<div dir="ltr">I have done most of what you mentioned, although I didn't find the "Settings and Authentication" part on the Realm Settings. I couldn't add the new provider to it like you said, and the version I'm using is the one available on the github repo.<div>
<br></div><div>Also I saw that I should probably implement a RealmAdapter aswell, to provide access to my table structure, is that correct? If so, how should I configure Keycloak to use my adapter to find users, and not it's default one? Or at least not only it's default one</div>
</div><div class="gmail_extra"><br><br><div class="gmail_quote">On Fri, May 16, 2014 at 4:50 AM, Stian Thorgersen <span dir="ltr"><<a href="mailto:stian@redhat.com" target="_blank">stian@redhat.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">We will add some documentation to this soon, but you basically need to:<br>
<br>
- Implement <a href="https://github.com/keycloak/keycloak/blob/master/authentication/authentication-api/src/main/java/org/keycloak/authentication/AuthenticationProviderFactory.java" target="_blank">https://github.com/keycloak/keycloak/blob/master/authentication/authentication-api/src/main/java/org/keycloak/authentication/AuthenticationProviderFactory.java</a><br>
- Implement <a href="https://github.com/keycloak/keycloak/blob/master/authentication/authentication-api/src/main/java/org/keycloak/authentication/AuthenticationProvider.java" target="_blank">https://github.com/keycloak/keycloak/blob/master/authentication/authentication-api/src/main/java/org/keycloak/authentication/AuthenticationProvider.java</a><br>
- Add a 'META-INF/services/org.keycloak.authentication.AuthenticationProviderFactory' that contains the fully qualified name of your AuthenticationProviderFactory implementation<br>
<br>
Build as a JAR and drop into keycloak/standalone/deployments/auth-server.war/WEB-INF/lib.<br>
<br>
Start the server, open the admin console, navigate to realm settings and authentication. Click Add Provider and it should now have your new provider. Add it to the realm.<br>
<br>
It will now use your provider to authenticate users.<br>
<div class="im HOEnZb"><br>
----- Original Message -----<br>
> From: "Rodrigo Sasaki" <<a href="mailto:rodrigopsasaki@gmail.com">rodrigopsasaki@gmail.com</a>><br>
</div><div class="HOEnZb"><div class="h5">> To: "Bill Burke" <<a href="mailto:bburke@redhat.com">bburke@redhat.com</a>><br>
> Cc: <a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
> Sent: Thursday, 15 May, 2014 7:30:00 PM<br>
> Subject: Re: [keycloak-user] Migrating Users Database<br>
><br>
> By the way, do you have further information regarding that SPI you mentioned?<br>
><br>
> I was looking at the source code but I couldn't derive much from it, I don't<br>
> know exactly how I should implement my own provider, and how do I tell<br>
> keycloak to use mine instead of its own.<br>
><br>
><br>
> On Thu, May 15, 2014 at 11:05 AM, Rodrigo Sasaki < <a href="mailto:rodrigopsasaki@gmail.com">rodrigopsasaki@gmail.com</a> ><br>
> wrote:<br>
><br>
><br>
><br>
> That's quite alright at the moment.<br>
><br>
> We have seen the roadmap and if it stays around the announced dates, there<br>
> shouldn't be a problem for us here.<br>
><br>
><br>
> On Thu, May 15, 2014 at 11:03 AM, Bill Burke < <a href="mailto:bburke@redhat.com">bburke@redhat.com</a> > wrote:<br>
><br>
><br>
> FYI, Keycloak will be very slow until we start our performance work<br>
> (scheduled for Beta-2). Right now, every login/logout/token action is<br>
> all DB hits. We don't cache anything at the moment!<br>
><br>
> On 5/15/2014 7:02 AM, Rodrigo Sasaki wrote:<br>
> > I am very interested in importing the whole database. It seems to be the<br>
> > cleanest way to do what we want to do here, and migrate to keycloak<br>
> > completely.<br>
> ><br>
> > Are there any guidelines on how to do this? Nonetheless I will look into<br>
> > the SPI you mentioned, might come in handy sometime.<br>
> ><br>
> ><br>
> > On Thu, May 15, 2014 at 5:13 AM, Stian Thorgersen < <a href="mailto:stian@redhat.com">stian@redhat.com</a><br>
