[keycloak-dev] federation commited need feedback
Bill Burke
bburke at redhat.com
Thu Jul 24 21:33:31 EDT 2014
On 7/24/2014 7:55 PM, Bill Burke wrote:
>
>
> On 7/23/2014 5:33 PM, Bill Burke wrote:
>> * Going to have an import-attributes on/off switch. A keycloak->ldap
>> attribute map will be required to be configured. If this switch is off,
>> UserModel proxy will load attributes on demand.
>
>
> I'm not going to do anything with attributes that doesn't already exist.
> Picketlink requires property mappings to actual properties on an
> actual class (User). Our LDAP federation will be a bit limited :(
> Hopefully what we have is good enough. We can look at improving this
> after 1.0.Final. Honestly I'd just like to write our own LDAP
> abstraction. Once users start wanting to deal with claims, there's
> going to be some stored in LDAP some stored in our store. Picketlink
> just can handle this scenario dynamically. Everything must be
> statically defined in a Java class and mapped with annotations.
>
Correction: Picketlink just *cannot* handle dynamic things.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-dev
mailing list