Good morning,
we just started implementing a custom ldap mapper for Keycloak 19.0.3 which queries another system involving authentication with this system by passing credentials configured in the mapper’s configuration.
When there’s a problem with the credentials, we would like to disable the execution of the mapper by setting a “enabled” config property to “false”.
This property can also be set via mapper configuration UI, so if the mapper is disabled programmatically, the admin can re-enable it (after the credentials were fixed).
The configuration is created like this
ProviderConfigurationBuilder.create()
.property()
.name(MyGroupMapperConfig.ENABLED)
.label(LABEL_ENABLED)
.helpText("Mapper can be disabled. This happens automatically when invalid credentials are detected to prevent user lockout.")
.type(ProviderConfigProperty.BOOLEAN_TYPE)
.defaultValue("true")
.add()
.build();
and we disable the mapper like this
componentModel.getConfig().putSingle(ENABLED, "false");
This works as long as the mapper is not recreated (e.g. while the complete full sync run) but is not persisted to the mapper’s configuration.
I tried to get some docs about how to persist the configuration but it boils down to retrieving a ComponentEntity
/ ComponentConfigEntity
which imo cannot be accessed via public API.
Does anyone know a way to persist config changes from custom mapper code?