-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
4 changed files
with
68 additions
and
61 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,10 +1,15 @@ | ||
# Keycloak OpenLDAP ppolicy mapper | ||
|
||
This is a plugin for the authentication provider [keycloak](https://keycloak.org). It maps the keycloak account state to OpenLDAP ppolicy attributes. | ||
This is a plugin for the authentication provider [keycloak](https://keycloak.org). It maps the keycloak user's disabled state to the ppolicy `pwdAccountLockedTime` attribute. To properly work, the time set as `pwdLockoutDuration` in the password policy of the affected records should be set in the mapper settings. | ||
|
||
**Warning:** This provider relies on private SPIs which may change at any point without notice. Please test the provider before you update your production deployment. | ||
|
||
## Features | ||
|
||
- Manually enable/disable users in OpenLDAP from Keycloak | ||
- Disable users for the lockout duration if the password policy mandates it (e.g. too many dailed attempts) | ||
|
||
## Deploy from source | ||
|
||
1. To deploy from source, you must first build the plugin. You can use Maven to do so: `mvn clean package`. | ||
2. Copy the target (from the `target` folder) into the `deployments` folder of your keycloak installation. (Typically: `/opt/keycloak/deployments`) | ||
|
||
TODO | ||
2. Copy the target (from the `target` folder) into the `deployments` folder of your keycloak installation. (Typically: `/opt/keycloak/standalone/deployments`) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -10,9 +10,6 @@ | |
|
||
import java.util.List; | ||
|
||
/** | ||
* @author <a href="mailto:[email protected]">Marek Posolda</a> | ||
*/ | ||
public class OpenLDAPppolicyMapperFactory extends AbstractLDAPStorageMapperFactory { | ||
|
||
public static final String PROVIDER_ID = "openldap_ppolicy_mapper"; | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters