Re: [keycloak-user] Notify Keycloak Bearer Clients on Admin Actions
Hello Miguel,
There is no default mechanism to notify clients, so you'll have to implement it
yourself.
That shouldn't be that hard, especially given that it's a perfect case for a
message-driven solution. I'd suggest that you use Keycloak's builtin ActiveMQ
Artemis message broker [1], which supports persistence and message redelivery.
Write your EventListenerProvider, listen for AdminEvents, publish them to MQ and subscribe
your clients to it. If your clients are also Java-based, JMS should be your choice.
Otherwise, you should be using AMQP directly.
Good luck,
Dmitry Telegin
CTO, Acutus s.r.o.
Keycloak Consulting and Training
Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
+42 (022) 888-30-71
E-mail: info(a)acutus.pro
[1] http://activemq.apache.org/artemis/
On Tue, 2018-11-06 at 15:27 +0200, Miguel Haber wrote:
Hi,
I'm just wondering about one scenario where I'm running:
- Keycloak server (using it as a user base, and for
authentication/authorization)
- 3 resource servers connected to the Keycloak as bearer-only clients
These resource servers store separate information about users.
One use case I need to investigate:
- Keycloak admin logs in, deletes one user that has data in all 3 resource
servers
Questions:
1) Do the 3 resource servers get notified at the moment in order to purge
the user data from their DBs?
2) What if 1 resource server is offline, does it get notified as soon as it
goes back online?
Thanks
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user