[keycloak-dev] federation commited need feedback
Marek Posolda
mposolda at redhat.com
Fri Jul 25 04:01:31 EDT 2014
yeah, would be nice if Picketlink can support this and I think it's not
so big problem to implement that. I've created JIRA
https://issues.jboss.org/browse/PLINK-533 .
I believe that now it's good time to fill potential gaps in Picketlink .
Marek
On 25.7.2014 03:33, Bill Burke wrote:
>
> On 7/24/2014 7:55 PM, Bill Burke wrote:
>>
>> On 7/23/2014 5:33 PM, Bill Burke wrote:
>>> * Going to have an import-attributes on/off switch. A keycloak->ldap
>>> attribute map will be required to be configured. If this switch is off,
>>> UserModel proxy will load attributes on demand.
>>
>> I'm not going to do anything with attributes that doesn't already exist.
>> Picketlink requires property mappings to actual properties on an
>> actual class (User). Our LDAP federation will be a bit limited :(
>> Hopefully what we have is good enough. We can look at improving this
>> after 1.0.Final. Honestly I'd just like to write our own LDAP
>> abstraction. Once users start wanting to deal with claims, there's
>> going to be some stored in LDAP some stored in our store. Picketlink
>> just can handle this scenario dynamically. Everything must be
>> statically defined in a Java class and mapped with annotations.
>>
> Correction: Picketlink just *cannot* handle dynamic things.
>
More information about the keycloak-dev
mailing list