[keycloak-user] Ldap integration via Keycloak admin client api
Marek Posolda
mposolda at redhat.com
Tue Mar 21 04:21:04 EDT 2017
It's the opposite. In latest version there is no userFederationProvider,
but instead there is userStorageProvider. Those are created through
components.
See the admin console and check how the request to create new
userStorage provider should looks like. Or you can look at our testsuite
- for example UserStorageTest.
Marek
On 21/03/17 09:09, Nabeel Ahmed wrote:
> So following is the code that i am trying execute but getting response
> 404.
>
> UserFederationProviderRepresentation uf = new
> UserFederationProviderRepresentation();
> uf.setDisplayName("ldap-NP1FSM0991V");
> uf.setProviderName("ldap");
> uf.setPriority(1);
> uf.setFullSyncPeriod(-1);
> uf.setChangedSyncPeriod(-1);
> Map<String, String> config = new HashMap<String, String>();
> config.put("pagination", "true");
> config.put("debug", "false");
> config.put("searchScope", "1");
> config.put("connectionPooling", "true");
> //config.put("syncRegistrations", "true");
> config.put("usersDn", "CN=Users,DC=rdx,DC=lgc,DC=com");
> config.put("userObjectClasses", "person, organizationalPerson, user");
> config.put("usernameLDAPAttribute", "cn");
> config.put("rdnLDAPAttribute", "cn");
> config.put("uuidLDAPAttribute", "objectGUID");
> config.put("baseCtxDN", "CN=Users,DC=rdx,DC=lgc,DC=com");
> config.put("rolesCtxDN", "CN=Users,DC=rdx,DC=lgc,DC=com");
> config.put("bindDn", "CN=Data Server,CN=Users,DC=rdx,DC=lgc,DC=com");
> config.put("bindCredential", "123456");
> config.put("vendor", "Active Directory");
> config.put("editMode", "READ_ONLY");
> config.put("connectionUrl", "ldap://[someserver]:389");
> config.put("authType", "simple");
> uf.setConfig(config);
> Response response = kc.realm("DSISRealm").userFederation().create(uf);
>
> Response Status: 404
>
> Please help
>
> Regards,
>
> Nabeel Ahmed
> Cell # +92 333 540 5542
>
> On Tue, Mar 21, 2017 at 12:41 PM, Nabeel Ahmed <mr.beel at gmail.com
> <mailto:mr.beel at gmail.com>> wrote:
>
> since i am using 2.4.0.Final version and i guess it has been
> changed to UserFederationProvider now.
>
> Regards,
>
> Nabeel Ahmed
> Cell # +92 333 540 5542
>
> On Tue, Mar 21, 2017 at 12:25 PM, Nabeel Ahmed <mr.beel at gmail.com
> <mailto:mr.beel at gmail.com>> wrote:
>
> I want to add LDAP storage provider using admin client api.
>
>
> On 21 Mar 2017 12:10 p.m., "Marek Posolda"
> <mposolda at redhat.com <mailto:mposolda at redhat.com>> wrote:
>
> Do you want to update LDAP provider with admin client?
> That's possible as everything, which is doable in admin
> console, is doable with admin client too.
>
> Or do you want to authenticate as LDAP user with the admin
> client? Admin client supports authenticating of Keycloak
> users or service accounts. So you will need to add LDAP
> user storage provider in one of your realms (either master
> or some other) and put some LDAP users into admin roles
> (or configure role mappings from LDAP with LDAP role
> mappers) and then you can authenticate to adminClient with
> username/password from LDAP.
>
> Marek
>
> On 20/03/17 09:39, Nabeel Ahmed wrote:
>
> HI Everyone,
>
> I am looking for some example to integrate LDAP via
> keycloak admin client
> api..
> Any help is appreciated.
>
> Regards,
>
> Nabeel Ahmed
> Cell # +92 333 540 5542 <tel:%2B92%20333%20540%205542>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> <mailto:keycloak-user at lists.jboss.org>
> https://lists.jboss.org/mailman/listinfo/keycloak-user
> <https://lists.jboss.org/mailman/listinfo/keycloak-user>
>
>
>
>
>
More information about the keycloak-user
mailing list