Package org.keycloak.federation.kerberos
Class KerberosFederationProvider
java.lang.Object
org.keycloak.federation.kerberos.KerberosFederationProvider
- All Implemented Interfaces:
CredentialAuthentication,CredentialInputUpdater,CredentialInputValidator,Provider,ImportedUserValidation,UserLookupProvider,UserStorageProvider,UserProfileDecorator
public class KerberosFederationProvider
extends Object
implements UserStorageProvider, UserLookupProvider, CredentialInputValidator, CredentialInputUpdater, CredentialAuthentication, ImportedUserValidation, UserProfileDecorator
- Author:
- Marek Posolda
-
Nested Class Summary
Nested classes/interfaces inherited from interface org.keycloak.storage.UserStorageProvider
UserStorageProvider.EditMode -
Field Summary
FieldsModifier and TypeFieldDescriptionprotected KerberosFederationProviderFactorystatic final Stringprotected KerberosConfigprotected UserStorageProviderModelprotected KeycloakSession -
Constructor Summary
ConstructorsConstructorDescriptionKerberosFederationProvider(KeycloakSession session, UserStorageProviderModel model, KerberosFederationProviderFactory factory) -
Method Summary
Modifier and TypeMethodDescriptionauthenticate(RealmModel realm, CredentialInput input) voidclose()decorateUserProfile(String providerId, UserProfileMetadata metadata) voiddisableCredentialType(RealmModel realm, UserModel user, String credentialType) protected UserModelfindOrCreateAuthenticatedUser(RealmModel realm, KerberosPrincipal kerberosPrincipal) Called after successful authenticationgetDisableableCredentialTypesStream(RealmModel realm, UserModel user) getUserByEmail(RealmModel realm, String email) getUserById(RealmModel realm, String id) getUserByUsername(RealmModel realm, String username) protected UserModelimportUserToKeycloak(RealmModel realm, KerberosPrincipal kerberosPrincipal) booleanisConfiguredFor(RealmModel realm, UserModel user, String credentialType) booleanisValid(RealmModel realm, UserModel user, CredentialInput input) voidpreRemove(RealmModel realm) voidpreRemove(RealmModel realm, GroupModel group) voidpreRemove(RealmModel realm, RoleModel role) booleanbooleansupportsCredentialType(String credentialType) toString()booleanupdateCredential(RealmModel realm, UserModel user, CredentialInput input) validate(RealmModel realm, UserModel user) protected booleanvalidPassword(String kerberosPrincipal, String password) Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, waitMethods inherited from interface org.keycloak.storage.user.UserLookupProvider
getUserByCredential
-
Field Details
-
KERBEROS_PRINCIPAL
- See Also:
-
session
-
model
-
kerberosConfig
-
factory
-
-
Constructor Details
-
KerberosFederationProvider
public KerberosFederationProvider(KeycloakSession session, UserStorageProviderModel model, KerberosFederationProviderFactory factory)
-
-
Method Details
-
validate
- Specified by:
validatein interfaceImportedUserValidation
-
getUserByUsername
- Specified by:
getUserByUsernamein interfaceUserLookupProvider
-
getUserByEmail
- Specified by:
getUserByEmailin interfaceUserLookupProvider
-
getUserById
- Specified by:
getUserByIdin interfaceUserLookupProvider
-
preRemove
- Specified by:
preRemovein interfaceUserStorageProvider
-
preRemove
- Specified by:
preRemovein interfaceUserStorageProvider
-
preRemove
- Specified by:
preRemovein interfaceUserStorageProvider
-
updateCredential
- Specified by:
updateCredentialin interfaceCredentialInputUpdater
-
disableCredentialType
- Specified by:
disableCredentialTypein interfaceCredentialInputUpdater
-
getDisableableCredentialTypesStream
- Specified by:
getDisableableCredentialTypesStreamin interfaceCredentialInputUpdater
-
supportsCredentialType
- Specified by:
supportsCredentialTypein interfaceCredentialInputUpdater- Specified by:
supportsCredentialTypein interfaceCredentialInputValidator
-
supportsCredentialAuthenticationFor
- Specified by:
supportsCredentialAuthenticationForin interfaceCredentialAuthentication
-
isConfiguredFor
- Specified by:
isConfiguredForin interfaceCredentialInputValidator
-
isValid
- Specified by:
isValidin interfaceCredentialInputValidator
-
validPassword
-
authenticate
- Specified by:
authenticatein interfaceCredentialAuthentication
-
close
public void close() -
findOrCreateAuthenticatedUser
protected UserModel findOrCreateAuthenticatedUser(RealmModel realm, KerberosPrincipal kerberosPrincipal) Called after successful authentication- Parameters:
realm- realmkerberosPrincipal-- Returns:
- user if found or successfully created. Null if user with same username already exists, but is not linked to this provider
-
importUserToKeycloak
-
toString
-
decorateUserProfile
- Specified by:
decorateUserProfilein interfaceUserProfileDecorator
-