Maybe it'll make sense to have two types of providers? Server-scoped and
realm-scoped.
----- Original Message -----
From: "Stian Thorgersen" <stian(a)redhat.com>
To: "Bill Burke" <bburke(a)redhat.com>
Cc: keycloak-dev(a)lists.jboss.org
Sent: Tuesday, 22 July, 2014 2:08:20 PM
Subject: Re: [keycloak-dev] Provider config
----- Original Message -----
> From: "Bill Burke" <bburke(a)redhat.com>
> To: keycloak-dev(a)lists.jboss.org
> Sent: Tuesday, 22 July, 2014 2:04:56 PM
> Subject: Re: [keycloak-dev] Provider config
>
> Can you keep the KeycloakSesion/Provider SPIs backward compatible while
> you do this?
Do we need to? If we do it'll need some more thinking ;)
>
> On 7/22/2014 5:56 AM, Stian Thorgersen wrote:
> > We need to add a generic provider config mechanism. It should be possible
> > to configure providers at two levels:
> >
> > * Server - through keycloak-server.json
> > * Realm - through RealmProvider
> >
> > With regards to server we already have this. It requires editing the
> > keycloak-server.json and restarting the server. IMO that's fine for now,
> > and we can consider adding support for doing this at runtime through the
> > admin console in the future.
> >
> > For realm config (which would be needed for ldap) I propose that we add a
> > ProviderConfigModel to RealmProvider. The ProviderConfigModel consists
> > of:
> >
> > * RealmModel realm
> > * String spi
> > * String provider
> > * Map<String, String> config
> >
> > We need to add an admin endpoints to add/update provider configs as well
> > as
> > making it possible to edit these through the admin console. We should add
> > a method to the provider factory:
> >
> > * List<ConfigOption> getConfigOptions - this will return the
> > configuration
> > options the provider can support
> >
> > ConfigOption will include (we could also add support for validation):
> >
> > * String key
> > * String label
> >
> > On the admin console I propose we add a Provider config page. The page
> > will
> > list out all available SPIs, once you select an SPI it will list out all
> > available providers. You can then click on individual providers to get a
> > form to edit the provider config. The form will use the getConfigOptions
> > to know what labels/input fields to add.
> >
> > Further, we need to make some changes to KeycloakSession/ProviderFactory
> > to
> > support realm config. We could change
> > ProviderFactory.create(KeycloakSession session) to
> > ProviderFactory.create(KeycloakSession session, String realmId,
> > Config.Scope realmConfig). This allows a provider to either share
> > resources (i.e. connections) with multiple realms, or if it wants
> > different connections per-realm it can handle that internally (for
> > example
> > in a map using realmId as the key).
> > _______________________________________________
> > keycloak-dev mailing list
> > keycloak-dev(a)lists.jboss.org
> >
https://lists.jboss.org/mailman/listinfo/keycloak-dev
> >
>
> --
> Bill Burke
> JBoss, a division of Red Hat
>
http://bill.burkecentral.com
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev