Hi all,
I'm using keycloak 6.0.1 and I'm facing the same issue, are there some update
about this request?
----
Notarnicola, Mara
Software Engineer
Klopotek Software & Technology Services Italia srl
Via Federico II di Svevia, 4481
70023 – Gioia del Colle (BA)
https://www.klopotek.com
-----Original Message-----
From: keycloak-user-bounces(a)lists.jboss.org [mailto:keycloak-user-bounces@lists.jboss.org]
On Behalf Of Jerry Saravia
Sent: Tuesday, March 26, 2019 9:19 PM
To: keycloak-user(a)lists.jboss.org
Subject: [keycloak-user] Override "native" Keycloak providers
Hello,
Disclaimer: This might be a keycloak dev mailing list question.
We’ve been using version 3.4.3 for a while now and are attempting to upgrade to 4.8 and
we’ve run into some issues.
Summary: We have created our own providers with the same PROVIDER_ID as some of the built
in providers. For example, PasswordCredentialProvider has a provider id of
“keycloak-password” and we created our own with the same id that gets loaded after the
native one. This worked because in 3.4.3 providers that were using the same id would still
have their factories added to the factory map.
See this link here for 3.4.3 changes:
https://github.com/keycloak/keycloak/blob/3.4.3.Final/services/src/main/j...
These are the 4.8 changes
https://github.com/keycloak/keycloak/blob/4.8.3.Final/services/src/main/j...
In 4.8, the fully qualified class name (FQCN) is not longer used. Instead it uses the
provider id and the spi name. I can no longer use the same PROVIDER_ID as the native
providers to ‘override’ them, but sometimes there is code that gets the provider
specifically by id. For example, in the UpdatePassword required action we have this:
PasswordCredentialProvider passwordProvider =
(PasswordCredentialProvider)context.getSession().getProvider(CredentialProvider.class,
PasswordCredentialProviderFactory.PROVIDER_ID);
In 3.4.3 because our provider was loaded we were able to inject into code that normally
isn’t overridable. We did the same for the OIDCLoginProtocolFactory to alter some token
endpoint behavior even the UpdatePassword required action itself rather than making a
brand new required action that is a “second rate” because it isn’t native to Keycloak.
Is there a solution for this in 4.8.3? I see this change was made in 4.0.0.Beta1 according
to some of the history.
J
Jerry Saravia
Software Engineer
T(516) 603-6914
M516-603-6914
virginpulse.com
|virginpulse.com/global-challenge
492 Old Connecticut Path, Framingham, MA 01701, USA Australia | Bosnia and Herzegovina |
Brazil | Canada | Singapore | Switzerland | United Kingdom | USA Confidentiality Notice:
The information contained in this e-mail, including any attachment(s), is intended solely
for use by the designated recipient(s). Unauthorized use, dissemination, distribution, or
reproduction of this message by anyone other than the intended recipient(s), or a person
designated as responsible for delivering such messages to the intended recipient, is
strictly prohibited and may be unlawful. This e-mail may contain proprietary, confidential
or privileged information. Any views or opinions expressed are solely those of the author
and do not necessarily represent those of Virgin Pulse, Inc. If you have received this
message in error, or are not the named recipient(s), please immediately notify the sender
and delete this e-mail message.
v2.48