Package org.keycloak.federation.kerberos
Class KerberosFederationProvider
- java.lang.Object
-
- org.keycloak.federation.kerberos.KerberosFederationProvider
-
- All Implemented Interfaces:
CredentialAuthentication,CredentialInputUpdater,CredentialInputValidator,Provider,ImportedUserValidation,UserLookupProvider,UserStorageProvider
public class KerberosFederationProvider extends Object implements UserStorageProvider, UserLookupProvider, CredentialInputValidator, CredentialInputUpdater, CredentialAuthentication, ImportedUserValidation
- Author:
- Marek Posolda
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface org.keycloak.credential.CredentialInputUpdater
CredentialInputUpdater.Streams
-
Nested classes/interfaces inherited from interface org.keycloak.storage.user.UserLookupProvider
UserLookupProvider.Streams
-
Nested classes/interfaces inherited from interface org.keycloak.storage.UserStorageProvider
UserStorageProvider.EditMode
-
-
Field Summary
Fields Modifier and Type Field Description protected KerberosFederationProviderFactoryfactorystatic StringKERBEROS_PRINCIPALprotected KerberosConfigkerberosConfigprotected UserStorageProviderModelmodelprotected KeycloakSessionsession
-
Constructor Summary
Constructors Constructor Description KerberosFederationProvider(KeycloakSession session, UserStorageProviderModel model, KerberosFederationProviderFactory factory)
-
Method Summary
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.keycloak.storage.user.UserLookupProvider
getUserByCredential
-
-
-
-
Field Detail
-
KERBEROS_PRINCIPAL
public static final String KERBEROS_PRINCIPAL
- See Also:
- Constant Field Values
-
session
protected KeycloakSession session
-
model
protected UserStorageProviderModel model
-
kerberosConfig
protected KerberosConfig kerberosConfig
-
factory
protected KerberosFederationProviderFactory factory
-
-
Constructor Detail
-
KerberosFederationProvider
public KerberosFederationProvider(KeycloakSession session, UserStorageProviderModel model, KerberosFederationProviderFactory factory)
-
-
Method Detail
-
validate
public UserModel validate(RealmModel realm, UserModel user)
- Specified by:
validatein interfaceImportedUserValidation
-
getUserByUsername
public UserModel getUserByUsername(RealmModel realm, String username)
- Specified by:
getUserByUsernamein interfaceUserLookupProvider
-
getUserByEmail
public UserModel getUserByEmail(RealmModel realm, String email)
- Specified by:
getUserByEmailin interfaceUserLookupProvider
-
getUserById
public UserModel getUserById(RealmModel realm, String id)
- Specified by:
getUserByIdin interfaceUserLookupProvider
-
preRemove
public void preRemove(RealmModel realm)
- Specified by:
preRemovein interfaceUserStorageProvider
-
preRemove
public void preRemove(RealmModel realm, RoleModel role)
- Specified by:
preRemovein interfaceUserStorageProvider
-
preRemove
public void preRemove(RealmModel realm, GroupModel group)
- Specified by:
preRemovein interfaceUserStorageProvider
-
isValid
public boolean isValid(RealmModel realm, UserModel local)
-
updateCredential
public boolean updateCredential(RealmModel realm, UserModel user, CredentialInput input)
- Specified by:
updateCredentialin interfaceCredentialInputUpdater
-
disableCredentialType
public void disableCredentialType(RealmModel realm, UserModel user, String credentialType)
- Specified by:
disableCredentialTypein interfaceCredentialInputUpdater
-
getDisableableCredentialTypesStream
public Stream<String> getDisableableCredentialTypesStream(RealmModel realm, UserModel user)
- Specified by:
getDisableableCredentialTypesStreamin interfaceCredentialInputUpdater
-
supportsCredentialType
public boolean supportsCredentialType(String credentialType)
- Specified by:
supportsCredentialTypein interfaceCredentialInputUpdater- Specified by:
supportsCredentialTypein interfaceCredentialInputValidator
-
supportsCredentialAuthenticationFor
public boolean supportsCredentialAuthenticationFor(String type)
- Specified by:
supportsCredentialAuthenticationForin interfaceCredentialAuthentication
-
isConfiguredFor
public boolean isConfiguredFor(RealmModel realm, UserModel user, String credentialType)
- Specified by:
isConfiguredForin interfaceCredentialInputValidator
-
isValid
public boolean isValid(RealmModel realm, UserModel user, CredentialInput input)
- Specified by:
isValidin interfaceCredentialInputValidator
-
authenticate
public CredentialValidationOutput authenticate(RealmModel realm, CredentialInput input)
- Specified by:
authenticatein interfaceCredentialAuthentication
-
findOrCreateAuthenticatedUser
protected UserModel findOrCreateAuthenticatedUser(RealmModel realm, String username)
Called after successful authentication- Parameters:
realm- realmusername- username without realm prefix- Returns:
- user if found or successfully created. Null if user with same username already exists, but is not linked to this provider
-
importUserToKeycloak
protected UserModel importUserToKeycloak(RealmModel realm, String username)
-
-