[keycloak-dev] porting LDAP to new model
Bill Burke
bburke at redhat.com
Fri Oct 28 16:45:30 EDT 2016
Was looking at LDAPFederationProvider today and thinking about how it
would be ported to new model.
* I think it may be possible to re-use most of the code. The code
currently assumes that the UserModel is imported into keycloak local
storage. What I think we can do is have an in-memory implementation of
UserModel. If import is disabled, we create an instance of this pojo.
This becomes a delegate, and we execute the import logic for mappers.
Proxy would also be called and just proxy the pojo instance.
* we get rid of the "always read from LDAP" option. For the new model,
users will be cached. If the cache is hit, then the provider is never
hit. Since we now have cache policies per UserStorageProvider, I don't
think its an issue to remove this feature.
Devil is in the details, but I don't think this will be that bad. Its
just a matter of converting things to use the ComponentModel
More information about the keycloak-dev
mailing list