org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager 連携図

クラス
interface	LdapOperation

公開メンバ関数
	LDAPOperationManager (LDAPConfig config) throws NamingException

void	modifyAttribute (String dn, Attribute attribute)

void	modifyAttributes (String dn, NamingEnumeration< Attribute > attributes)

void	removeAttribute (String dn, Attribute attribute)

void	addAttribute (String dn, Attribute attribute)

void	removeEntry (final String entryDn)

String	renameEntry (String oldDn, String newDn, boolean fallback)

List< SearchResult >	search (final String baseDN, final String filter, Collection< String > returningAttributes, int searchScope) throws NamingException

List< SearchResult >	searchPaginated (final String baseDN, final String filter, final LDAPQuery identityQuery) throws NamingException

String	getFilterById (String id)

SearchResult	lookupById (final String baseDN, final String id, final Collection< String > returningAttributes)

void	authenticate (String dn, String password) throws AuthenticationException

void	modifyAttributes (final String dn, final ModificationItem[] mods, LDAPOperationDecorator decorator)

void	createSubContext (final String name, final Attributes attributes)

Attributes	getAttributes (final String entryUUID, final String baseDN, Set< String > returningAttributes)

String	decodeEntryUUID (final Object entryUUID)

関数
private< R > R	execute (LdapOperation< R > operation) throws NamingException

private< R > R	execute (LdapOperation< R > operation, LDAPOperationDecorator decorator) throws NamingException

非公開メンバ関数
String	findNextDNForFallback (String newDn, int counter)

SearchControls	getSearchControls (Collection< String > returningAttributes, int searchScope)

void	destroySubcontext (LdapContext context, final String dn)

String	getUuidAttributeName ()

LdapContext	createLdapContext () throws NamingException

Map< String, Object >	createConnectionProperties ()

Set< String >	getReturningAttributes (final Collection< String > returningAttributes)

非公開変数類
final LDAPConfig	config

final Map< String, Object >	connectionProperties

静的非公開変数類
static final Logger	logger = Logger.getLogger(LDAPOperationManager.class)

static final Logger	perfLogger = Logger.getLogger(LDAPOperationManager.class, "perf")

詳解

This class provides a set of operations to manage LDAP trees.

著者: Anil Saldhana; Pedro Silva

構築子と解体子

◆ LDAPOperationManager()

org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager.LDAPOperationManager ( LDAPConfig config ) throws NamingException

inline

                                                                           {
         this.config = config;
         this.connectionProperties = Collections.unmodifiableMap(createConnectionProperties());
     }

関数詳解

◆ addAttribute()

void org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager.addAttribute	(	String	dn,
		Attribute	attribute
	)

inline

Adds the given Attribute instance using the given DN. This method performs a ADD_ATTRIBUTE operation.

引数

dn
attribute

                                                              {
         ModificationItem[] mods = new ModificationItem[]{new ModificationItem(DirContext.ADD_ATTRIBUTE, attribute)};
         modifyAttributes(dn, mods, null);
     }

◆ authenticate()

void org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager.authenticate	(	String	dn,
		String	password
	)		throws AuthenticationException

inline

Performs a simple authentication using the given DN and password to bind to the authentication context.

引数

dn
password

例外

AuthenticationException if authentication is not successful

                                                                                         {
         InitialContext authCtx = null;
 
         try {
             if (password == null || password.isEmpty()) {
                 throw new AuthenticationException("Empty password used");
             }
 
             Hashtable<String, Object> env = new Hashtable<String, Object>(this.connectionProperties);
 
             env.put(Context.SECURITY_AUTHENTICATION, LDAPConstants.AUTH_TYPE_SIMPLE);
             env.put(Context.SECURITY_PRINCIPAL, dn);
             env.put(Context.SECURITY_CREDENTIALS, password);
 
             // Never use connection pool to prevent password caching
             env.put("com.sun.jndi.ldap.connect.pool", "false");
 
             authCtx = new InitialLdapContext(env, null);
 