> > <mailto: <a href="mailto:stian@redhat.com">stian@redhat.com</a> >> wrote:<br>
> ><br>
> > At the moment we have an Authentication SPI that will let you easily<br>
> > authenticate users with your existing database of users. The first<br>
> > time a new user logs in using this approach a user will be pulled in<br>
> > to the Keycloak database. There's no documentation for this feature<br>
> > yet, but look at the SPI at<br>
> > <a href="https://github.com/keycloak/keycloak/tree/master/authentication/authentication-api" target="_blank">https://github.com/keycloak/keycloak/tree/master/authentication/authentication-api</a><br>
> > and the implementation that uses the Keycloak model itself to<br>
> > authenticate at<br>
> > <a href="https://github.com/keycloak/keycloak/tree/master/authentication/authentication-model" target="_blank">https://github.com/keycloak/keycloak/tree/master/authentication/authentication-model</a><br>
> > .<br>
> ><br>
> > In the future we plan to provide a Sync SPI that will take this one<br>
> > step further and let you sync users (and roles) to/from an existing<br>
> > database.<br>
> ><br>
> > However, if you plan to completely replace your current<br>
> > authentication system the cleanest solution may be to import your<br>
> > current user database into Keycloak once and for all. If you're<br>
> > interested in this approach let me know.<br>
> ><br>
> > ----- Original Message -----<br>
> > > From: "Rodrigo Sasaki" < <a href="mailto:rodrigopsasaki@gmail.com">rodrigopsasaki@gmail.com</a><br>
> > <mailto: <a href="mailto:rodrigopsasaki@gmail.com">rodrigopsasaki@gmail.com</a> >><br>
> > > To: <a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
> > <mailto: <a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a> ><br>
> > > Sent: Wednesday, 14 May, 2014 8:52:07 PM<br>
> > > Subject: [keycloak-user] Migrating Users Database<br>
> > ><br>
> > > Hi,<br>
> > ><br>
> > > I'm trying to replace my current authentication system with<br>
> > Keycloak, but I<br>
> > > have one problem. I already have a database of users, populated with<br>
> > > millions of records, and I wanted to make it work with Keycloak.<br>
> > ><br>
> > > What would be the best approach on this scenario? Should I<br>
> > migrate everything<br>
> > > to the Keycloak tables, or try to make Keycloak understand my current<br>
> > > database?<br>
> > ><br>
> > > Is there any recommendation on this matter? And if there is, some<br>
> > explanation<br>
> > > or documentation?<br>
> > ><br>
> > > Thanks!<br>
> > ><br>
> > > --<br>
> > > Rodrigo Sasaki<br>
> > ><br>
> > > _______________________________________________<br>
> > > keycloak-user mailing list<br>
> > > <a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a> <mailto: <a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a> ><br>
> > > <a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br>
> ><br>
> ><br>
> ><br>
> ><br>
> > --<br>
> > Rodrigo Sasaki<br>
> ><br>
> ><br>
> > _______________________________________________<br>
> > keycloak-user mailing list<br>
> > <a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
> > <a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br>
> ><br>
><br>
> --<br>
> Bill Burke<br>
> JBoss, a division of Red Hat<br>
> <a href="http://bill.burkecentral.com" target="_blank">http://bill.burkecentral.com</a><br>
> _______________________________________________<br>
> keycloak-user mailing list<br>
> <a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
> <a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br>
><br>
><br>
><br>
> --<br>
> Rodrigo Sasaki<br>
><br>
><br>
><br>
> --<br>
> Rodrigo Sasaki<br>
><br>
> _______________________________________________<br>
> keycloak-user mailing list<br>
> <a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
> <a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br>
</div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><div dir="ltr"><font face="Times New Roman">Rodrigo Sasaki</font><div></div></div>
</div>