dn, String password, LDAPOperationDecorator decorator) Execute the LDAP Password Modify Extended Operation to update the password for the given DN.void
removeAttribute
(LdapName dn, Attribute attribute) Removes the givenAttribute
instance using the given DN.void
removeEntry
(LdapName entryDn) Removes the object from the LDAP treerenameEntry
(LdapName oldDn, LdapName newDn, boolean fallback) Rename LDAPObject name (DN)search
(LdapName baseDN, Condition condition, Collection<String> returningAttributes, int searchScope) searchPaginated
(LdapName baseDN, Condition condition, LDAPQuery identityQuery)
-
Constructor Details
-
LDAPOperationManager
-
-
Method Details
-
modifyAttribute
Modifies the given
Attribute
instance using the given DN. This method performs a REPLACE_ATTRIBUTE operation.- Parameters:
dn
-attribute
-
-
modifyAttributes
Modifies the given
Attribute
instances using the given DN. This method performs a REPLACE_ATTRIBUTE operation.- Parameters:
dn
-attributes
-
-
removeAttribute
Removes the given
Attribute
instance using the given DN. This method performs a REMOVE_ATTRIBUTE operation.- Parameters:
dn
-attribute
-
-
addAttribute
Adds the given
Attribute
instance using the given DN. This method performs a ADD_ATTRIBUTE operation.- Parameters:
dn
-attribute
-
-
removeEntry
Removes the object from the LDAP tree
-
renameEntry
Rename LDAPObject name (DN)- Parameters:
oldDn
-newDn
-fallback
- With fallback=true, we will try to find the another DN in case of conflict. For example if there is an attempt to rename to "CN=John Doe", but there is already existing "CN=John Doe", we will try "CN=John Doe0"- Returns:
- the non-conflicting DN, which was used in the end
-
search
public List<SearchResult> search(LdapName baseDN, Condition condition, Collection<String> returningAttributes, int searchScope) throws NamingException - Throws:
NamingException
-
searchPaginated
public List<SearchResult> searchPaginated(LdapName baseDN, Condition condition, LDAPQuery identityQuery) throws NamingException - Throws:
NamingException
-
getFilterById
-
lookupById
-
authenticate
Performs a simple authentication using the given DN and password to bind to the authentication context.
- Parameters:
dn
-password
-- Throws:
AuthenticationException
- if authentication is not successful
-
modifyAttributesNaming
public void modifyAttributesNaming(LdapName dn, ModificationItem[] mods, LDAPOperationDecorator decorator) throws NamingException - Throws:
NamingException
-
modifyAttributes
public void modifyAttributes(LdapName dn, ModificationItem[] mods, LDAPOperationDecorator decorator) -
createSubContext
-
getAttributes
-
decodeEntryUUID
-
passwordModifyExtended
Execute the LDAP Password Modify Extended Operation to update the password for the given DN.- Parameters:
dn
- distinguished name of the entry.password
- the new password.decorator
- A decorator to apply to the ldap operation.
-