         } catch (AuthenticationException ae) {
             if (logger.isDebugEnabled()) {
                 logger.debugf(ae, "Authentication failed for DN [%s]", dn);
             }
 
             throw ae;
         } catch (Exception e) {
             logger.errorf(e, "Unexpected exception when validating password of DN [%s]", dn);
             throw new AuthenticationException("Unexpected exception when validating password of user");
         } finally {
             if (authCtx != null) {
                 try {
                     authCtx.close();
                 } catch (NamingException e) {
 
                 }
             }
         }
     }

◆ createConnectionProperties()

Map<String, Object> org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager.createConnectionProperties ( )

inlineprivate

                                                              {
         HashMap<String, Object> env = new HashMap<String, Object>();
 
         String authType = this.config.getAuthType();
         env.put(Context.INITIAL_CONTEXT_FACTORY, this.config.getFactoryName());
         env.put(Context.SECURITY_AUTHENTICATION, authType);
 
         String bindDN = this.config.getBindDN();
 
         char[] bindCredential = null;
 
         if (this.config.getBindCredential() != null) {
             bindCredential = this.config.getBindCredential().toCharArray();
         }
 
         if (!LDAPConstants.AUTH_TYPE_NONE.equals(authType)) {
             env.put(Context.SECURITY_PRINCIPAL, bindDN);
             env.put(Context.SECURITY_CREDENTIALS, bindCredential);
         }
 
         String url = this.config.getConnectionUrl();
 
         if (url != null) {
             env.put(Context.PROVIDER_URL, url);
         } else {
             logger.warn("LDAP URL is null. LDAPOperationManager won't work correctly");
         }
 
         String useTruststoreSpi = this.config.getUseTruststoreSpi();
         LDAPConstants.setTruststoreSpiIfNeeded(useTruststoreSpi, url, env);
 
         String connectionPooling = this.config.getConnectionPooling();
         if (connectionPooling != null) {
             env.put("com.sun.jndi.ldap.connect.pool", connectionPooling);
         }
 
         String connectionTimeout = config.getConnectionTimeout();
         if (connectionTimeout != null && !connectionTimeout.isEmpty()) {
             env.put("com.sun.jndi.ldap.connect.timeout", connectionTimeout);
         }
 
         String readTimeout = config.getReadTimeout();
         if (readTimeout != null && !readTimeout.isEmpty()) {
             env.put("com.sun.jndi.ldap.read.timeout", readTimeout);
         }
 
         // Just dump the additional properties
         Properties additionalProperties = this.config.getAdditionalConnectionProperties();
         if (additionalProperties != null) {
             for (Object key : additionalProperties.keySet()) {
                 env.put(key.toString(), additionalProperties.getProperty(key.toString()));
             }
         }
 
         StringBuilder binaryAttrsBuilder = new StringBuilder();
         if (this.config.isObjectGUID()) {
             binaryAttrsBuilder.append(LDAPConstants.OBJECT_GUID).append(" ");
         }
         for (String attrName : config.getBinaryAttributeNames()) {
             binaryAttrsBuilder.append(attrName).append(" ");
         }
 
         String binaryAttrs = binaryAttrsBuilder.toString().trim();
         if (!binaryAttrs.isEmpty()) {
             env.put("java.naming.ldap.attributes.binary", binaryAttrs);
         }
 
         if (logger.isDebugEnabled()) {
             Map<String, Object> copyEnv = new HashMap<>(env);
             if (copyEnv.containsKey(Context.SECURITY_CREDENTIALS)) {
                 copyEnv.put(Context.SECURITY_CREDENTIALS, "**************************************");
             }
             logger.debugf("Creating LdapContext using properties: [%s]", copyEnv);
         }
 
         return env;
     }

◆ createLdapContext()

LdapContext org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager.createLdapContext ( ) throws NamingException

inlineprivate

                                                                    {
         return new InitialLdapContext(new Hashtable<Object, Object>(this.connectionProperties), null);
     }

◆ createSubContext()

void org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager.createSubContext	(	final String	name,
		final Attributes	attributes
	)

inline

                                                                                  {
         try {
             if (logger.isTraceEnabled()) {
                 logger.tracef("Creating entry [%s] with attributes: [", name);
 
