Propagate Username LDAP Attribute changes to the username mapper to keep mapper and main LDAP storage config in synch.
Closed #27984 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
This commit is contained in:
parent
4ec9fea8f7
commit
9bb2402d3b
1 changed files with 13 additions and 1 deletions
|
@ -23,7 +23,6 @@ import org.keycloak.common.constants.KerberosConstants;
|
|||
import org.keycloak.component.ComponentModel;
|
||||
import org.keycloak.component.ComponentValidationException;
|
||||
import org.keycloak.federation.kerberos.CommonKerberosConfig;
|
||||
import org.keycloak.federation.kerberos.KerberosConfig;
|
||||
import org.keycloak.federation.kerberos.impl.KerberosServerSubjectAuthenticator;
|
||||
import org.keycloak.federation.kerberos.impl.KerberosUsernamePasswordAuthenticator;
|
||||
import org.keycloak.federation.kerberos.impl.SPNEGOAuthenticator;
|
||||
|
@ -473,6 +472,19 @@ public class LDAPStorageProviderFactory implements UserStorageProviderFactory<LD
|
|||
CredentialHelper.setOrReplaceAuthenticationRequirement(session, realm, CredentialRepresentation.KERBEROS,
|
||||
AuthenticationExecutionModel.Requirement.DISABLED, AuthenticationExecutionModel.Requirement.ALTERNATIVE);
|
||||
} // else: keep current settings
|
||||
|
||||
LDAPConfig oldConfig = new LDAPConfig(oldModel.getConfig());
|
||||
LDAPConfig newConfig = new LDAPConfig(newModel.getConfig());
|
||||
if (!oldConfig.getUsernameLdapAttribute().equals(newConfig.getUsernameLdapAttribute())) {
|
||||
// propagate username LDAP attribute change to the username mapper.
|
||||
ComponentModel usernameMapperModel = realm.getComponentsStream(oldModel.getId(), LDAPStorageMapper.class.getName())
|
||||
.filter(mapper -> "username".equals(mapper.getName()))
|
||||
.findFirst().orElse(null);
|
||||
if (usernameMapperModel != null) {
|
||||
usernameMapperModel.getConfig().putSingle(UserAttributeLDAPStorageMapper.LDAP_ATTRIBUTE, newConfig.getUsernameLdapAttribute());
|
||||
realm.updateComponent(usernameMapperModel);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
Loading…
Reference in a new issue