Class DefaultSyncConfigImpl
- java.lang.Object
-
- org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncConfig
-
- org.apache.jackrabbit.oak.spi.security.authentication.external.impl.DefaultSyncConfigImpl
-
public class DefaultSyncConfigImpl extends DefaultSyncConfig
DefaultSyncConfig
defines how users and groups from an external source are synced into the repository using theDefaultSyncHandler
.
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from class org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncConfig
DefaultSyncConfig.Authorizable, DefaultSyncConfig.Group, DefaultSyncConfig.User
-
-
Field Summary
-
Fields inherited from class org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncConfig
DEFAULT_NAME
-
-
Constructor Summary
Constructors Constructor Description DefaultSyncConfigImpl()
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static DefaultSyncConfig
of(ConfigurationParameters params)
Creates a new LDAP provider configuration based on the properties store in the given parameters.-
Methods inherited from class org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncConfig
getName, group, setName, user
-
-
-
-
Field Detail
-
PARAM_NAME_DEFAULT
public static final java.lang.String PARAM_NAME_DEFAULT
- See Also:
DefaultSyncConfig.getName()
, Constant Field Values
-
PARAM_NAME
@Property(label="Sync Handler Name", description="Name of this sync configuration. This is used to reference this handler by the login modules.", value="default") public static final java.lang.String PARAM_NAME
- See Also:
DefaultSyncConfig.getName()
, Constant Field Values
-
PARAM_USER_EXPIRATION_TIME_DEFAULT
public static final java.lang.String PARAM_USER_EXPIRATION_TIME_DEFAULT
-
PARAM_USER_EXPIRATION_TIME
@Property(label="User Expiration Time", description="Duration until a synced user gets expired (eg. \'1h 30m\' or \'1d\').", value="1h") public static final java.lang.String PARAM_USER_EXPIRATION_TIME
-
PARAM_USER_AUTO_MEMBERSHIP_DEFAULT
public static final java.lang.String[] PARAM_USER_AUTO_MEMBERSHIP_DEFAULT
-
PARAM_USER_AUTO_MEMBERSHIP
@Property(label="User auto membership", description="List of groups that a synced user is added to automatically", value={}, cardinality=2147483647) public static final java.lang.String PARAM_USER_AUTO_MEMBERSHIP
-
PARAM_USER_PROPERTY_MAPPING_DEFAULT
public static final java.lang.String[] PARAM_USER_PROPERTY_MAPPING_DEFAULT
-
PARAM_USER_PROPERTY_MAPPING
@Property(label="User property mapping", description="List mapping definition of local properties from external ones. eg: \'profile/email=mail\'.Use double quotes for fixed values. eg: \'profile/nt:primaryType=\"nt:unstructured\"", value="rep:fullname=cn", cardinality=2147483647) public static final java.lang.String PARAM_USER_PROPERTY_MAPPING
-
PARAM_USER_PATH_PREFIX_DEFAULT
public static final java.lang.String PARAM_USER_PATH_PREFIX_DEFAULT
-
PARAM_USER_PATH_PREFIX
@Property(label="User Path Prefix", description="The path prefix used when creating new users.", value="") public static final java.lang.String PARAM_USER_PATH_PREFIX
-
PARAM_USER_MEMBERSHIP_EXPIRATION_TIME_DEFAULT
public static final java.lang.String PARAM_USER_MEMBERSHIP_EXPIRATION_TIME_DEFAULT
-
PARAM_USER_MEMBERSHIP_EXPIRATION_TIME
@Property(label="User Membership Expiration", description="Time after which membership expires (eg. \'1h 30m\' or \'1d\'). Note however, that a membership sync is aways bound to a sync of the user.", value="1h") public static final java.lang.String PARAM_USER_MEMBERSHIP_EXPIRATION_TIME
-
PARAM_USER_MEMBERSHIP_NESTING_DEPTH_DEFAULT
public static final int PARAM_USER_MEMBERSHIP_NESTING_DEPTH_DEFAULT
-
PARAM_USER_MEMBERSHIP_NESTING_DEPTH
@Property(label="User membership nesting depth", description="Returns the maximum depth of group nesting when membership relations are synced. A value of 0 effectively disables group membership lookup. A value of 1 only adds the direct groups of a user. This value has no effect when syncing individual groups only when syncing a users membership ancestry.", intValue=0) public static final java.lang.String PARAM_USER_MEMBERSHIP_NESTING_DEPTH
-
PARAM_USER_DYNAMIC_MEMBERSHIP_DEFAULT
public static final boolean PARAM_USER_DYNAMIC_MEMBERSHIP_DEFAULT
-
PARAM_USER_DYNAMIC_MEMBERSHIP
@Property(label="User Dynamic Membership", description="If enabled membership of external identities (user) is no longer fully reflected within the repositories user management.", boolValue=false) public static final java.lang.String PARAM_USER_DYNAMIC_MEMBERSHIP
Configuration option to enable dynamic group membership. If enabled the implementation will no longer synchronized group accounts into the repository but instead will enable a dedicated principal management: This results in external users having their complete principal set as defined external IDP synchronized to the repository asserting proper population of theSubject
upon login. Please note that the external groups are reflected through the built-in principal management and thus can be retrieved for authorization purposes. However, the information is no longer reflected through the Jackrabbit user management API.