                 NamingEnumeration<? extends Attribute> all = attributes.getAll();
 
                 while (all.hasMore()) {
                     Attribute attribute = all.next();
 
                     String attrName = attribute.getID().toUpperCase();
                     Object attrVal = attribute.get();
                     if (attrName.contains("PASSWORD") || attrName.contains("UNICODEPWD")) {
                         attrVal = "********************";
                     }
 
                     logger.tracef("  %s = %s", attribute.getID(), attrVal);
                 }
 
                 logger.tracef("]");
             }
 
             execute(new LdapOperation<Void>() {
                 @Override
                 public Void execute(LdapContext context) throws NamingException {
                     DirContext subcontext = context.createSubcontext(name, attributes);
 
                     subcontext.close();
 
                     return null;
                 }
 
 
                 @Override
                 public String toString() {
                     return new StringBuilder("LdapOperation: create\n")
                             .append(" dn: ").append(name).append("\n")
                             .append(" attributesSize: ").append(attributes.size())
                             .toString();
                 }
 
             });
         } catch (NamingException e) {
             throw new ModelException("Error creating subcontext [" + name + "]", e);
         }
     }

◆ decodeEntryUUID()

String org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager.decodeEntryUUID ( final Object entryUUID )

inline

                                                           {
         String id;
         if (this.config.isObjectGUID() && entryUUID instanceof byte[]) {
             id = LDAPUtil.decodeObjectGUID((byte[]) entryUUID);
         } else {
             id = entryUUID.toString();
         }
 
         return id;
     }

◆ destroySubcontext()

void org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager.destroySubcontext	(	LdapContext	context,
		final String	dn
	)

inlineprivate

Destroys a subcontext with the given DN from the LDAP tree.

引数

dn

                                                                          {
         try {
             NamingEnumeration<Binding> enumeration = null;
 
             try {
                 enumeration = context.listBindings(dn);
 
                 while (enumeration.hasMore()) {
                     Binding binding = enumeration.next();
                     String name = binding.getNameInNamespace();
 
                     destroySubcontext(context, name);
                 }
 
                 context.unbind(dn);
             } finally {
                 try {
                     enumeration.close();
                 } catch (Exception e) {
                 }
             }
         } catch (Exception e) {
             throw new ModelException("Could not unbind DN [" + dn + "]", e);
         }
     }

◆ execute() [1/2]

private<R> R org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager.execute ( LdapOperation< R > operation ) throws NamingException

inlinepackage

                                                                              {
         return execute(operation, null);
     }

◆ execute() [2/2]

private<R> R org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager.execute	(	LdapOperation< R >	operation,
		LDAPOperationDecorator	decorator
	)		throws NamingException

inlinepackage

                                                                                                                {
         LdapContext context = null;
         Long start = null;
 
         try {
             if (perfLogger.isDebugEnabled()) {
                 start = Time.currentTimeMillis();
             }
 
             context = createLdapContext();
             if (decorator != null) {
                 decorator.beforeLDAPOperation(context, operation);
             }
 
             return operation.execute(context);
         } finally {
             if (context != null) {
                 try {
                     context.close();
                 } catch (NamingException ne) {
                     logger.error("Could not close Ldap context.", ne);
                 }
             }
 
             if (perfLogger.isDebugEnabled()) {
                 long took = Time.currentTimeMillis() - start;
 
                 if (took > 100) {
                     perfLogger.debugf("\n%s\ntook: %d ms\n", operation.toString(), took);
                 } else if (perfLogger.isTraceEnabled()) {
                     perfLogger.tracef("\n%s\ntook: %d ms\n", operation.toString(), took);
                 }
             }
         }
     }

◆ findNextDNForFallback()

