[keycloak-dev] in-memory only federated users
Bill Burke
bburke at redhat.com
Fri Dec 4 11:14:09 EST 2015
On 12/4/2015 9:53 AM, Bill Burke wrote:
>
>
> On 12/4/2015 5:36 AM, Marek Posolda wrote:
>> Why it's bad to do simpler things? :-)
>>
>> AFAIK filter pattern (or interceptor/chain whatever you call it) is
>> proven to work in many places. The provider at level X can always decide
>> if it delegates call to method "getUserByXXX" to next provider (and then
>> proxy/cache or do whatever according to his logic) or return something
>> by itself.
>>
>
> I'm also trying to figure out something that is backward compatible with
> the current federation SPI
>
After a private chat on Google Hangout, Stian, Marek, and I decided to
defer this feature until Keycloak 2.0. We are all a bit worried about
instabilities that might incur if we hack this into the current SPI. We
have a lot of ideas for 2.0 for improving the fedreation SPI and even
merging it with the DB provider apis. We've been talking about it on
mail list and on our weekly hangouts off and on for months, so I'm
confident we know the direction we need to go, its just that since
product is so close, we're gonna wait for in-memory until then.
BIll
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-dev
mailing list