LDAPFederationProvider (Keycloak LDAP Federation 1.9.0.CR1 API)

java.lang.Object
- org.keycloak.federation.ldap.LDAPFederationProvider

All Implemented Interfaces:

UserFederationProvider, Provider
```
public class LDAPFederationProvider
extends Object
implements UserFederationProvider
```
Version:

$Revision: 1 $

Author:

Marek Posolda, Bill Burke

Nested Class Summary
- Nested classes/interfaces inherited from interface org.keycloak.models.UserFederationProvider
  UserFederationProvider.EditMode

Field Summary

Fields
Modifier and Type	Field and Description
`protected UserFederationProvider.EditMode`	`editMode`
`protected LDAPFederationProviderFactory`	`factory`
`protected LDAPProviderKerberosConfig`	`kerberosConfig`
`protected LDAPIdentityStore`	`ldapIdentityStore`
`protected UserFederationProviderModel`	`model`
`protected KeycloakSession`	`session`
`protected Set<String>`	`supportedCredentialTypes`

Fields inherited from interface org.keycloak.models.UserFederationProvider
EMAIL, FIRST_NAME, LAST_NAME, USERNAME

Constructor Summary

Constructors
Constructor and Description
`LDAPFederationProvider(LDAPFederationProviderFactory factory, KeycloakSession session, UserFederationProviderModel model, LDAPIdentityStore ldapIdentityStore)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`close()`
`protected UserModel`	`findOrCreateAuthenticatedUser(RealmModel realm, String username)` Called after successful kerberos authentication
`UserFederationProvider.EditMode`	`getEditMode()`
`List<UserModel>`	`getGroupMembers(RealmModel realm, GroupModel group, int firstResult, int maxResults)`
`LDAPIdentityStore`	`getLdapIdentityStore()`
`LDAPFederationMapper`	`getMapper(UserFederationMapperModel mapperModel)`
`UserFederationProviderModel`	`getModel()`
`KeycloakSession`	`getSession()`
`Set<String>`	`getSupportedCredentialTypes()`
`Set<String>`	`getSupportedCredentialTypes(UserModel local)`
`UserModel`	`getUserByEmail(RealmModel realm, String email)`
`UserModel`	`getUserByUsername(RealmModel realm, String username)`
`protected UserModel`	`importUserFromLDAP(KeycloakSession session, RealmModel realm, LDAPObject ldapUser)`
`boolean`	`isValid(RealmModel realm, UserModel local)`
`protected LDAPObject`	`loadAndValidateUser(RealmModel realm, UserModel local)`
`LDAPObject`	`loadLDAPUserByUsername(RealmModel realm, String username)`
`List<UserModel>`	`loadUsersByUsernames(List<String> usernames, RealmModel realm)`
`void`	`preRemove(RealmModel realm)`
`void`	`preRemove(RealmModel realm, GroupModel group)`
`void`	`preRemove(RealmModel realm, RoleModel role)`
`protected UserModel`	`proxy(RealmModel realm, UserModel local, LDAPObject ldapObject)`
`protected LDAPObject`	`queryByEmail(RealmModel realm, String email)`
`UserModel`	`register(RealmModel realm, UserModel user)`
`boolean`	`removeUser(RealmModel realm, UserModel user)`
`List<UserModel>`	`searchByAttributes(Map<String,String> attributes, RealmModel realm, int maxResults)`
`protected List<LDAPObject>`	`searchLDAP(RealmModel realm, Map<String,String> attributes, int maxResults)`
`boolean`	`synchronizeRegistrations()`
`UserModel`	`validateAndProxy(RealmModel realm, UserModel local)`
`CredentialValidationOutput`	`validCredentials(RealmModel realm, UserCredentialModel credential)`
`boolean`	`validCredentials(RealmModel realm, UserModel user, List<UserCredentialModel> input)`
`boolean`	`validCredentials(RealmModel realm, UserModel user, UserCredentialModel... input)`
`boolean`	`validPassword(RealmModel realm, UserModel user, String password)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

factory

protected LDAPFederationProviderFactory factory

session
```
protected KeycloakSession session
```

model

protected UserFederationProviderModel model

ldapIdentityStore

protected LDAPIdentityStore ldapIdentityStore

editMode

protected UserFederationProvider.EditMode editMode

kerberosConfig

protected LDAPProviderKerberosConfig kerberosConfig

supportedCredentialTypes

protected final Set<String> supportedCredentialTypes

Constructor Detail

LDAPFederationProvider

public LDAPFederationProvider(LDAPFederationProviderFactory factory,
                              KeycloakSession session,
                              UserFederationProviderModel model,
                              LDAPIdentityStore ldapIdentityStore)

Method Detail

getSession
```
public KeycloakSession getSession()
```

getModel

public UserFederationProviderModel getModel()

getLdapIdentityStore

public LDAPIdentityStore getLdapIdentityStore()

getEditMode

public UserFederationProvider.EditMode getEditMode()

validateAndProxy

public UserModel validateAndProxy(RealmModel realm,
                                  UserModel local)

