12 lines
1,022 B
XML
12 lines
1,022 B
XML
|
<chapter id="ldap">
|
||
|
|
<title>LDAP Integration</title>
|
||
|
|
<para>
|
||
|
|
Right now, LDAP server is configured separately for each Realm. Configuration is in admin console in tab <literal>Ldap</literal>
|
||
|
|
under realm settings. It's under URL like <ulink url="http://localhost:8080/auth/admin/keycloak-admin/console/index.html#/realms/YOUR_REALM/ldap-settings">http://localhost:8080/auth/admin/keycloak-admin/console/index.html#/realms/YOUR_REALM/ldap-settings</ulink> .
|
||
|
|
There is nothing like "shared" LDAP server for more realms in Keycloak, but it's planned for the future.
|
||
|
|
</para>
|
||
|
|
<para>
|
||
|
|
LDAP is currently used just for authentication of users done through <literal>PicketlinkAuthenticationProvider</literal> as described <link linkend="authentication-available-providers">here</link> .
|
||
|
|
In the future, we have plan to have full Sync SPI, which will allow one-way or two-way synchronization between LDAP server and Keycloak database including users and roles.
|
||
|
|
</para>
|
||
|
|
</chapter>
|