keycloak-uncached
Changes
federation/ldap/src/main/java/org/keycloak/federation/ldap/LDAPFederationProviderFactory.java 14(+10 -4)
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/federated-ldap.html 2(+1 -1)
picketlink/keycloak-picketlink-ldap/src/main/java/org/keycloak/picketlink/idm/LDAPKeycloakCredentialHandler.java 14(+1 -13)
pom.xml 4(+2 -2)
testsuite/integration/pom.xml 2(+1 -1)
Details
diff --git a/federation/ldap/src/main/java/org/keycloak/federation/ldap/LDAPFederationProvider.java b/federation/ldap/src/main/java/org/keycloak/federation/ldap/LDAPFederationProvider.java
index e6378ce..a49a989 100755
--- a/federation/ldap/src/main/java/org/keycloak/federation/ldap/LDAPFederationProvider.java
+++ b/federation/ldap/src/main/java/org/keycloak/federation/ldap/LDAPFederationProvider.java
@@ -53,8 +53,11 @@ public class LDAPFederationProvider implements UserFederationProvider {
this.model = model;
this.partitionManager = partitionManager;
String editModeString = model.getConfig().get(EDIT_MODE);
- if (editModeString == null) editMode = EditMode.READ_ONLY;
- editMode = EditMode.valueOf(editModeString);
+ if (editModeString == null) {
+ editMode = EditMode.READ_ONLY;
+ } else {
+ editMode = EditMode.valueOf(editModeString);
+ }
}
private ModelException convertIDMException(IdentityManagementException ie) {
diff --git a/federation/ldap/src/main/java/org/keycloak/federation/ldap/LDAPFederationProviderFactory.java b/federation/ldap/src/main/java/org/keycloak/federation/ldap/LDAPFederationProviderFactory.java
index 5472bc7..44987e9 100755
--- a/federation/ldap/src/main/java/org/keycloak/federation/ldap/LDAPFederationProviderFactory.java
+++ b/federation/ldap/src/main/java/org/keycloak/federation/ldap/LDAPFederationProviderFactory.java
@@ -16,7 +16,11 @@ import org.picketlink.idm.IdentityManager;
import org.picketlink.idm.PartitionManager;
import org.picketlink.idm.model.IdentityType;
import org.picketlink.idm.model.basic.User;
+import org.picketlink.idm.query.AttributeParameter;
+import org.picketlink.idm.query.Condition;
import org.picketlink.idm.query.IdentityQuery;
+import org.picketlink.idm.query.IdentityQueryBuilder;
+import org.picketlink.idm.query.QueryParameter;
import java.util.Collections;
import java.util.Date;
@@ -84,13 +88,15 @@ public class LDAPFederationProviderFactory implements UserFederationProviderFact
// Sync newly created users
IdentityManager identityManager = partitionMgr.createIdentityManager();
- IdentityQuery<User> userQuery = identityManager.createIdentityQuery(User.class)
- .setParameter(IdentityType.CREATED_AFTER, lastSync);
+ IdentityQueryBuilder queryBuilder = identityManager.getQueryBuilder();
+ Condition condition = queryBuilder.greaterThanOrEqualTo(IdentityType.CREATED_DATE, lastSync);
+ IdentityQuery<User> userQuery = queryBuilder.createIdentityQuery(User.class).where(condition);
syncImpl(sessionFactory, userQuery, realmId, model);
// Sync updated users
- userQuery = identityManager.createIdentityQuery(User.class)
- .setParameter(IdentityType.MODIFIED_AFTER, lastSync);
+ queryBuilder = identityManager.getQueryBuilder();
+ condition = queryBuilder.greaterThanOrEqualTo(LDAPUtils.MODIFY_DATE, lastSync);
+ userQuery = queryBuilder.createIdentityQuery(User.class).where(condition);
syncImpl(sessionFactory, userQuery, realmId, model);
}
diff --git a/federation/ldap/src/main/java/org/keycloak/federation/ldap/LDAPUtils.java b/federation/ldap/src/main/java/org/keycloak/federation/ldap/LDAPUtils.java
index e01a531..db0e9b8 100755
--- a/federation/ldap/src/main/java/org/keycloak/federation/ldap/LDAPUtils.java
+++ b/federation/ldap/src/main/java/org/keycloak/federation/ldap/LDAPUtils.java
@@ -10,6 +10,8 @@ import org.picketlink.idm.credential.UsernamePasswordCredentials;
import org.picketlink.idm.model.Attribute;
import org.picketlink.idm.model.basic.BasicModel;
import org.picketlink.idm.model.basic.User;
+import org.picketlink.idm.query.AttributeParameter;
+import org.picketlink.idm.query.QueryParameter;
import java.util.List;
@@ -20,6 +22,8 @@ import java.util.List;
*/
public class LDAPUtils {
+ public static QueryParameter MODIFY_DATE = new AttributeParameter("modifyDate");
+
public static User addUser(PartitionManager partitionManager, String username, String firstName, String lastName, String email) {
IdentityManager identityManager = getIdentityManager(partitionManager);
diff --git a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/users.js b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/users.js
index 8c6154a..9855de2 100755
--- a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/users.js
+++ b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/users.js
@@ -529,7 +529,7 @@ module.controller('LDAPCtrl', function($scope, $location, Notifications, Dialog,
];
$scope.usernameLDAPAttributes = [
- "uid", "cn", "sAMAccountName"
+ "uid", "cn", "sAMAccountName", "entryDN"
