WildFly Full 20 Model Reference

  1. home
  2. subsystem=elytron
  3. ldap-key-store

A LdapKeyStore definition.

Provided capabilities(1)

Attributes (17)

  • alias-attribute The name of LDAP attribute, where will be item alias stored.
    • Attribute Value
    Default Value cn
    Type STRING
    Nillable true
    Expressions Allowed true
    Storage configuration
    Access Type read-write
    Restart Required all-services
  • certificate-attribute The name of LDAP attribute, where will be certificate stored.
    • Attribute Value
    Default Value usercertificate
    Type STRING
    Nillable true
    Expressions Allowed true
    Storage configuration
    Access Type read-write
    Restart Required all-services
  • certificate-chain-attribute The name of LDAP attribute, where will be certificate chain stored.
    • Attribute Value
    Default Value userSMIMECertificate
    Type STRING
    Nillable true
    Expressions Allowed true
    Storage configuration
    Access Type read-write
    Restart Required all-services
  • certificate-chain-encoding The encoding of the certificate chain.
    • Attribute Value
    Default Value PKCS7
    Type STRING
    Nillable true
    Expressions Allowed true
    Storage configuration
    Access Type read-write
    Restart Required all-services
  • certificate-type The type of the Certificate.
    • Attribute Value
    Default Value X.509
    Type STRING
    Nillable true
    Expressions Allowed true
    Storage configuration
    Access Type read-write
    Restart Required all-services
  • dir-context The name of DirContext, which will be used to communication with LDAP server.
    • Attribute Value
    Capability reference
    Type STRING
    Nillable false
    Expressions Allowed false
    Storage configuration
    Access Type read-write
    Restart Required all-services
  • filter-alias The LDAP filter for obtaining an item of the KeyStore by alias. If this is not specified then the default value will be (alias_attribute={0}). The string '{0}' will be replaced by the searched alias and the 'alias_attribute' value will be the value of the attribute 'alias-attribute'.
    • Attribute Value
    Type STRING
    Nillable true
    Expressions Allowed true
    Storage configuration
    Access Type read-write
    Restart Required all-services
  • filter-certificate The LDAP filter for obtaining an item of the KeyStore by certificate. If this is not specified then the default value will be (certificate_attribute={0}). The string '{0}' will be replaced by searched encoded certificate and the 'certificate_attribute' will be the value of the attribute 'certificate-attribute'.
    • Attribute Value
    Type STRING
    Nillable true
    Expressions Allowed true
    Storage configuration
    Access Type read-write
    Restart Required all-services
  • filter-iterate The LDAP filter for iterating over all items of the KeyStore. If this is not specified then the default value will be (alias_attribute=*). The 'alias_attribute' will be the value of the attribute 'alias-attribute'.
    • Attribute Value
    Type STRING
    Nillable true
    Expressions Allowed true
    Storage configuration
    Access Type read-write
    Restart Required all-services
  • key-attribute The name of LDAP attribute, where will be key stored.
    • Attribute Value
    Default Value userPKCS12
    Type STRING
    Nillable true
    Expressions Allowed true
    Storage configuration
    Access Type read-write
    Restart Required all-services
  • key-type The type of KeyStore, in which will be key serialized to LDAP attribute.
    • Attribute Value
    Default Value PKCS12
    Type STRING
    Nillable true
    Expressions Allowed true
    Storage configuration
    Access Type read-write
    Restart Required all-services
  • new-item-template Configuration for item creation. Define how will look LDAP entry of newly created keystore item.
    • Attribute Value
    Type OBJECT
    Nillable true
    Expressions Allowed false
    Storage configuration
    Access Type read-write
    Restart Required all-services
  • search-path The path in LDAP, where will be KeyStore items searched.
    • Attribute Value
    Type STRING
    Nillable false
    Expressions Allowed true
    Storage configuration
    Access Type read-write
    Restart Required all-services
  • search-recursive If the LDAP search should be recursive.
    • Attribute Value
    Default Value true
    Type BOOLEAN
    Nillable true
    Expressions Allowed true
    Storage configuration
    Access Type read-write
    Restart Required all-services
  • search-time-limit The time limit for obtaining keystore items from LDAP.
    • Attribute Value
    Default Value 10000
    Type INT
    Nillable true
    Expressions Allowed true
    Storage configuration
    Access Type read-write
    Restart Required all-services
  • size The size of LDAP KeyStore in amount of items/aliases.
    • Attribute Value
    Type INT
    Nillable false
    Expressions Allowed false
    Storage runtime
    Access Type read-only
  • state The state of the underlying service that represents this KeyStore at runtime, if it is anything other than UP runtime operations will not be available.
    • Attribute Value
    Type STRING
    Nillable false
    Expressions Allowed false
    Storage runtime
    Access Type read-only
    Allowed Values DOWN
    STARTING
    START_FAILED
    UP
    STOPPING
    REMOVED

Operations (5)

  • add Add a new LDAP KeyStore.
    Request Parameter Type Required Expressions Allowed Default value Description
    dir-context STRING true false The name of DirContext, which will be used to communication with LDAP server.
    new-item-template OBJECT false false Configuration for item creation. Define how will look LDAP entry of newly created keystore item.
    alias-attribute STRING false true cn The name of LDAP attribute, where will be item alias stored.
    certificate-attribute STRING false true usercertificate The name of LDAP attribute, where will be certificate stored.
    certificate-chain-attribute STRING false true userSMIMECertificate The name of LDAP attribute, where will be certificate chain stored.
    certificate-chain-encoding STRING false true PKCS7 The encoding of the certificate chain.
    certificate-type STRING false true X.509 The type of the Certificate.
    key-attribute STRING false true userPKCS12 The name of LDAP attribute, where will be key stored.
    key-type STRING false true PKCS12 The type of KeyStore, in which will be key serialized to LDAP attribute.
    filter-alias STRING false true The LDAP filter for obtaining an item of the KeyStore by alias. If this is not specified then the default value will be (alias_attribute={0}). The string '{0}' will be replaced by the searched alias and the 'alias_attribute' value will be the value of the attribute 'alias-attribute'.
    filter-certificate STRING false true The LDAP filter for obtaining an item of the KeyStore by certificate. If this is not specified then the default value will be (certificate_attribute={0}). The string '{0}' will be replaced by searched encoded certificate and the 'certificate_attribute' will be the value of the attribute 'certificate-attribute'.
    filter-iterate STRING false true The LDAP filter for iterating over all items of the KeyStore. If this is not specified then the default value will be (alias_attribute=*). The 'alias_attribute' will be the value of the attribute 'alias-attribute'.
    search-path STRING true true The path in LDAP, where will be KeyStore items searched.
    search-recursive BOOLEAN false true true If the LDAP search should be recursive.
    search-time-limit INT false true 10000 The time limit for obtaining keystore items from LDAP.
  • read-alias Read an alias from a KeyStore.
    Request Parameter Type Required Expressions Allowed Default value Description
    alias STRING true false The alias of the KeyStore item to read.
  • read-aliases Read aliases from a KeyStore.
  • remove Remove the LDAP KeyStore.
  • remove-alias Remove an alias from a KeyStore.
    Request Parameter Type Required Expressions Allowed Default value Description
    alias STRING true false The alias of the KeyStore item to remove.