Thanks for the answer Marek. I actually did look into the user
federation example that comes with keycloak. In the settings for that,
there are buttons/settings to fully import users or to import
differences periodically which would bring the data to keycloak. The
thing is that there is already a database for users for the custom
website and Wordpress will also create its own users on login. With
keycloak there will be a third database of users whiich I feel will
lead to difficulties in maintaining. That is the reason why I wanted
to look for a solution that would not import the data to keycloak, but
authenticate against my user database directly.
On Mon, May 25, 2015 at 7:38 PM, Marek Posolda <mposolda(a)redhat.com> wrote:
It depends what exactly you need.
1) There is User Federation SPI, which allows to pull data about users from
your own database and partially import it to Keycloak. See docs
http://keycloak.github.io/docs/userguide/html/user_federation.html . This
SPI allows you to specify which data will be pulled from your DB to Keycloak
DB, so your store doesn't need to support storing all Keycloak user metadata
2) UserProvider SPI - in this case you will need to implement whole model by
yourself. Note that your store will need to support all Keycloak metadata
(For example data about user's required actions etc).
For most deployments (1) is better and much easier choice.
Marek
On 25.5.2015 11:32, pubudu gunawardena wrote:
>
> Hi All,
>
> I am trying to use Keycloak to implement SSO for two websites, one
> Wordpress and another custom implemented. I want to make Keycloak use
> the existing database but would prefer to not import the data to
> Keycloak, which would make another copy of the data. Is something like
> this possible with keycloak?
--
Thanks,
Pubudu