[keycloak-dev] migrating custom User Fed Providers
Bill Burke
bburke at redhat.com
Wed Nov 23 16:59:28 EST 2016
Ok, I added the logic to remove a user with a federation link that
doesn't have a corresponding UserStorageProvider. The question remains:
* Should I automatically convert UserFederationProviderModels to
ComponentsModels that have a user storage provider with the same id?
* Should I remove users imported from custom providers in
Liquibase/Model migration scripts?
I'm wondering if I should do this on boot up by invoking a new method on
the userLocalStorage()
UserProvider.removeStaleFederationLinks()
Just worried this could be a very long action in the case where there
are thousands of imported users.
On 11/23/16 10:51 AM, Bill Burke wrote:
> Not sure what to do about migration of custom User Fed providers. The
> issue is around imported users as they have a federation link
> specified. What I think I can do is check to see if the provider exists
> for the linked user when queried, if it doesn't remove the user. This
> would slowly remove old linked users. This is the easiest solution.
>
> I can do something similar to LDAP in which if a UserStorage with same
> provider id exists, then just port it to the new component model. If
> there isn't a similar provider remove all users that are linked. This
> becomes much harder as this isn't as simple as deleting the user from
> the user table. I'll have to port all the queries that are executed
> from JPA to JDBC when a user is removed.
>
> More work....
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
More information about the keycloak-dev
mailing list