[keycloak-dev] Additional things to consider for 1.0.final

Bill Burke bburke at redhat.com
Thu Jul 17 09:14:21 EDT 2014 


On 7/17/2014 8:55 AM, Stian Thorgersen wrote:
> As we didn't have enough things to do last minute I come up with more things which I think we should do for 1.0.final:
>
> 1. Configure JPA through keycloak-server.json instead of persistence.xml
>
> This would be super simple to do, and would let us have a single persistence.xml for everything (testsuite, server, project-integrations). Everything worthy of configuring in persistence.xml (including datasource) can be passed in the Map overrides when creating the EntityManagerFactory.
>

-1.  I don't think learning a new configuration format for 
persistence.xml is user friendly.  Users would have to translate the 
Hibernate documentation to our json format.

>
> 2. Introduce server-dependencies-min and server-dependencies-all poms
>
> We have a few places that includes all the dependencies required (server, testsuite/integration and testsuite/) as well as other project such as AeroGear and LiveOak. Instead of everyone having to list all the dependencies they could have a single dependency on either server-dependencies-min or server-dependencies-all. Min would exclude most if not all provider implementations (such as PicketLink/LDAP, social providers, etc).
>

+1

>
> 3. TOTP SPI
>
> At the moment we only support Google Authenticator, I don't think that's sufficient. We should at the very least add support for one more, and have an SPI so users can add their own. I think this would be related to the UserProvider sync work, as some UserProvider implementations may require both a password and totp to verify a users credentials, while others would only be able to verify the password and then have Keycloak verify the totp.
>

+1. Do  we have cycles to include in 1.0?

> Also, do we need to support users with more than one totp? Personally I have two for work (one I use daily and another for backup).

+1. Do  we have cycles to include in 1.0?
\
-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com

More information about the keycloak-dev mailing list