LDAPFederationProvider (Keycloak 1.0.4.Final API)

java.lang.Object
- org.keycloak.federation.ldap.LDAPFederationProvider

All Implemented Interfaces:

UserFederationProvider, Provider
```
public class LDAPFederationProvider
extends Object
implements UserFederationProvider
```
Version:

$Revision: 1 $

Author:

Marek Posolda, Bill Burke

Nested Class Summary
- Nested classes/interfaces inherited from interface org.keycloak.models.UserFederationProvider
  UserFederationProvider.EditMode

Field Summary

Fields
Modifier and Type	Field and Description
`static String`	`EDIT_MODE`
`protected UserFederationProvider.EditMode`	`editMode`
`static String`	`LDAP_ID`
`protected UserFederationProviderModel`	`model`
`protected org.picketlink.idm.PartitionManager`	`partitionManager`
`protected KeycloakSession`	`session`
`protected static Set<String>`	`supportedCredentialTypes`
`static String`	`SYNC_REGISTRATIONS`

Fields inherited from interface org.keycloak.models.UserFederationProvider
EMAIL, FIRST_NAME, LAST_NAME, USERNAME

Constructor Summary

Constructors
Constructor and Description
`LDAPFederationProvider(KeycloakSession session, UserFederationProviderModel model, org.picketlink.idm.PartitionManager partitionManager)`

Method Summary

Methods
Modifier and Type	Method and Description
`void`	`close()`
`org.picketlink.idm.IdentityManager`	`getIdentityManager()`
`UserFederationProviderModel`	`getModel()`
`org.picketlink.idm.PartitionManager`	`getPartitionManager()`
`KeycloakSession`	`getSession()`
`Set<String>`	`getSupportedCredentialTypes(UserModel local)` What UserCredentialModel types should be handled by this provider for this user? Keycloak will only call validCredentials() with the credential types specified in this method.
`UserModel`	`getUserByEmail(RealmModel realm, String email)` Required to import into local storage any user found.
`UserModel`	`getUserByUsername(RealmModel realm, String username)` Required to import into local storage any user found.
`protected void`	`importPicketlinkUsers(RealmModel realm, List<org.picketlink.idm.model.basic.User> users, UserFederationProviderModel fedModel)`
`protected UserModel`	`importUserFromPicketlink(RealmModel realm, org.picketlink.idm.model.basic.User picketlinkUser)`
`boolean`	`isValid(UserModel local)` Is the Keycloak UserModel still valid and/or existing in federated storage?
`void`	`preRemove(RealmModel realm)` called whenever a Realm is removed
`void`	`preRemove(RealmModel realm, RoleModel role)` called before a role is removed.
`UserModel`	`proxy(UserModel local)` Gives the provider an option to proxy UserModels loaded from local storage.
`protected org.picketlink.idm.model.basic.User`	`queryByEmail(org.picketlink.idm.IdentityManager identityManager, String email)`
`UserModel`	`register(RealmModel realm, UserModel user)` Called if this federation provider has priority and supports synchronized registrations.
`boolean`	`removeUser(RealmModel realm, UserModel user)`
`List<UserModel>`	`searchByAttributes(Map<String,String> attributes, RealmModel realm, int maxResults)` Required to import into local storage any user found.
`protected Map<String,org.picketlink.idm.model.basic.User>`	`searchPicketlink(Map<String,String> attributes, int maxResults)`
`boolean`	`synchronizeRegistrations()` Should user registrations be synchronized with this provider? FYI, only one provider will be chosen (by priority) to have this synchronization
`boolean`	`validCredentials(RealmModel realm, UserModel user, List<UserCredentialModel> input)` Validate credentials for this user.
`boolean`	`validCredentials(RealmModel realm, UserModel user, UserCredentialModel... input)`
`boolean`	`validPassword(String username, String password)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - LDAP_ID
```
public static final String LDAP_ID
```
    See Also:
    Constant Field Values
  - SYNC_REGISTRATIONS
```
public static final String SYNC_REGISTRATIONS
```
    See Also:
    Constant Field Values
  - EDIT_MODE
```
public static final String EDIT_MODE
```
    See Also:
    Constant Field Values
  - session
```
protected KeycloakSession session
```
  - model
```
protected UserFederationProviderModel model
```
  - partitionManager
```
protected org.picketlink.idm.PartitionManager partitionManager
```
  - editMode
```
protected UserFederationProvider.EditMode editMode
```
  - supportedCredentialTypes
```
protected static final Set<String> supportedCredentialTypes
```
- Constructor Detail
  - LDAPFederationProvider
```
public LDAPFederationProvider(KeycloakSession session,
                      UserFederationProviderModel model,
                      org.picketlink.idm.PartitionManager partitionManager)
```
- Method Detail
  - getSession
```
public KeycloakSession getSession()
```
  - getModel
```
public UserFederationProviderModel getModel()
```
  - getPartitionManager
```
public org.picketlink.idm.PartitionManager getPartitionManager()
```
  - proxy
```
public UserModel proxy(UserModel local)
```
    Description copied from interface: UserFederationProvider
    
    Gives the provider an option to proxy UserModels loaded from local storage. This method is called whenever a UserModel is pulled from local storage. For example, the LDAP provider proxies the UserModel and does on-demand synchronization with LDAP whenever UserModel update methods are invoked. It also overrides UserModel.updateCredential for the credential types it supports
    
    Specified by:
    
    proxy in interface UserFederationProvider
    
    Returns:
  - getSupportedCredentialTypes
```
public Set<String> getSupportedCredentialTypes(UserModel local)
```
    Description copied from interface: UserFederationProvider
    
    What UserCredentialModel types should be handled by this provider for this user? Keycloak will only call validCredentials() with the credential types specified in this method.
    