String org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager.findNextDNForFallback	(	String	newDn,
		int	counter
	)

inlineprivate

                                                                     {
         LDAPDn dn = LDAPDn.fromString(newDn);
         String rdnAttrName = dn.getFirstRdnAttrName();
         String rdnAttrVal = dn.getFirstRdnAttrValue();
         LDAPDn parentDn = dn.getParentDn();
         parentDn.addFirst(rdnAttrName, rdnAttrVal + counter);
         return parentDn.toString();
     }

◆ getAttributes()

Attributes org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager.getAttributes	(	final String	entryUUID,
		final String	baseDN,
		Set< String >	returningAttributes
	)

inline

                                                                                                                   {
         SearchResult search = lookupById(baseDN, entryUUID, returningAttributes);
 
         if (search == null) {
             throw new ModelException("Couldn't find item with ID [" + entryUUID + " under base DN [" + baseDN + "]");
         }
 
         return search.getAttributes();
     }

◆ getFilterById()

String org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager.getFilterById ( String id )

inline

                                            {
         String filter = null;
 
         if (this.config.isObjectGUID()) {
             final String strObjectGUID = "<GUID=" + id + ">";
 
             try {
                 Attributes attributes = execute(new LdapOperation<Attributes>() {
 
                     @Override
                     public Attributes execute(LdapContext context) throws NamingException {
                         return context.getAttributes(strObjectGUID);
                     }
 
 
                     @Override
                     public String toString() {
                         return new StringBuilder("LdapOperation: GUIDResolve\n")
                                 .append(" strObjectGUID: ").append(strObjectGUID)
                                 .toString();
                     }
 
 
                 });
 
                 byte[] objectGUID = (byte[]) attributes.get(LDAPConstants.OBJECT_GUID).get();
 
                 filter = "(&(objectClass=*)(" + getUuidAttributeName() + LDAPConstants.EQUAL + LDAPUtil.convertObjectGUIToByteString(objectGUID) + "))";
             } catch (NamingException ne) {
                 filter = null;
             }
         }
 
         if (filter == null) {
             filter = "(&(objectClass=*)(" + getUuidAttributeName() + LDAPConstants.EQUAL + id + "))";
         }
 
         if (logger.isTraceEnabled()) {
             logger.tracef("Using filter for lookup user by LDAP ID: %s", filter);
         }
 
         return filter;
     }

◆ getReturningAttributes()

Set<String> org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager.getReturningAttributes ( final Collection< String > returningAttributes )

inlineprivate

                                                                                              {
         Set<String> result = new HashSet<String>();
 
         result.addAll(returningAttributes);
         result.add(getUuidAttributeName());
         result.add(LDAPConstants.OBJECT_CLASS);
 
         return result;
     }

◆ getSearchControls()

SearchControls org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager.getSearchControls	(	Collection< String >	returningAttributes,
		int	searchScope
	)

inlineprivate

                                                                                                       {
         final SearchControls cons = new SearchControls();
 
         cons.setSearchScope(searchScope);
         cons.setReturningObjFlag(false);
 
         returningAttributes = getReturningAttributes(returningAttributes);
 
         cons.setReturningAttributes(returningAttributes.toArray(new String[returningAttributes.size()]));
         return cons;
     }

◆ getUuidAttributeName()

String org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager.getUuidAttributeName ( )

inlineprivate

                                           {
         return this.config.getUuidLDAPAttributeName();
     }

◆ lookupById()

SearchResult org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager.lookupById	(	final String	baseDN,
		final String	id,
		final Collection< String >	returningAttributes
	)

inline

                                                                                                                        {
         final String filter = getFilterById(id);
 
         try {
             final SearchControls cons = getSearchControls(returningAttributes, this.config.getSearchScope());
 
             return execute(new LdapOperation<SearchResult>() {
 
                 @Override
                 public SearchResult execute(LdapContext context) throws NamingException {
                     NamingEnumeration<SearchResult> search = context.search(baseDN, filter, cons);
 
                     try {
                         if (search.hasMoreElements()) {
                             return search.next();
                         }
                     } finally {
                         if (search != null) {
                             search.close();
                         }
                     }
 
                     return null;
                 }
 
 
                 @Override
                 public String toString() {
                     return new StringBuilder("LdapOperation: lookupById\n")
                             .append(" baseDN: ").append(baseDN).append("\n")
                             .append(" filter: ").append(filter).append("\n")
                             .append(" searchScope: ").append(cons.getSearchScope()).append("\n")
                             .append(" returningAttrs: ").append(returningAttributes)
                             .toString();
                 }
 
