<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
PRs are welcome. Not sure what you mean by enumerated types. I
believe there is a LIST object ou can specify values of?<br>
<br>
<div class="moz-cite-prefix">On 1/13/2016 10:41 AM, Josh Cain wrote:<br>
</div>
<blockquote
cite="mid:CA+z0A8C8ztP1yifjaVC2BQTzda9cPxSk3baeUA08UX_Db_DXNA@mail.gmail.com"
type="cite">
<div dir="ltr">
<div>
<div>That PR will be enough for me to get by for now. We've
been using .pkcs12 files and including chains at times, so
not positive that 2048 is going to be big enough. For now,
I think that we'll just plan on dropping associated cert
files with the SPI libraries. Shouldn't be too bad to do
that, and maybe in the future we can look at extending that
SPI to accommodate files?<br>
<br>
</div>
The only other note I would have is that enumerated types
aren't supported (I.E. as a dropdown with selectable values).
I see where that won't be too difficult; I'll get together a
PR for selectable options. Do you want me to file a FR for
supporting file types for provider configuration?<br>
<br>
</div>
In the end it would be really nice to have a fully extensible
configuration mechanism (in the same ways that LDAP or kerberos
are configured). For instance, LDAP configurations allow you to
run validation to make sure your authentication works. I would
(ideally) like to leverage a similar function for my federation
provider. Not saying it's an essential, but would certainly add
some polish to the federation provider SPI.<br>
<br>
</div>
<div class="gmail_extra"><br clear="all">
<div>
<div class="gmail_signature">
<div dir="ltr"><span>
<div>
<div>Josh Cain | Software Applications Engineer<br>
</div>
<i>Identity and Access Management</i><br>
</div>
<b>Red Hat</b><br>
+1 843-737-1735<br>
</span></div>
</div>
</div>
<br>
<div class="gmail_quote">On Wed, Jan 13, 2016 at 9:28 AM, Bill
Burke <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:bburke@redhat.com" target="_blank">bburke@redhat.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"> I totally forgot
about that PR. Are those PR changes good enough for you?
Can you live with just that new interface? I can change
and increase the value for user federation config to 2048
to support things like certificate pem files. <br>
<div>
<div class="h5"> <br>
<div>On 1/13/2016 10:18 AM, Josh Cain wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">
<div>
<div>
<div>Bill,<br>
<br>
</div>
Thanks for the quick response.<br>
<br>
</div>
I do think it would be very useful for us if the
federation provider configuration were more
verbose. I saw where some work was done
recently on this (<a moz-do-not-send="true"
href="https://github.com/keycloak/keycloak/pull/1973"
target="_blank">PR-1973</a>) to allow for
better customization on labels and help texts
and such. Extending the REST endpoints for
configuration could potentially be useful as
well. <br>
<br>
We're using certificate files for a portion of
our configuration, so we'd actually need to
store the file objects in the DB, as opposed to
just parsing configuration files.<br>
<br>
</div>
Totally understand about feature freeze. Let me
know what I can do to help, I'm still getting my
feet wet with Keycloak, but don't mind jumping in
when necessary.<br>
<br>
</div>
<div class="gmail_extra"><br clear="all">
<div>
<div>
<div dir="ltr"><span>
<div>
<div>Josh Cain | Software Applications
Engineer<br>
</div>
<i>Identity and Access Management</i><br>
</div>
<b>Red Hat</b><br>
<a moz-do-not-send="true"
href="tel:%2B1%20843-737-1735"
value="+18437371735" target="_blank">+1
843-737-1735</a><br>
</span></div>
</div>
</div>
<br>
<div class="gmail_quote">On Wed, Jan 13, 2016 at
8:41 AM, Bill Burke <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:bburke@redhat.com"
target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:bburke@redhat.com">bburke@redhat.com</a></a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0
0 0 .8ex;border-left:1px #ccc
solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"> Right
now, you're going to have to modify app.js,
I can refactor app.js so you don't have to
modify it, but, you'll have to wait until
next release to get these changes.<br>
<br>
Unfortunately, the UserFederationProvider
only supports name/value pairs for
configuration and a max size for Value of
255 characters. I can expand the SPI to
allow you to plug ina backend REST service
that would allow you to parse the file and
add the appropriate config, but at this
time, we can't really provide a brand new
config model for UserFederation as this is
supposed to be feature freeze right now.
<div>
<div><br>
<br>
<div>On 1/12/2016 5:56 PM, Josh Cain
wrote:<br>
</div>
</div>
</div>
<blockquote type="cite">
<div>
<div>
<div dir="ltr">
<div>
<div>
<div>
<div>Hi all,<br>
<br>
</div>
I've got a
UserFederationProvider that
needs 6-8 configuration
elements, to include
enumerated types and even a
couple of files. I'd like to
keep the configuration of this
provider in the Keycloak admin
console, but am not sure how
to do so.<br>
<br>
</div>
I've read through the <a
moz-do-not-send="true"
href="http://keycloak.github.io/docs/userguide/keycloak-server/html/themes.html"
target="_blank">themes
documentation</a>, but I have
not been able to find a suitable
solution. I thought of just
dropping a new partial in there
to handle more straightforward
configuration items like
enumerated types, but couldn't
find a way to do so without
having to override the entire
app.js. What's more, I was not
certain if Keycloak was already
set up to handle something like
a File object in the REST/DB
backend.<br>
</div>
<br>
</div>
I suppose my question boils down to
"How can I integrate enumerated and
file type configuration options for
my UserFederationProvider into the
Keycloak administration system?"
Any help would be much appreciated -
thanks!<br>
<div>
<div>
<div>
<div><br clear="all">
<div>
<div>
<div>
<div dir="ltr"><span>
<div>
<div>Josh Cain |
Software
Applications
Engineer<br>
</div>
<i>Identity and
Access
Management</i><br>
</div>
<b>Red Hat</b><br>
<a
moz-do-not-send="true"
href="tel:%2B1%20843-737-1735" value="+18437371735" target="_blank">+1
843-737-1735</a><br>
</span></div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br>
<fieldset></fieldset>
<br>
</div>
</div>
<pre>_______________________________________________
keycloak-dev mailing list
<a moz-do-not-send="true" href="mailto:keycloak-dev@lists.jboss.org" target="_blank">keycloak-dev@lists.jboss.org</a>
<a moz-do-not-send="true" href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a></pre>
<span><font color="#888888"> </font></span></blockquote>
<span><font color="#888888"> <br>
<pre cols="72">--
Bill Burke
JBoss, a division of Red Hat
<a moz-do-not-send="true" href="http://bill.burkecentral.com" target="_blank">http://bill.burkecentral.com</a></pre>
</font></span></div>
<br>
_______________________________________________<br>
keycloak-dev mailing list<br>
<a moz-do-not-send="true"
href="mailto:keycloak-dev@lists.jboss.org"
target="_blank">keycloak-dev@lists.jboss.org</a><br>
<a moz-do-not-send="true"
href="https://lists.jboss.org/mailman/listinfo/keycloak-dev"
rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a><br>
</blockquote>
</div>
<br>
</div>
</blockquote>
<br>
<pre cols="72">--
Bill Burke
JBoss, a division of Red Hat
<a moz-do-not-send="true" href="http://bill.burkecentral.com" target="_blank">http://bill.burkecentral.com</a></pre>
</div>
</div>
</div>
</blockquote>
</div>
<br>
</div>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Bill Burke
JBoss, a division of Red Hat
<a class="moz-txt-link-freetext" href="http://bill.burkecentral.com">http://bill.burkecentral.com</a></pre>
</body>
</html>