    Specified by:
    
    getSupportedCredentialTypes in interface UserFederationProvider
    
    Returns:
  - synchronizeRegistrations
```
public boolean synchronizeRegistrations()
```
    Description copied from interface: UserFederationProvider
    
    Should user registrations be synchronized with this provider? FYI, only one provider will be chosen (by priority) to have this synchronization
    
    Specified by:
    
    synchronizeRegistrations in interface UserFederationProvider
    
    Returns:
  - register
```
public UserModel register(RealmModel realm,
                 UserModel user)
```
    Description copied from interface: UserFederationProvider
    
    Called if this federation provider has priority and supports synchronized registrations.
    
    Specified by:
    
    register in interface UserFederationProvider
    
    Returns:
  - removeUser
```
public boolean removeUser(RealmModel realm,
                 UserModel user)
```
    Specified by:
    
    removeUser in interface UserFederationProvider
  - searchByAttributes
```
public List<UserModel> searchByAttributes(Map<String,String> attributes,
                                 RealmModel realm,
                                 int maxResults)
```
    Description copied from interface: UserFederationProvider
    
    Required to import into local storage any user found. Must not import if user already exists in KeycloakSession.userStorage()! Currently only attributes USERNAME, EMAIL, FIRST_NAME and LAST_NAME will be used.
    
    Specified by:
    
    searchByAttributes in interface UserFederationProvider
    
    Returns:
  - searchPicketlink
```
protected Map<String,org.picketlink.idm.model.basic.User> searchPicketlink(Map<String,String> attributes,
                                                               int maxResults)
```
  - isValid
```
public boolean isValid(UserModel local)
```
    Description copied from interface: UserFederationProvider
    
    Is the Keycloak UserModel still valid and/or existing in federated storage?
    
    Specified by:
    
    isValid in interface UserFederationProvider
    
    Returns:
  - getUserByUsername
```
public UserModel getUserByUsername(RealmModel realm,
                          String username)
```
    Description copied from interface: UserFederationProvider
    
    Required to import into local storage any user found.
    
    Specified by:
    
    getUserByUsername in interface UserFederationProvider
    
    Returns:
  - getIdentityManager
```
public org.picketlink.idm.IdentityManager getIdentityManager()
```
  - importUserFromPicketlink
```
protected UserModel importUserFromPicketlink(RealmModel realm,
                                 org.picketlink.idm.model.basic.User picketlinkUser)
```
  - queryByEmail
```
protected org.picketlink.idm.model.basic.User queryByEmail(org.picketlink.idm.IdentityManager identityManager,
                                               String email)
                                                    throws org.picketlink.idm.IdentityManagementException
```
    Throws:
    
    org.picketlink.idm.IdentityManagementException
  - getUserByEmail
```
public UserModel getUserByEmail(RealmModel realm,
                       String email)
```
    Description copied from interface: UserFederationProvider
    
    Required to import into local storage any user found.
    
    Specified by:
    
    getUserByEmail in interface UserFederationProvider
    
    Returns:
  - preRemove
```
public void preRemove(RealmModel realm)
```
    Description copied from interface: UserFederationProvider
    
    called whenever a Realm is removed
    
    Specified by:
    
    preRemove in interface UserFederationProvider
  - preRemove
```
public void preRemove(RealmModel realm,
             RoleModel role)
```
    Description copied from interface: UserFederationProvider
    
    called before a role is removed.
    
    Specified by:
    
    preRemove in interface UserFederationProvider
  - validPassword
```
public boolean validPassword(String username,
                    String password)
```
  - validCredentials
```
public boolean validCredentials(RealmModel realm,
                       UserModel user,
                       List<UserCredentialModel> input)
```
    Description copied from interface: UserFederationProvider
    
    Validate credentials for this user. This method will only be called with credential parameters supported by this provider
    
    Specified by:
    
    validCredentials in interface UserFederationProvider
    
    Returns:
  - validCredentials
```
public boolean validCredentials(RealmModel realm,
                       UserModel user,
                       UserCredentialModel... input)
```
    Specified by:
    
    validCredentials in interface UserFederationProvider
  - close
```
public void close()
```
    Specified by:
    
    close in interface UserFederationProvider
    
    Specified by:
    
    close in interface Provider
  - importPicketlinkUsers
```
protected void importPicketlinkUsers(RealmModel realm,
                         List<org.picketlink.idm.model.basic.User> users,
                         UserFederationProviderModel fedModel)
```

Class LDAPFederationProvider

Nested Class Summary

Nested classes/interfaces inherited from interface org.keycloak.models.UserFederationProvider

Field Summary

Fields inherited from interface org.keycloak.models.UserFederationProvider

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

LDAP_ID

SYNC_REGISTRATIONS

EDIT_MODE

session

model

partitionManager

editMode

supportedCredentialTypes

Constructor Detail

LDAPFederationProvider

Method Detail

getSession

getModel

getPartitionManager

proxy

getSupportedCredentialTypes

synchronizeRegistrations

register

removeUser

searchByAttributes

searchPicketlink

isValid

getUserByUsername

getIdentityManager

importUserFromPicketlink

queryByEmail

getUserByEmail

preRemove

preRemove

validPassword

validCredentials

validCredentials

close

importPicketlinkUsers