public class KerberosFederationProvider extends Object implements UserStorageProvider, UserLookupProvider.Streams, CredentialInputValidator, CredentialInputUpdater.Streams, CredentialAuthentication, ImportedUserValidation
UserStorageProvider.EditModeUserLookupProvider.StreamsCredentialInputUpdater.Streams| Modifier and Type | Field and Description |
|---|---|
protected KerberosFederationProviderFactory |
factory |
static String |
KERBEROS_PRINCIPAL |
protected KerberosConfig |
kerberosConfig |
protected UserStorageProviderModel |
model |
protected KeycloakSession |
session |
| Constructor and Description |
|---|
KerberosFederationProvider(KeycloakSession session,
UserStorageProviderModel model,
KerberosFederationProviderFactory factory) |
| Modifier and Type | Method and Description |
|---|---|
CredentialValidationOutput |
authenticate(RealmModel realm,
CredentialInput input) |
void |
close() |
void |
disableCredentialType(RealmModel realm,
UserModel user,
String credentialType) |
protected UserModel |
findOrCreateAuthenticatedUser(RealmModel realm,
String username)
Called after successful authentication
|
Stream<String> |
getDisableableCredentialTypesStream(RealmModel realm,
UserModel user)
Obtains the set of credential types that can be disabled via
disableCredentialType. |
UserModel |
getUserByEmail(RealmModel realm,
String email)
Returns a user with the given email belonging to the realm
|
UserModel |
getUserById(RealmModel realm,
String id)
Returns a user with the given id belonging to the realm
|
UserModel |
getUserByUsername(RealmModel realm,
String username)
Returns a user with the given username belonging to the realm
|
protected UserModel |
importUserToKeycloak(RealmModel realm,
String username) |
boolean |
isConfiguredFor(RealmModel realm,
UserModel user,
String credentialType) |
boolean |
isValid(RealmModel realm,
UserModel local) |
boolean |
isValid(RealmModel realm,
UserModel user,
CredentialInput input)
Tests whether a credential is valid
|
void |
preRemove(RealmModel realm)
Callback when a realm is removed.
|
void |
preRemove(RealmModel realm,
GroupModel group)
Callback when a group is removed.
|
void |
preRemove(RealmModel realm,
RoleModel role)
Callback when a role is removed.
|
boolean |
supportsCredentialAuthenticationFor(String type) |
boolean |
supportsCredentialType(String credentialType) |
boolean |
updateCredential(RealmModel realm,
UserModel user,
CredentialInput input) |
UserModel |
validate(RealmModel realm,
UserModel user)
If this method returns null, then the user in local storage will be removed
|
protected boolean |
validPassword(String username,
String password) |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitgetUserByEmail, getUserById, getUserByUsernamegetDisableableCredentialTypespublic static final String KERBEROS_PRINCIPAL
protected KeycloakSession session
protected UserStorageProviderModel model
protected KerberosConfig kerberosConfig
protected KerberosFederationProviderFactory factory
public KerberosFederationProvider(KeycloakSession session, UserStorageProviderModel model, KerberosFederationProviderFactory factory)
public UserModel validate(RealmModel realm, UserModel user)
ImportedUserValidationvalidate in interface ImportedUserValidationpublic UserModel getUserByUsername(RealmModel realm, String username)
UserLookupProvidergetUserByUsername in interface UserLookupProvidergetUserByUsername in interface UserLookupProvider.Streamsrealm - the realm modelusername - case insensitive username (case-sensitivity is controlled by storage)null if no such user existspublic UserModel getUserByEmail(RealmModel realm, String email)
UserLookupProvidergetUserByEmail in interface UserLookupProvidergetUserByEmail in interface UserLookupProvider.Streamsrealm - the realm modelemail - case insensitive email address (case-sensitivity is controlled by storage)null if no such user existspublic UserModel getUserById(RealmModel realm, String id)
UserLookupProvidergetUserById in interface UserLookupProvidergetUserById in interface UserLookupProvider.Streamsrealm - the realm modelid - id of the usernull if no such user existspublic void preRemove(RealmModel realm)
UserStorageProviderpreRemove in interface UserStorageProviderpublic void preRemove(RealmModel realm, RoleModel role)
UserStorageProviderpreRemove in interface UserStorageProviderpublic void preRemove(RealmModel realm, GroupModel group)
UserStorageProviderpreRemove in interface UserStorageProviderpublic boolean isValid(RealmModel realm, UserModel local)
public boolean updateCredential(RealmModel realm, UserModel user, CredentialInput input)
updateCredential in interface CredentialInputUpdaterpublic void disableCredentialType(RealmModel realm, UserModel user, String credentialType)
disableCredentialType in interface CredentialInputUpdaterpublic Stream<String> getDisableableCredentialTypesStream(RealmModel realm, UserModel user)
CredentialInputUpdaterdisableCredentialType.getDisableableCredentialTypesStream in interface CredentialInputUpdatergetDisableableCredentialTypesStream in interface CredentialInputUpdater.Streamsrealm - a reference to the realm.user - the user whose credentials are being searched.Stream of credential types.public boolean supportsCredentialType(String credentialType)
supportsCredentialType in interface CredentialInputUpdatersupportsCredentialType in interface CredentialInputValidatorpublic boolean supportsCredentialAuthenticationFor(String type)
supportsCredentialAuthenticationFor in interface CredentialAuthenticationpublic boolean isConfiguredFor(RealmModel realm, UserModel user, String credentialType)
isConfiguredFor in interface CredentialInputValidatorpublic boolean isValid(RealmModel realm, UserModel user, CredentialInput input)
CredentialInputValidatorisValid in interface CredentialInputValidatorrealm - The realm in which to which the credential belongs touser - The user for which to test the credentialinput - the credential details to verifypublic CredentialValidationOutput authenticate(RealmModel realm, CredentialInput input)
authenticate in interface CredentialAuthenticationprotected UserModel findOrCreateAuthenticatedUser(RealmModel realm, String username)
realm - realmusername - username without realm prefixprotected UserModel importUserToKeycloak(RealmModel realm, String username)
Copyright © 2021 JBoss by Red Hat. All rights reserved.