クラス
enum	org.keycloak.storage.ldap.mappers.membership.LDAPGroupMapperMode

パッケージ
package	org.keycloak.storage.ldap.mappers.membership

クラス詳解

◆ org::keycloak::storage::ldap::mappers::membership::LDAPGroupMapperMode

enum org::keycloak::storage::ldap::mappers::membership::LDAPGroupMapperMode

著者: Marek Posolda

org.keycloak.storage.ldap.mappers.membership.LDAPGroupMapperMode 連携図

列挙値

IMPORT

Read-only LDAP mode. Role mappings are retrieved from LDAP for particular user just at the time when he is imported and then they are saved to local keycloak DB. Then all role mappings are always retrieved from keycloak DB, never from LDAP. Creating or deleting of role mapping is propagated only to DB.

This is read-only mode LDAP mode and it's good for performance, but when user is put to some role directly in LDAP, it won't be seen by Keycloak

LDAP_ONLY

All role mappings are retrieved from LDAP and saved into LDAP

READ_ONLY

Read-only LDAP mode. Role mappings are retrieved from both LDAP and DB and merged together. New role grants are not saved to LDAP but to DB. Deleting role mappings, which is mapped to LDAP, will throw an error.

クラス

パッケージ

クラス詳解

◆ org::keycloak::storage::ldap::mappers::membership::LDAPGroupMapperMode