             });
         } catch (NamingException e) {
             throw new ModelException("Could not query server using DN [" + baseDN + "] and filter [" + filter + "]", e);
         }
     }

◆ modifyAttribute()

void org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager.modifyAttribute	(	String	dn,
		Attribute	attribute
	)

inline

Modifies the given javax.naming.directory.Attribute instance using the given DN. This method performs a REPLACE_ATTRIBUTE operation.

引数

dn
attribute

                                                                 {
         ModificationItem[] mods = new ModificationItem[]{new ModificationItem(DirContext.REPLACE_ATTRIBUTE, attribute)};
         modifyAttributes(dn, mods, null);
     }

◆ modifyAttributes() [1/2]

void org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager.modifyAttributes	(	String	dn,
		NamingEnumeration< Attribute >	attributes
	)

inline

Modifies the given Attribute instances using the given DN. This method performs a REPLACE_ATTRIBUTE operation.

引数

dn
attributes

                                                                                       {
         try {
             List<ModificationItem> modItems = new ArrayList<ModificationItem>();
             while (attributes.hasMore()) {
                 ModificationItem modItem = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, attributes.next());
                 modItems.add(modItem);
             }
 
             modifyAttributes(dn, modItems.toArray(new ModificationItem[] {}), null);
         } catch (NamingException ne) {
             throw new ModelException("Could not modify attributes on entry from DN [" + dn + "]", ne);
         }
 
     }

◆ modifyAttributes() [2/2]

void org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager.modifyAttributes	(	final String	dn,
		final ModificationItem []	mods,
		LDAPOperationDecorator	decorator
	)

inline

                                                                                                                    {
         try {
             if (logger.isTraceEnabled()) {
                 logger.tracef("Modifying attributes for entry [%s]: [", dn);
 
                 for (ModificationItem item : mods) {
                     Object values;
 
                     if (item.getAttribute().size() > 0) {
                         values = item.getAttribute().get();
                     } else {
                         values = "No values";
                     }
 
                     String attrName = item.getAttribute().getID().toUpperCase();
                     if (attrName.contains("PASSWORD") || attrName.contains("UNICODEPWD")) {
                         values = "********************";
                     }
 
                     logger.tracef("  Op [%s]: %s = %s", item.getModificationOp(), item.getAttribute().getID(), values);
                 }
 
                 logger.tracef("]");
             }
 
             execute(new LdapOperation<Void>() {
 
                 @Override
                 public Void execute(LdapContext context) throws NamingException {
                     context.modifyAttributes(dn, mods);
                     return null;
                 }
 
 
                 @Override
                 public String toString() {
                     return new StringBuilder("LdapOperation: modify\n")
                             .append(" dn: ").append(dn).append("\n")
                             .append(" modificationsSize: ").append(mods.length)
                             .toString();
                 }
 
 
             }, decorator);
         } catch (NamingException e) {
             throw new ModelException("Could not modify attribute for DN [" + dn + "]", e);
         }
     }

◆ removeAttribute()

void org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager.removeAttribute	(	String	dn,
		Attribute	attribute
	)

inline

Removes the given Attribute instance using the given DN. This method performs a REMOVE_ATTRIBUTE operation.

