Re: [keycloak-dev] federation commited need feedback

From: "Bill Burke" <bburke(a)redhat.com&gt; To: keycloak-dev(a)lists.jboss.org Sent: Wednesday, 23 July, 2014 10:33:12 PM Subject: [keycloak-dev] federation commited need feedback First iteration is commited. I still have a lot to do. * AuthenticationProvider currently co-exists with Federation. I will delete it after the review of FederationProvider. * UserModel is proxied. Some updates delegated to LDAP. Need to expand. * Still need to do admin console UI for federation * Still need to implement search and other queries for LDAP * Still need to test disjoint credential type storage. Feedback on unimplemented features for LDAP: * registration supported switch. * Importing username and email will be required. Everything else will be optional. That cool? * Modes for federation will be: READ_ONLY, SYNCED, and UNSYNCED. SYNCED will update LDAP on demand. UNSYNCED will store changes locally and require the user to handle synchronization themselves. * Going to have an import-attributes on/off switch. A keycloak->ldap attribute map will be required to be configured. If this switch is off, UserModel proxy will load attributes on demand. Questions: * Is ExternalModelAuthProvider actually a feature requested by users? I'd like to not have to do this. At least for 1.0. -- Bill Burke JBoss, a division of Red Hat http://bill.burkecentral.com _______________________________________________ keycloak-dev mailing list keycloak-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-dev