[keycloak-dev] delete users on federation removal?
Bill Burke
bburke at redhat.com
Fri Aug 1 09:23:39 EDT 2014
On 8/1/2014 4:18 AM, Stian Thorgersen wrote:
>
>
> ----- Original Message -----
>> From: "Bill Burke" <bburke at redhat.com>
>> To: keycloak-dev at lists.jboss.org
>> Sent: Thursday, 31 July, 2014 11:01:12 PM
>> Subject: Re: [keycloak-dev] delete users on federation removal?
>>
>> Ya, this is quite hairy. You'll have to set the REQUIRED ACTION to
>> reset all credentials handled by the federation provider.
>>
>> Unfortunately, you can now only set one required action per user :(
>
> You can still set multiple. The user has a Set<RequiredAction> and we even have a test that checks users with multiple actions RequiredActionMultipleActionsTest.
>
Ugh, I'm really sorry. I think I remembered you saying you were going
to switch it to one action, looked at the code quickly and missed the
Set<RequiredAction> method on UserModel...I AM LOSING MY MIND!!!!
Still not sure what to do about credentials though. We can't have open
accounts that can be reset without specifying old password. We could
send out an email maybe.
Must be deferred to post 1.0.final.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-dev
mailing list