[keycloak-user] adding realm level configuration parameter

Marek Posolda mposolda at redhat.com
Mon Jan 22 08:29:55 EST 2018


Hi,

for anyone interested, we have possibility to add:
- custom REST endpoints if you need control your own realm attributes
- custom DB entities if you want custom entities, which are possibly not 
tightly coupled to any realm (EG. global entities).
- custom SPI / providers. You may configure global settings in 
standalone(-ha).xml at subsystem level with that.

There is an example for all those functionalities. In the "providers" 
directory of keycloak-examples distribution, there is "domain-extension" 
. Some docs is in "Server development guide".

Marek

On 22/01/18 13:06, Ori Doolman wrote:
> Hi Dmitry,
> Thank you very much for your answer.
>
>
> 1)      I assume that ‘realm_attribute’ table has no control from the Web UI admin console. Does it?
>
> 2)      How did you implement the global configurqation?
>
>
> Thanks,
>
> Ori
>
> From: Dmitry Telegin [mailto:mitya at cargosoft.ru]
> Sent: Monday, January 22, 2018 13:03
> To: Ori Doolman <Ori.Doolman at Amdocs.com>; keycloak-user at lists.jboss.org
> Subject: Re: [keycloak-user] adding realm level configuration parameter
>
> Hi Ori,
>
> In Keycloak, realms do have their own attributes. Starting with 2.2.0, they are exposed as org.keycloak.models.RealmModel::{get,set}Attribute*() methods, so I suggest that you take a look at them. Seems like exactly what you need - just make sure your attribute names do not clash with internal ones (examine realm_attribute table contents for that). It will be pretty safe to prefix your attribute names with something unique, like "com.amdocs.*"
>
> If you need truly *global* persistent configuration (i.e. not bound to any realm), unfortunately there's no such functionality in KC at the moment, but I'm implementing the same for my company's needs. Let me know if you're interested.
>
> Cheers,
> Dmitry
>
>
> Hi,
>
>
>
> Any answer on that??
>
>
>
>
>
>
>
> Thanks,
>
>
>
> Ori .
>
>
>
>
>
> -----Original Message-----
>
> From: keycloak-user-bounces at lists.jboss.org<mailto:keycloak-user-bounces at lists.jboss.org> [mailto:keycloak-user-bounces at lists.jboss.org] On Behalf Of Ori Doolman
>
> Sent: Tuesday, January 16, 2018 00:00
>
> To: keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>
>
> Subject: [keycloak-user] adding realm level configuration parameter
>
>
>
> Hi,
>
> I want to perform some customization to Keycloak using existing SPIs.
>
> For that, I need to store a configuration parameter (may be different value per realm).
>
> What is the way to achieve that? Is there an SPI to extend the realm properties?
>
> The only solution I can think of now is setting a custom attribute in the users group of the realm.
>
>
>
>
>
> Thanks,
>
>
>
> Ori Doolman
>
> Lead Software Architect
>
> Amdocs Optima
>
>
>
> +972 9 778 6914 (office)
>
> +972 50 9111442 (mobile)
>
>
>
> [cid:image001.png at 01D2C8DE.BFF33E10<mailto:image001.png at 01D2C8DE.BFF33E10>]
>
>
>
> This message and the information contained herein is proprietary and confidential and subject to the Amdocs policy statement,
>
>
>
> you may review at https://www.amdocs.com/about/email-disclaimer <https://www.amdocs.com/about/email-disclaimer>
>
> This message and the information contained herein is proprietary and confidential and subject to the Amdocs policy statement,
>
>
>
> you may review at https://www.amdocs.com/about/email-disclaimer <https://www.amdocs.com/about/email-disclaimer>
>
>
>
>
>
> _______________________________________________
>
> keycloak-user mailing list
>
> keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>
>
> https://lists.jboss.org/mailman/listinfo/keycloak-user
> This message and the information contained herein is proprietary and confidential and subject to the Amdocs policy statement,
>
> you may review at https://www.amdocs.com/about/email-disclaimer <https://www.amdocs.com/about/email-disclaimer>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user




More information about the keycloak-user mailing list