[PR #8954/c7e2875a backport][stable-9] keycloak_user_federation: add user federation config parameter `referral` to module args (#8997)

keycloak_user_federation: add user federation config parameter `referral` to module args (#8954) * add keycloak referral parameter to module args * add changelog fragment * Update plugins/modules/keycloak_user_federation.py Co-authored-by: Felix Fontein <felix@fontein.de> * Update changelogs/fragments/8954-keycloak-user-federation-add-referral-parameter.yml Co-authored-by: Felix Fontein <felix@fontein.de> --------- Co-authored-by: Felix Fontein <felix@fontein.de> (cherry picked from commit c7e2875a4d) Co-authored-by: fgruenbauer <gruenbauer@b1-systems.de>
2024-10-07 22:36:58 +02:00 · 2024-10-07 22:36:58 +02:00 · dc5a89b040
parent 71d8109275
commit dc5a89b040
2 changed files with 14 additions and 0 deletions
--- a/changelogs/fragments/8954-keycloak-user-federation-add-referral-parameter.yml
+++ b/changelogs/fragments/8954-keycloak-user-federation-add-referral-parameter.yml
@ -0,0 +1,2 @@
+minor_changes:
+    - keycloak_user_federation - add the user federation config parameter ``referral`` to the module arguments (https://github.com/ansible-collections/community.general/pull/8954).
--- a/plugins/modules/keycloak_user_federation.py
+++ b/plugins/modules/keycloak_user_federation.py
@ -442,6 +442,17 @@ options:
                    - Max lifespan of cache entry in milliseconds.
                type: int

+            referral:
+                description:
+                    - Specifies if LDAP referrals should be followed or ignored. Please note that enabling
+                      referrals can slow down authentication as it allows the LDAP server to decide which other
+                      LDAP servers to use. This could potentially include untrusted servers.
+                type: str
+                choices:
+                    - ignore
+                    - follow
+                version_added: 9.5.0
+
    mappers:
        description:
            - A list of dicts defining mappers associated with this Identity Provider.
@ -788,6 +799,7 @@ def main():
        priority=dict(type='int', default=0),
        rdnLDAPAttribute=dict(type='str'),
        readTimeout=dict(type='int'),
+        referral=dict(type='str', choices=['ignore', 'follow']),
        searchScope=dict(type='str', choices=['1', '2'], default='1'),
        serverPrincipal=dict(type='str'),
        krbPrincipalAttribute=dict(type='str'),