[keycloak-dev] Can I use this method in RepresentationToModel?

Stan Silvert ssilvert at redhat.com
Fri Oct 16 09:33:46 EDT 2015 

Hmm.  Sounds like during import we are making some assumptions about how 
the import file was created.

Like I said, when you import a realm from the admin console today it 
uses session.userStorage().addUser().  So someone using this feature 
should be aware that anything imported will not be federated.  (If I 
understand correctly)

Is that OK?

Is it OK going forward for partial imports?  No federation?

On 10/16/2015 2:45 AM, Marek Posolda wrote:
> The session.userStorage().addUser() adds user directly to KC 
> persistent storage (JPA, Mongo) and bypasses federation.
>
> When you're creating new user through Keycloak somehow (for example in 
> admin console or during user registration), there is need to use 
> "session.users().addUser()", so the user is propagated to federation 
> storage as well. For example, if you have configured LDAP federation 
> provider with WRITE editMode, the user will be created to LDAP as well 
> in addition to Keycloak database. However during import, user usually 
> already exists in LDAP as he was exported from previous environment.
>
> It's bit similar for example for default roles. When you create new 
> user in admin console/registration, default roles are added to him. 
> However during import, they are not as the user is supposed to have 
> them already from previously exported DB.
>
> Marek
>
> On 15/10/15 23:28, Stan Silvert wrote:
>> Looks like import realm is using the same method so I guess it's OK.  It
>> would still be interesting to know a bit about the effect of calling
>> session.userStorage().addUser() versus session.users().addUser(). We are
>> just relying on the provider settings to sync federated users?
>>
>> On 10/15/2015 5:07 PM, Stan Silvert wrote:
>>> I'm implementing import users from the admin console.  I'd like to use
>>> this method to create each user:
>>> https://github.com/keycloak/keycloak/blob/master/model/api/src/main/java/org/keycloak/models/utils/RepresentationToModel.java#L923 
>>>
>>>
>>> But I'm not sure of the effect since this method uses
>>> session.userStorage().addUser() instead of session.users().addUser().
>>>
>>> Anyone care to enlighten me?
>>>
>>> Stan
>>>
>>> _______________________________________________
>>> keycloak-dev mailing list
>>> keycloak-dev at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>

More information about the keycloak-dev mailing list