引数

dn
attribute

                                                                 {
         ModificationItem[] mods = new ModificationItem[]{new ModificationItem(DirContext.REMOVE_ATTRIBUTE, attribute)};
         modifyAttributes(dn, mods, null);
     }

◆ removeEntry()

void org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager.removeEntry ( final String entryDn )

inline

Removes the object from the LDAP tree

                                                   {
         try {
             execute(new LdapOperation<SearchResult>() {
 
                 @Override
                 public SearchResult execute(LdapContext context) throws NamingException {
                     if (logger.isTraceEnabled()) {
                         logger.tracef("Removing entry with DN [%s]", entryDn);
                     }
                     destroySubcontext(context, entryDn);
                     return null;
                 }
 
 
                 @Override
                 public String toString() {
                     return new StringBuilder("LdapOperation: remove\n")
                             .append(" dn: ").append(entryDn)
                             .toString();
                 }
 
             });
         } catch (NamingException e) {
             throw new ModelException("Could not remove entry from DN [" + entryDn + "]", e);
         }
     }

◆ renameEntry()

String org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager.renameEntry	(	String	oldDn,
		String	newDn,
		boolean	fallback
	)

inline

Rename LDAPObject name (DN)

引数

oldDn
newDn
fallback	With fallback=true, we will try to find the another DN in case of conflict. For example if there is an attempt to rename to "CN=John Doe", but there is already existing "CN=John Doe", we will try "CN=John Doe0"

戻り値: the non-conflicting DN, which was used in the end

                                                                             {
         try {
             String newNonConflictingDn = execute(new LdapOperation<String>() {
 
                 @Override
                 public String execute(LdapContext context) throws NamingException {
                     String dn = newDn;
 
                     // Max 5 attempts for now
                     int max = 5;
                     for (int i=0 ; i<max ; i++) {
                         try {
                             context.rename(oldDn, dn);
                             return dn;
                         } catch (NameAlreadyBoundException ex) {
                             if (!fallback) {
                                 throw ex;
                             } else {
                                 String failedDn = dn;
                                 if (i<max) {
                                     dn = findNextDNForFallback(newDn, i);
                                     logger.warnf("Failed to rename DN [%s] to [%s]. Will try to fallback to DN [%s]", oldDn, failedDn, dn);
                                 } else {
                                     logger.warnf("Failed all fallbacks for renaming [%s]", oldDn);
                                     throw ex;
                                 }
                             }
                         }
                     }
 
                     throw new ModelException("Could not rename entry from DN [" + oldDn + "] to new DN [" + newDn + "]. All fallbacks failed");
                 }
 
 
                 @Override
                 public String toString() {
                     return new StringBuilder("LdapOperation: renameEntry\n")
                             .append(" oldDn: ").append(oldDn).append("\n")
                             .append(" newDn: ").append(newDn)
                             .toString();
                 }
 
             });
             return newNonConflictingDn;
         } catch (NamingException e) {
             throw new ModelException("Could not rename entry from DN [" + oldDn + "] to new DN [" + newDn + "]", e);
         }
     }

◆ search()

List<SearchResult> org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager.search	(	final String	baseDN,
		final String	filter,
		Collection< String >	returningAttributes,
		int	searchScope
	)		throws NamingException

inline

                                                                                                                                                                {
         final List<SearchResult> result = new ArrayList<SearchResult>();
         final SearchControls cons = getSearchControls(returningAttributes, searchScope);
 
         try {
             return execute(new LdapOperation<List<SearchResult>>() {
                 @Override
                 public List<SearchResult> execute(LdapContext context) throws NamingException {
                     NamingEnumeration<SearchResult> search = context.search(baseDN, filter, cons);
 
                     while (search.hasMoreElements()) {
                         result.add(search.nextElement());
                     }
 
                     search.close();
 
                     return result;
                 }
 
 
                 @Override
                 public String toString() {
                     return new StringBuilder("LdapOperation: search\n")
                             .append(" baseDn: ").append(baseDN).append("\n")
                             .append(" filter: ").append(filter).append("\n")
                             .append(" searchScope: ").append(searchScope).append("\n")
                             .append(" returningAttrs: ").append(returningAttributes).append("\n")
                             .append(" resultSize: ").append(result.size())
                             .toString();
                 }
 
 
             });
         } catch (NamingException e) {
             logger.errorf(e, "Could not query server using DN [%s] and filter [%s]", baseDN, filter);
             throw e;
         }
     }

◆ searchPaginated()

