[keycloak-dev] Provider modules

Tue Jan 20 10:54:33 EST 2015

As I said to make sure we're all on the same page here's my view on what we've just discussed:

1. A user creates a module for the provider
2. The user copies the module into '/modules'
3. The user registers the module with the auth-server subsystem. This can be done either by directly editing standalone.xml or through CLI. Example snippet from standalone.xml would look like:

    <subsystem xmlns="urn:jboss:domain:keycloak:1.0">
        <auth-server name="main-auth-server">
            <enabled>true</enabled>
            <web-context>auth</web-context>
            <providers>
                <module name="org.acme.userprovider" />
                <module name="org.acme.anotherprovider" />
            </providers>
        </auth-server>
    </subsystem>

4. When a new provider module is registered Keycloak would need to be reloaded

This will require some changes to how Keycloak loads/finds providers as it needs to not only look in its own ClassPath for providers, but also in all ModuleClassPath that is referenced in the subsystem.