Package org.keycloak.storage.ldap.idm.store.ldap

Class LDAPOperationManager

java.lang.Object
org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager
public class LDAPOperationManager extends Object

This class provides a set of operations to manage LDAP trees.

Author:
Anil Saldhana, Pedro Silva

  • Constructor Details

  • Method Details

    • modifyAttribute

      public void modifyAttribute(LdapName dn, Attribute attribute)

      Modifies the given Attribute instance using the given DN. This method performs a REPLACE_ATTRIBUTE operation.

      Parameters:
      dn -
      attribute -

    • modifyAttributes

      public void modifyAttributes(LdapName dn, NamingEnumeration<Attribute> attributes)

      Modifies the given Attribute instances using the given DN. This method performs a REPLACE_ATTRIBUTE operation.

      Parameters:
      dn -
      attributes -

    • removeAttribute

      public void removeAttribute(LdapName dn, Attribute attribute)

      Removes the given Attribute instance using the given DN. This method performs a REMOVE_ATTRIBUTE operation.

      Parameters:
      dn -
      attribute -

    • addAttribute

      public void addAttribute(LdapName dn, Attribute attribute)

      Adds the given Attribute instance using the given DN. This method performs a ADD_ATTRIBUTE operation.

      Parameters:
      dn -
      attribute -

    • removeEntry

      public void removeEntry(LdapName entryDn)

      Removes the object from the LDAP tree

    • renameEntry

      public LdapName renameEntry(LdapName oldDn, LdapName newDn, boolean fallback)
      Rename LDAPObject name (DN)
      Parameters:
      oldDn -
      newDn -
      fallback - With fallback=true, we will try to find the another DN in case of conflict. For example if there is an attempt to rename to "CN=John Doe", but there is already existing "CN=John Doe", we will try "CN=John Doe0"
      Returns:
      the non-conflicting DN, which was used in the end

    • search

      public List<SearchResult> search(LdapName baseDN, String filter, Collection<String> returningAttributes, int searchScope) throws NamingException
      Throws:
      NamingException

    • searchPaginated

      public List<SearchResult> searchPaginated(LdapName baseDN, String filter, LDAPQuery identityQuery) throws NamingException
      Throws:
      NamingException

    • getFilterById

      public String getFilterById(String id)

    • lookupById

      public SearchResult lookupById(LdapName baseDN, String id, Collection<String> returningAttributes)

    • authenticate

      public void authenticate(LdapName dn, String password) throws AuthenticationException

      Performs a simple authentication using the given DN and password to bind to the authentication context.

      Parameters:
      dn -
      password -
      Throws:
      AuthenticationException - if authentication is not successful

    • modifyAttributesNaming

      public void modifyAttributesNaming(LdapName dn, ModificationItem[] mods, LDAPOperationDecorator decorator) throws NamingException
      Throws:
      NamingException

    • modifyAttributes

      public void modifyAttributes(LdapName dn, ModificationItem[] mods, LDAPOperationDecorator decorator)

    • createSubContext

      public void createSubContext(LdapName name, Attributes attributes)

    • getAttributes

      public Attributes getAttributes(String entryUUID, LdapName baseDN, Set<String> returningAttributes)

    • decodeEntryUUID

      public String decodeEntryUUID(Object entryUUID)

    • passwordModifyExtended

      public void passwordModifyExtended(LdapName dn, String password, LDAPOperationDecorator decorator)
      Execute the LDAP Password Modify Extended Operation to update the password for the given DN.
      Parameters:
      dn - distinguished name of the entry.
      password - the new password.
      decorator - A decorator to apply to the ldap operation.