<div dir="ltr">You don't strictly need to use model interface, JPA adapter, etc.. You can just make it a entity directly. We have those layers because we support JPA and Mongo. At the moment you can't add custom entities to the persistence.xml without modifying it within the JAR, but we plan to introduce an Entity SPI that allows adding custom entities (we have a PR for it, it needs some work, but should be included in 2.0.0.CR1 due some time in June).<div><br></div><div>We have added support for custom REST resource, but not admin resources. Main difference is how it's secured and URLs.</div><div><br></div><div>You'd also need to modify the admin console, but that can be done with a custom theme.</div></div><div class="gmail_extra"><br><div class="gmail_quote">On 19 May 2016 at 12:36, Mitya <span dir="ltr"><<a href="mailto:mitya@cargosoft.ru" target="_blank">mitya@cargosoft.ru</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi,<br>
<br>
My goal is to implement a custom first-class KeyCloak entity (like<br>
User, Group, etc.) Entities should persist in KeyCloak database along<br>
with Users, Groups etc.; there should be a CRUD interface in the admin<br>
console to manage them; it will have an unidirectional N:1 relationship<br>
to User and will participate in authentication process. In some future,<br>
most likely it will also participate in federation (to/from external<br>
LDAP server with custom schema).<br>
<br>
After briefly studying KeyCloak internals, I've got an impression that<br>
Provider SPIs won't help me much. Seems like what I'll have to<br>
implement is at least:<br>
<br>
- model interface (org.keycloak.models)<br>
- entity class (org.keycloak.models.entities)<br>
- JPA adapter (org.keycloak.models.jpa)<br>
- JPA entity (org.keycloak.models.jpa.entities)<br>
- (the same for Mongo and Infinispan)<br>
- REST representation (org.keycloak.representations.idm)<br>
- REST resource (org.keycloak.services.resources.admin)<br>
<br>
Next, there will be custom authenticator (to make use of the entity)<br>
and GUI modifications. I hope I didn't forget anything?<br>
<br>
Important question is - can I implement all of that without modifying<br>
KeyCloak code? Maintaining a fork and producing customized builds will<br>
complicate development process a lot. Ideally, classes should reside in<br>
my own packages (not org.keycloak.*), the code should be packaged as a<br>
module (JBoss module? OSGi bundle?) and simply be plugged into an<br>
official KeyCloak build. I see forking only as a last resort, it's<br>
something I'd like to avoid absolutely.<br>
<br>
Thanks!<br>
Mitya<br>
<br>
_______________________________________________<br>
keycloak-dev mailing list<br>
<a href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a></blockquote></div><br></div>