Re: [keycloak-dev] Provider config
On 7/22/2014 9:53 AM, Stian Thorgersen wrote:
----- Original Message -----
> From: "Bill Burke" <bburke(a)redhat.com>
> To: "Stian Thorgersen" <stian(a)redhat.com>
> Cc: keycloak-dev(a)lists.jboss.org
> Sent: Tuesday, 22 July, 2014 2:43:11 PM
> Subject: Re: [keycloak-dev] Provider config
>
> Certain providers may have multiple instances/configs of themselves in
> the same realm. i.e. authentication providers (soon to be federation
> providers) which may be federating multiple different LDAP databases.
> Also, in the future, social may turn into a "federated broker SPI" where
> multiple generic federated broker providers can be configured per realm
> (i.e. SAML or other openid connections).
Didn't consider that, we'll definitively need it
In my private fork, I pulled getProviderFactory methods from
DefaultKeycloakSessionFactory up to KeycloakSessionFactory methods.
Then defined my own specialized create methods. I don't use
KeycloakSession.getProvider() anymore.
>
> I honestly don't want a generic "provider" admin console page where
you
> generically configure the providers. I think it is a mistake. We're
> supposed to be making things easier and we should be making tailored
> console pages for what we ship out of the box.
What about we allow configuring specific SPIs in the correct place, but still use a form
that is populated with labels/inputs from the providers ConfigOptions?
LDAP config already doesn't fit into pure labels/inputs. IMO, rendering
information belongs in HTML :)
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com