[keycloak-user] Add optional LDAP userPassword hashing
BOUVIER Jean-Damien
Jean-Damien.BOUVIER at calvados.fr
Wed Jan 30 06:50:45 EST 2019
Hi all !
My problem is described in the KEYCLOAK-4989 issue, titled < add optional LDAP userPassword hashing >
I'm in the worst case scenario as I use OpenLDAP that doesn't hash password by default and the way it has been installed, I don't have the < ppolicy overlay > available.
So Keycloak sends password in clear text and I thought that I could add specific OpenLDAP configuration to hash the password before.
The LDAP administration has already some specific configuration for AD and I thought that I could start from here. (org.keycloak.storage.ldap.mappers.msad. MSADUserAccountControlStorageMapperFactory for example)
So, I've written my own StorageMapperFactory :
public class OpenLDAPUserAccountControlStorageMapperFactory implements LDAPStorageMapperFactory<LDAPStorageMapper>
That needs these dependencies :
<dependencies>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-core</artifactId>
<version>${version.keycloak}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-services</artifactId>
<version>${version.keycloak}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-server-spi</artifactId>
<version>${version.keycloak}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-ldap-federation</artifactId>
<version>${version.keycloak}</version>
<scope>provided</scope>
</dependency>
</dependencies>
But whenever I try to deploy the jar, I get :
cat hash-password-openldap-provider.jar.failed
{"WFLYCTL0080: Failed services" => {"jboss.deployment.unit.\"hash-password-openldap-provider.jar\".POST_MODULE" => "WFLYSRV0153: Failed to process phase POST_MODULE of deployment \"hash-password-openldap-provider.jar\"
Caused by: java.lang.NoClassDefFoundError: Failed to link fr/calvados/keycloak/storage/ldap/mappers/openldap/OpenLDAPUserAccountControlStorageMapperFactory (Module \"deployment.hash-password-openldap-provider.jar\" from Service Module Loader): org/keycloak/storage/ldap/mappers/LDAPStorageMapperFactory"}}
I probably lack one dependence but I can't find which one as the error message doesn't give a clue and my maven project compiles.
Could you help me to find out what is wrong ?
Regards,
Jean-Damien Bouvier
<a href="http://www.calvados.fr" target="_blank"><img src="https://www.calvados.fr/files/live/sites/calvados/files/signature-departement-calvados.gif" alt="Calvados Département - www.calvados.fr" border=0/></a>
**************************************************************************************************
« Cette transmission contient des informations confidentielles et/ou personnelles
appartenant au conseil départemental du Calvados pour être utilisées exclusivement par le
destinataire. Toute utilisation, reproduction, publication, diffusion en l'état ou
partiellement par une autre personne que le destinataire est interdite, sauf autorisation
expresse du conseil départemental du Calvados. En cas d'erreur de transmission, merci de
détruire le(s) document(s) reçu(s). Le conseil départemental du Calvados n'est pas
responsable des virus, altérations, falsifications.
Droits réservés - conseil départemental du Calvados».
**************************************************************************************************
More information about the keycloak-user
mailing list