[keycloak-dev] delete users on federation removal?

Bill Burke bburke at redhat.com
Thu Jul 31 18:16:15 EDT 2014


Even more hairy, you can't reset a password without knowing (and 
verifying) the old one.



On 7/31/2014 6:01 PM, Bill Burke wrote:
> Ya, this is quite hairy.  You'll have to set the REQUIRED ACTION to
> reset all credentials handled by the federation provider.
>
> Unfortunately, you can now only set one required action per user :(
>
> On 7/31/2014 3:05 PM, Marek Posolda wrote:
>> +1 for having it optional.
>>
>> However if you remove LDAP UserFederationProvider, the users from LDAP
>> won't be able to login with their passwords until admin change them...
>>
>> Marek
>>
>> On 31.7.2014 16:09, Stian Thorgersen wrote:
>>> I think it should be optional.
>>>
>>> Someone may for example migrate from LDAP to using Keycloak. Once they've migrated all apps they'll want to decommission the LDAP server, but they would still want to keep the users.
>>>
>>> ----- Original Message -----
>>>> From: "Bill Burke" <bburke at redhat.com>
>>>> To: keycloak-dev at lists.jboss.org
>>>> Sent: Thursday, 31 July, 2014 3:05:31 PM
>>>> Subject: [keycloak-dev] delete users on federation removal?
>>>>
>>>> I'm assuming that if a UserFederationProvider is removed from a realm,
>>>> then all users imported from that provider should be deleted?
>>>>
>>>> --
>>>> Bill Burke
>>>> JBoss, a division of Red Hat
>>>> http://bill.burkecentral.com
>>>> _______________________________________________
>>>> keycloak-dev mailing list
>>>> keycloak-dev at lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>>>
>>> _______________________________________________
>>> keycloak-dev mailing list
>>> keycloak-dev at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>
>

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com


More information about the keycloak-dev mailing list