Specified by:: validateAndProxy in interface UserFederationProvider

proxy

protected UserModel proxy(RealmModel realm,
                          UserModel local,
                          LDAPObject ldapObject)

getSupportedCredentialTypes
```
public Set<String> getSupportedCredentialTypes(UserModel local)
```
Specified by:

getSupportedCredentialTypes in interface UserFederationProvider

getSupportedCredentialTypes
```
public Set<String> getSupportedCredentialTypes()
```
Specified by:

getSupportedCredentialTypes in interface UserFederationProvider

synchronizeRegistrations
```
public boolean synchronizeRegistrations()
```
Specified by:

synchronizeRegistrations in interface UserFederationProvider

register

public UserModel register(RealmModel realm,
                          UserModel user)

Specified by:: register in interface UserFederationProvider

removeUser

public boolean removeUser(RealmModel realm,
                          UserModel user)

Specified by:: removeUser in interface UserFederationProvider

searchByAttributes

public List<UserModel> searchByAttributes(Map<String,String> attributes,
                                          RealmModel realm,
                                          int maxResults)

Specified by:: searchByAttributes in interface UserFederationProvider

getGroupMembers

public List<UserModel> getGroupMembers(RealmModel realm,
                                       GroupModel group,
                                       int firstResult,
                                       int maxResults)

Specified by:: getGroupMembers in interface UserFederationProvider

loadUsersByUsernames

public List<UserModel> loadUsersByUsernames(List<String> usernames,
                                            RealmModel realm)

searchLDAP

protected List<LDAPObject> searchLDAP(RealmModel realm,
                                      Map<String,String> attributes,
                                      int maxResults)

loadAndValidateUser

protected LDAPObject loadAndValidateUser(RealmModel realm,
                                         UserModel local)

Parameters:: local -
Returns:: ldapUser corresponding to local user or null if user is no longer in LDAP

isValid

public boolean isValid(RealmModel realm,
                       UserModel local)

Specified by:: isValid in interface UserFederationProvider

getUserByUsername

public UserModel getUserByUsername(RealmModel realm,
                                   String username)

Specified by:: getUserByUsername in interface UserFederationProvider

importUserFromLDAP

protected UserModel importUserFromLDAP(KeycloakSession session,
                                       RealmModel realm,
                                       LDAPObject ldapUser)

queryByEmail

protected LDAPObject queryByEmail(RealmModel realm,
                                  String email)

getUserByEmail

public UserModel getUserByEmail(RealmModel realm,
                                String email)

Specified by:: getUserByEmail in interface UserFederationProvider

preRemove
```
public void preRemove(RealmModel realm)
```
Specified by:

preRemove in interface UserFederationProvider

preRemove

public void preRemove(RealmModel realm,
                      RoleModel role)

Specified by:: preRemove in interface UserFederationProvider

preRemove

public void preRemove(RealmModel realm,
                      GroupModel group)

Specified by:: preRemove in interface UserFederationProvider

validPassword

public boolean validPassword(RealmModel realm,
                             UserModel user,
                             String password)

validCredentials

public boolean validCredentials(RealmModel realm,
                                UserModel user,
                                List<UserCredentialModel> input)

Specified by:: validCredentials in interface UserFederationProvider

validCredentials

public boolean validCredentials(RealmModel realm,
                                UserModel user,
                                UserCredentialModel... input)

Specified by:: validCredentials in interface UserFederationProvider

validCredentials

public CredentialValidationOutput validCredentials(RealmModel realm,
                                                   UserCredentialModel credential)

Specified by:: validCredentials in interface UserFederationProvider

close
```
public void close()
```
Specified by:

close in interface UserFederationProvider

Specified by:

close in interface Provider

findOrCreateAuthenticatedUser

protected UserModel findOrCreateAuthenticatedUser(RealmModel realm,
                                                  String username)

Called after successful kerberos authentication

Parameters:: realm - realm; username - username without realm prefix
Returns:: finded or newly created user

loadLDAPUserByUsername

public LDAPObject loadLDAPUserByUsername(RealmModel realm,
                                         String username)

getMapper

public LDAPFederationMapper getMapper(UserFederationMapperModel mapperModel)

Class LDAPFederationProvider

Nested Class Summary

Nested classes/interfaces inherited from interface org.keycloak.models.UserFederationProvider

Field Summary

Fields inherited from interface org.keycloak.models.UserFederationProvider

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

factory

session

model

ldapIdentityStore

editMode

kerberosConfig

supportedCredentialTypes

Constructor Detail

LDAPFederationProvider

Method Detail

getSession

getModel

getLdapIdentityStore

getEditMode

validateAndProxy

proxy

getSupportedCredentialTypes

getSupportedCredentialTypes

synchronizeRegistrations

register

removeUser

searchByAttributes

getGroupMembers

loadUsersByUsernames

searchLDAP

loadAndValidateUser

isValid

getUserByUsername

importUserFromLDAP

queryByEmail

getUserByEmail

preRemove

preRemove

preRemove

validPassword

validCredentials

validCredentials

validCredentials

close

findOrCreateAuthenticatedUser

loadLDAPUserByUsername

getMapper