Ok, I added the logic to remove a user with a federation link that
doesn't have a corresponding UserStorageProvider. The question remains:
* Should I automatically convert UserFederationProviderModels to
ComponentsModels that have a user storage provider with the same id?
* Should I remove users imported from custom providers in
Liquibase/Model migration scripts?
I'm wondering if I should do this on boot up by invoking a new method on
the userLocalStorage()
UserProvider.removeStaleFederationLinks()
Just worried this could be a very long action in the case where there
are thousands of imported users.
On 11/23/16 10:51 AM, Bill Burke wrote:
Not sure what to do about migration of custom User Fed providers.
The
issue is around imported users as they have a federation link
specified. What I think I can do is check to see if the provider exists
for the linked user when queried, if it doesn't remove the user. This
would slowly remove old linked users. This is the easiest solution.
I can do something similar to LDAP in which if a UserStorage with same
provider id exists, then just port it to the new component model. If
there isn't a similar provider remove all users that are linked. This
becomes much harder as this isn't as simple as deleting the user from
the user table. I'll have to port all the queries that are executed
from JPA to JDBC when a user is removed.
More work....
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev