Re: [keycloak-dev] UserProvider merged

From: "Bill Burke" <bburke(a)redhat.com&gt; To: "Stian Thorgersen" <stian(a)redhat.com&gt; Cc: keycloak-dev(a)lists.jboss.org Sent: Wednesday, 16 July, 2014 2:25:36 PM Subject: Re: [keycloak-dev] UserProvider merged On 7/16/2014 9:08 AM, Stian Thorgersen wrote: > The idea for provider config was: > > A provider can have a server-wide config (keycloak-server.json) as well as > realm-specific configs. > > Server-wide config would at least initially be configured only through > keycloak-server.json and would also require a server restart. We could > look at making this configurable through admin console as well. > > Realm specific config would be configurable through the admin console. You > would go to a "Providers" tab in the admin console, then you'd have a menu > that lists out all SPIs. So you would for example click on Sync. You could > then configure which Sync providers are enabled for the Realm, as well as > set configuration for them. With regards to config I thought key/value > would be sufficient, and much simpler to deal with. > > With that regards it would probably make sense that KeycloakSession would > be bound to a specific realm so we could create Provider instances with > the correct config. > Don't you have a Catch 22 with KeycloakSession and RealmProvider?

For sync/federation I was thinking that KeycloakSession.users() would take a RealmModel parameter though. Maybe something like this for an SPI? interface RealmLoadedProviderFactory<T extends Provider> { T createProvider(KeycloakSession session, RealmModel realm); } -- Bill Burke JBoss, a division of Red Hat http://bill.burkecentral.com