List<SearchResult> org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager.searchPaginated	(	final String	baseDN,
		final String	filter,
		final LDAPQuery	identityQuery
	)		throws NamingException

inline

                                                                                                                                               {
         final List<SearchResult> result = new ArrayList<SearchResult>();
         final SearchControls cons = getSearchControls(identityQuery.getReturningLdapAttributes(), identityQuery.getSearchScope());
 
         try {
             return execute(new LdapOperation<List<SearchResult>>() {
 
                 @Override
                 public List<SearchResult> execute(LdapContext context) throws NamingException {
                     try {
                         byte[] cookie = identityQuery.getPaginationContext();
                         PagedResultsControl pagedControls = new PagedResultsControl(identityQuery.getLimit(), cookie, Control.CRITICAL);
                         context.setRequestControls(new Control[] { pagedControls });
 
                         NamingEnumeration<SearchResult> search = context.search(baseDN, filter, cons);
 
                         while (search.hasMoreElements()) {
                             result.add(search.nextElement());
                         }
 
                         search.close();
 
                         Control[] responseControls = context.getResponseControls();
                         if (responseControls != null) {
                             for (Control respControl : responseControls) {
                                 if (respControl instanceof PagedResultsResponseControl) {
                                     PagedResultsResponseControl prrc = (PagedResultsResponseControl)respControl;
                                     cookie = prrc.getCookie();
                                     identityQuery.setPaginationContext(cookie);
                                 }
                             }
                         }
 
                         return result;
                     } catch (IOException ioe) {
                         logger.errorf(ioe, "Could not query server with paginated query using DN [%s], filter [%s]", baseDN, filter);
                         throw new NamingException(ioe.getMessage());
                     }
                 }
 
 
                 @Override
                 public String toString() {
                     return new StringBuilder("LdapOperation: searchPaginated\n")
                             .append(" baseDn: ").append(baseDN).append("\n")
                             .append(" filter: ").append(filter).append("\n")
                             .append(" searchScope: ").append(identityQuery.getSearchScope()).append("\n")
                             .append(" returningAttrs: ").append(identityQuery.getReturningLdapAttributes()).append("\n")
                             .append(" limit: ").append(identityQuery.getLimit()).append("\n")
                             .append(" resultSize: ").append(result.size())
                             .toString();
                 }
 
             });
         } catch (NamingException e) {
             logger.errorf(e, "Could not query server using DN [%s] and filter [%s]", baseDN, filter);
             throw e;
         }
     }

メンバ詳解

◆ config

final LDAPConfig org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager.config

private

◆ connectionProperties

final Map<String, Object> org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager.connectionProperties

private

◆ logger

final Logger org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager.logger = Logger.getLogger(LDAPOperationManager.class)

staticprivate

◆ perfLogger

final Logger org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager.perfLogger = Logger.getLogger(LDAPOperationManager.class, "perf")

staticprivate

このクラス詳解は次のファイルから抽出されました:

D:/AppData/doxygen/keycloak/src/keycloak/src/main/java/org/keycloak/storage/ldap/idm/store/ldap/LDAPOperationManager.java

クラス

公開メンバ関数

関数

非公開メンバ関数

非公開変数類

静的非公開変数類

詳解

構築子と解体子

◆ LDAPOperationManager()

関数詳解

◆ addAttribute()

◆ authenticate()

◆ createConnectionProperties()

◆ createLdapContext()

◆ createSubContext()

◆ decodeEntryUUID()

◆ destroySubcontext()

◆ execute() [1/2]

◆ execute() [2/2]

◆ findNextDNForFallback()

◆ getAttributes()

◆ getFilterById()

◆ getReturningAttributes()

◆ getSearchControls()

◆ getUuidAttributeName()

◆ lookupById()

◆ modifyAttribute()

◆ modifyAttributes() [1/2]

◆ modifyAttributes() [2/2]

◆ removeAttribute()

◆ removeEntry()

◆ renameEntry()

◆ search()

◆ searchPaginated()

メンバ詳解

◆ config

◆ connectionProperties

◆ logger

◆ perfLogger