-
PARAM_USER_ENFORCE_DYNAMIC_MEMBERSHIP_DEFAULT
public static final boolean PARAM_USER_ENFORCE_DYNAMIC_MEMBERSHIP_DEFAULT
-
PARAM_USER_ENFORCE_DYNAMIC_MEMBERSHIP
@Property(label="User Enforce Dynamic Membership", description="If enabled dynamic membership will be enforced for previously synchronized users. Note, that this option has no effect if \'dynamic membership\' is disabled.", boolValue=false) public static final java.lang.String PARAM_USER_ENFORCE_DYNAMIC_MEMBERSHIP
Configuration option to enforce dynamic group membership upon user sync. If enabled the implementation will clean up previous synchronized membership information that is not yet dynamic.
-
PARAM_DISABLE_MISSING_USERS_DEFAULT
public static final boolean PARAM_DISABLE_MISSING_USERS_DEFAULT
-
PARAM_DISABLE_MISSING_USERS
@Property(label="Disable missing users", description="If true, users that no longer exist on the external provider will be locally disabled, and re-enabled if they become valid again. If false (default) they will be removed.", boolValue=false) public static final java.lang.String PARAM_DISABLE_MISSING_USERS
-
PARAM_GROUP_EXPIRATION_TIME_DEFAULT
public static final java.lang.String PARAM_GROUP_EXPIRATION_TIME_DEFAULT
-
PARAM_GROUP_EXPIRATION_TIME
@Property(label="Group Expiration Time", description="Duration until a synced group expires (eg. \'1h 30m\' or \'1d\').", value="1d") public static final java.lang.String PARAM_GROUP_EXPIRATION_TIME
-
PARAM_GROUP_AUTO_MEMBERSHIP_DEFAULT
public static final java.lang.String[] PARAM_GROUP_AUTO_MEMBERSHIP_DEFAULT
-
PARAM_GROUP_AUTO_MEMBERSHIP
@Property(label="Group auto membership", description="List of groups that a synced group is added to automatically", value={}, cardinality=2147483647) public static final java.lang.String PARAM_GROUP_AUTO_MEMBERSHIP
-
PARAM_GROUP_PROPERTY_MAPPING_DEFAULT
public static final java.lang.String[] PARAM_GROUP_PROPERTY_MAPPING_DEFAULT
-
PARAM_GROUP_PROPERTY_MAPPING
@Property(label="Group property mapping", description="List mapping definition of local properties from external ones.", value={}, cardinality=2147483647) public static final java.lang.String PARAM_GROUP_PROPERTY_MAPPING
-
PARAM_GROUP_PATH_PREFIX_DEFAULT
public static final java.lang.String PARAM_GROUP_PATH_PREFIX_DEFAULT
-
PARAM_GROUP_PATH_PREFIX
@Property(label="Group Path Prefix", description="The path prefix used when creating new groups.", value="") public static final java.lang.String PARAM_GROUP_PATH_PREFIX
-
PARAM_GROUP_DYNAMIC_GROUPS_DEFAULT
public static final boolean PARAM_GROUP_DYNAMIC_GROUPS_DEFAULT
-
PARAM_GROUP_DYNAMIC_GROUPS
@Property(label="Dynamic Groups", description="If enabled external identity groups are synchronized as dynamic groups i.e. members/membership is resolved dynamically by a DynamicMembershipProvider. Note: currently this option only takes effect if \'User Dynamic Membership\' is enabled.", boolValue=false) public static final java.lang.String PARAM_GROUP_DYNAMIC_GROUPS
-
PARAM_ENABLE_RFC7613_USERCASE_MAPPED_PROFILE_DEFAULT
public static final boolean PARAM_ENABLE_RFC7613_USERCASE_MAPPED_PROFILE_DEFAULT
Default value forPARAM_ENABLE_RFC7613_USERCASE_MAPPED_PROFILE
- See Also:
- Constant Field Values
-
PARAM_ENABLE_RFC7613_USERCASE_MAPPED_PROFILE
@Property(label="RFC7613 Username Normalization Profile", description="Enable the UsercaseMappedProfile defined in RFC7613 for username normalization.", boolValue=false) public static final java.lang.String PARAM_ENABLE_RFC7613_USERCASE_MAPPED_PROFILE
-
-
Method Detail
-
of
public static DefaultSyncConfig of(ConfigurationParameters params)
Creates a new LDAP provider configuration based on the properties store in the given parameters.- Parameters:
params
- the configuration parameters.- Returns:
- the config
-
-