];
$scope.realm = realm;
diff --git a/forms/common-themes/src/main/resources/theme/admin/base/resources/partials/federated-ldap.html b/forms/common-themes/src/main/resources/theme/admin/base/resources/partials/federated-ldap.html
index d94f8ab..69c53e2 100755
--- a/forms/common-themes/src/main/resources/theme/admin/base/resources/partials/federated-ldap.html
+++ b/forms/common-themes/src/main/resources/theme/admin/base/resources/partials/federated-ldap.html
@@ -129,7 +129,7 @@
<div class="form-group clearfix">
<label class="col-sm-2 control-label" for="ldapBindCredential">Bind Credential <span class="required">*</span></label>
<div class="col-sm-4">
- <input class="form-control" id="ldapBindCredential" type="text" ng-model="instance.config.bindCredential" placeholder="LDAP Bind Credentials" required>
+ <input class="form-control" id="ldapBindCredential" type="password" ng-model="instance.config.bindCredential" placeholder="LDAP Bind Credentials" required>
</div>
<span tooltip-placement="right" tooltip="Password of LDAP admin" class="fa fa-info-circle"></span>
<div class="col-sm-4" data-ng-show="access.manageRealm">
diff --git a/picketlink/keycloak-picketlink-ldap/src/main/java/org/keycloak/picketlink/idm/LDAPKeycloakCredentialHandler.java b/picketlink/keycloak-picketlink-ldap/src/main/java/org/keycloak/picketlink/idm/LDAPKeycloakCredentialHandler.java
index 0c82906..bc5278c 100755
--- a/picketlink/keycloak-picketlink-ldap/src/main/java/org/keycloak/picketlink/idm/LDAPKeycloakCredentialHandler.java
+++ b/picketlink/keycloak-picketlink-ldap/src/main/java/org/keycloak/picketlink/idm/LDAPKeycloakCredentialHandler.java
@@ -37,7 +37,7 @@ public class LDAPKeycloakCredentialHandler extends LDAPPlainTextPasswordCredenti
protected boolean validateCredential(IdentityContext context, CredentialStorage credentialStorage, UsernamePasswordCredentials credentials, LDAPIdentityStore ldapIdentityStore) {
Account account = getAccount(context, credentials.getUsername());
char[] password = credentials.getPassword().getValue();
- String userDN = getDNOfUser(ldapIdentityStore, account);
+ String userDN = (String) account.getAttribute(LDAPIdentityStore.ENTRY_DN_ATTRIBUTE_NAME).getValue();
if (CREDENTIAL_LOGGER.isDebugEnabled()) {
CREDENTIAL_LOGGER.debugf("Using DN [%s] for authentication of user [%s]", userDN, credentials.getUsername());
}
@@ -48,16 +48,4 @@ public class LDAPKeycloakCredentialHandler extends LDAPPlainTextPasswordCredenti
return false;
}
-
- protected String getDNOfUser(LDAPIdentityStore ldapIdentityStore, Account user) {
- LDAPMappingConfiguration userMappingConfig = ldapIdentityStore.getConfig().getMappingConfig(User.class);
- SearchResult sr = ldapIdentityStore.getOperationManager().lookupById(userMappingConfig.getBaseDN(), user.getId(), userMappingConfig);
-
- if (sr != null) {
- return sr.getNameInNamespace();
- } else {
- // Fallback
- return ldapIdentityStore.getBindingDN(user, true);
- }
- }
}
pom.xml 4(+2 -2)
diff --git a/pom.xml b/pom.xml
index 14ee353..0070920 100755
--- a/pom.xml
+++ b/pom.xml
@@ -20,7 +20,7 @@
<resteasy.version.latest>3.0.9.Final</resteasy.version.latest>
<undertow.version>1.0.15.Final</undertow.version>
<!-- <picketlink.version>2.7.0.CR1-20140924</picketlink.version> -->
- <picketlink.version>2.7.0.CR1</picketlink.version>
+ <picketlink.version>2.7.0.CR2</picketlink.version>
<picketbox.ldap.version>1.0.2.Final</picketbox.ldap.version>
<mongo.driver.version>2.11.3</mongo.driver.version>
<jboss.logging.version>3.1.4.GA</jboss.logging.version>
@@ -252,7 +252,7 @@
</dependency>
<dependency>
<groupId>org.picketlink</groupId>
- <artifactId>picketlink-wildlfy-common</artifactId>
+ <artifactId>picketlink-wildfly-common</artifactId>
<version>${picketlink.version}</version>
</dependency>
<dependency>
testsuite/integration/pom.xml 2(+1 -1)
diff --git a/testsuite/integration/pom.xml b/testsuite/integration/pom.xml
index 6ca12ba..e3db10a 100755
--- a/testsuite/integration/pom.xml
+++ b/testsuite/integration/pom.xml
@@ -215,7 +215,7 @@
</dependency>
<dependency>
<groupId>org.picketlink</groupId>
- <artifactId>picketlink-wildlfy-common</artifactId>
+ <artifactId>picketlink-wildfly-common</artifactId>
<scope>test</scope>
</dependency>
<dependency>
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/rule/LDAPRule.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/rule/LDAPRule.java
index 8cd9793..1c631bb 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/rule/LDAPRule.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/rule/LDAPRule.java
@@ -25,8 +25,9 @@ public class LDAPRule extends ExternalResource {
protected void after() {
try {
embeddedServer.tearDown();
+ embeddedServer = null;
} catch (Exception e) {
- throw new RuntimeException("Error starting Embedded LDAP server.", e);
+ throw new RuntimeException("Error tearDown Embedded LDAP server.", e);
}
}