[keycloak-user] Not able to extend User Storage SPI without changing Keycloak configuration files

Marek Posolda mposolda at redhat.com
Thu Sep 5 05:23:37 EDT 2019 

Hi,

if you implement the custom userStorage provider, the Keycloak will use 
some "generic" page for the admin console and add the configuration 
options automatically to the page. This generic approach has some limits 
and doesn't allow to have advanced things, like the button for "Test 
Connection" as you pointed and the tab for "Mappers" etc.

Specifically for LDAP provider, we have overriden the angular template, 
so AFAIR LDAP is the only provider, which doesn't use the generic 
template, but has it's own template and it's own angular controller. If 
you have the custom provider, which is subclass of LDAP provider, it 
will still use generic template and hence button like "Test Connection" 
won't be available (+ some other things won't be available). So if you 
want to have nicer UI for your provider, you may also need to add some 
UI files and change few things in the app.js file etc. You will probably 
need to use your own theme for it. This may be quite complicated and 
there is some risk of having outdated UI when you migrate to next 
version (EG. if you override the app.js file in your theme), so I 
personally rather wouldn't go that way.

If possible, I would either try to create LDAP mapper rather than 
overriding the whole LDAP provider. Or alternatively, I would live with 
the generic UI.

Marek

On 22. 08. 19 14:01, David VS wrote:
> Goal:
> Setup custom federation which extends ldap provider.
>
> Question: What is the proper way to extend the ldap federation while adding
> one more configuration input? (without changing internal keycloak files)
>
> I followed the steps in
> https://www.keycloak.org/docs/latest/server_development/index.html#_user-storage-spi
> and specify my own provider and providerFactory,
>
> In admin console, when trying to create the federation "custom-ldap", most
> of the input fields do not have a label and some buttons like "Test
> connection" are missing. The configuration property that I added and
> customized has label/default value/tooltip.
>
> If it is not possible to extend the form, is there an easy way how to
> inherit the same UI form from the ldap federation page in my extension?
>
> (Im new to keycloak, and do not have experience with Freemarker).
>
> Thank you so much for your support,
>
> David
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

More information about the keycloak-user mailing list