<div dir="ltr">One problem with this approach is that you end up having a separate JDBC connection and transaction even if it uses the same database the Keycloak server uses.<div><br></div><div>Take a look at <a href="https://github.com/keycloak/keycloak/tree/master/examples/providers/domain-extension/src/main/java/org/keycloak/examples/domainextension/jpa">https://github.com/keycloak/keycloak/tree/master/examples/providers/domain-extension/src/main/java/org/keycloak/examples/domainextension/jpa</a> for example which allows adding custom entities to the main EntityManager.</div></div><div class="gmail_extra"><br><div class="gmail_quote">On 6 August 2016 at 17:43, Bill Burke <span dir="ltr"><<a href="mailto:bburke@redhat.com" target="_blank">bburke@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">I've implemented a Keycloak provider deployer and it works great. I<br>
re-implemented the JPA User Storage SPI example. The provider is now a<br>
@Stateful EJB and EntityManager access is all managed by<br>
@PersistenceContext. The example now looks really simple and elegant<br>
rather than the crap I mentioned before. Would not have worked without<br>
the JTA integration I did (see previous email). Things left to do:<br>
<br>
* hot deployment. Pretty sure I can implement this<br>
<br>
* Make sure things work in WARs and EARs.<br>
<br>
* Also thinking of defining a @KeycloakProvider annotation that you can<br>
use on your ProviderFactories. This would remove the need to specify a<br>
META-INF/services file and the annotation could be scanned for at<br>
deployment. Would work like this:<br>
<br>
<br>
@KeycloakProvider(<wbr>UserStorageProviderFactory.<wbr>class)<br>
<br>
public class MyProvider ... {<br>
<br>
}<br>
<br>
As a side note, one thing I could look into is the ability to use<br>
@Inject of a KeycloakSession. Developer could then write entire web<br>
applications that are deployed separately and worked with the keycloak<br>
API directly. @Inject KeycloakSession would work similarly to<br>
@PersistenceContexts EntityManager. KeycloakSessions would be<br>
associated with a transaction. This will give us nice integration with<br>
Java EE and give a lot of power to developers wanting to extend keycloak.<br>
<br>
<br>
______________________________<wbr>_________________<br>
keycloak-dev mailing list<br>
<a href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" rel="noreferrer" target="_blank">https://lists.jboss.org/<wbr>mailman/listinfo/keycloak-dev</a><br>
</blockquote></div><br></div>