Re: [keycloak-dev] Provider config

From: "Bill Burke" <bburke(a)redhat.com&gt; To: "Stian Thorgersen" <stian(a)redhat.com&gt; Cc: keycloak-dev(a)lists.jboss.org Sent: Tuesday, 22 July, 2014 4:57:37 PM Subject: Re: [keycloak-dev] Provider config On 7/22/2014 9:53 AM, Stian Thorgersen wrote: > > > ----- Original Message ----- >> From: "Bill Burke" <bburke(a)redhat.com&gt; >> To: "Stian Thorgersen" <stian(a)redhat.com&gt; >> Cc: keycloak-dev(a)lists.jboss.org >> Sent: Tuesday, 22 July, 2014 2:43:11 PM >> Subject: Re: [keycloak-dev] Provider config >> >> Certain providers may have multiple instances/configs of themselves in >> the same realm. i.e. authentication providers (soon to be federation >> providers) which may be federating multiple different LDAP databases. >> Also, in the future, social may turn into a "federated broker SPI" where >> multiple generic federated broker providers can be configured per realm >> (i.e. SAML or other openid connections). > > Didn't consider that, we'll definitively need it > In my private fork, I pulled getProviderFactory methods from DefaultKeycloakSessionFactory up to KeycloakSessionFactory methods. Then defined my own specialized create methods. I don't use KeycloakSession.getProvider() anymore. >> >> I honestly don't want a generic "provider" admin console page where you >> generically configure the providers. I think it is a mistake. We're >> supposed to be making things easier and we should be making tailored >> console pages for what we ship out of the box. > > What about we allow configuring specific SPIs in the correct place, but > still use a form that is populated with labels/inputs from the providers > ConfigOptions? > LDAP config already doesn't fit into pure labels/inputs. IMO, rendering information belongs in HTML :) -- Bill Burke JBoss, a division of Red Hat http://bill.burkecentral.com