[keycloak-user] Users with no firstName and lastName?
"Matthias J. Déjà"
madocdoyu at gmail.com
Tue Oct 24 04:44:21 EDT 2017
Hi,
it seems that this question of mine was forgotten. Is there anything I can do to improve my question, to increase the likelihood of getting a response?
Thanks!
Matthias.
> Am 18.10.2017 um 14:30 schrieb Matthias J. Déjà <madocdoyu at gmail.com>:
>
> Hello,
>
> new user here, so please forgive oversights on my part.
> After reading the documentation and searching the mailing list, I did not find this question answered.
>
> I am creating a user storage SPI implementation that is backed by an external user storage.
> That external user storage does not have first or last names for users.
> The only intrinsic information for a user on the external storage is a unique username and the password.
>
> The Keycloak user storage SPI that I am about to implement will make the users available in Keycloak, such that they can be displayed, created and edited via Keycloak.
> Authentication will also be possible.
>
> Here is the problem:
> In Keycloak, first name and last name are intrinsic properties of a user.
> (I am thinking of AbstractUserAdapterFederatedStorage, which I understand would be a good idea to implement.)
>
> This is what I imagine as a realistic solution:
> - In Keycloak, first and last name are still, in principle, present. But they are always empty.
> - They cannot be changed.
>
> The last point is important, as I do not want data to be split among Keycloak and the external user storage.
> When a Keycloak user can successfully set the first/last name of a user, this implies that this is a meaningful operation.
> Therefore, I would like to make those fields empty and non-editable.
>
> What would be the best way to achieve this?
> Do you see another way that would be better?
>
> My current working hypothesis would be one of those:
> A) Override setFirstName and setLastName to throw an exception that the Keycloak UI can deal with. (Which one?)
> B) Have the storage return an unsuccessful result when attempting to store a user with non-empty values on any of those fields. (How exactly?)
> C) Before storing a user, simply hardcode an assignment to firstName and lastName with either null or the empty string. (That would mean silently ignore changes to those fields and pretend that storing went okay.)
>
> Thanks for your input.
> Matthias Deja.
More information about the keycloak-user
mailing list