<html><head><meta http-equiv="Content-Type" content="text/html charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">So there will still be a validate credentials callback, right?<div class=""><br class=""><div class=""><div class="">
<div style="color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class="">Scott Rossillo</div><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class="">Smartling | Senior Software Engineer</div><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><a href="mailto:srossillo@smartling.com" class="">srossillo@smartling.com</a></div><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class="">
</div>
</div></div><br class=""><div style=""><blockquote type="cite" class=""><div class="">On Aug 18, 2016, at 2:30 PM, Bill Burke <<a href="mailto:bburke@redhat.com" class="">bburke@redhat.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div class=""><br class="">On 8/18/16 4:59 AM, Stian Thorgersen wrote:<br class=""><blockquote type="cite" class="">Bill,<br class=""><br class="">Are you planing to have an option to allow import of users with the <br class="">new user federation SPI? I'm not convinced we should completely remove <br class="">this option.<br class=""><br class=""></blockquote><br class="">The only callback that does not exist in the new SPI is <br class="">validateAndProxy(). With the current federation SPI, the developer <br class="">implements everything themselves for import. There are no <br class="">synchronization APIs/SPIs either.<br class=""><blockquote type="cite" class="">Some use-cases I could imagine:<br class=""><br class="">* Allow users to authenticate even if LDAP server is down<br class=""></blockquote>Our current LDAP provider will not work if LDAP is down, even with the <br class="">import :)<br class=""><br class=""><br class=""><blockquote type="cite" class="">* Allow migrating users away from LDAP<br class=""></blockquote><br class="">We can do anything we want for our LDAP implementation. This doesn't <br class="">mean that the SPI should have special support methods and interfaces for <br class="">synchronization and import.<br class=""><br class="">Bill<br class=""><br class="">_______________________________________________<br class="">keycloak-dev mailing list<br class=""><a href="mailto:keycloak-dev@lists.jboss.org" class="">keycloak-dev@lists.jboss.org</a><br class="">https://lists.jboss.org/mailman/listinfo/keycloak-dev<br class=""></div></div></blockquote></div><br class=""></div></div></body></html>