[keycloak-dev] UserProvider merged

Stian Thorgersen stian at redhat.com
Wed Jul 16 09:29:49 EDT 2014



----- Original Message -----
> From: "Bill Burke" <bburke at redhat.com>
> To: "Stian Thorgersen" <stian at redhat.com>
> Cc: keycloak-dev at lists.jboss.org
> Sent: Wednesday, 16 July, 2014 2:25:36 PM
> Subject: Re: [keycloak-dev] UserProvider merged
> 
> 
> 
> On 7/16/2014 9:08 AM, Stian Thorgersen wrote:
> > The idea for provider config was:
> >
> > A provider can have a server-wide config (keycloak-server.json) as well as
> > realm-specific configs.
> >
> > Server-wide config would at least initially be configured only through
> > keycloak-server.json and would also require a server restart. We could
> > look at making this configurable through admin console as well.
> >
> > Realm specific config would be configurable through the admin console. You
> > would go to a "Providers" tab in the admin console, then you'd have a menu
> > that lists out all SPIs. So you would for example click on Sync. You could
> > then configure which Sync providers are enabled for the Realm, as well as
> > set configuration for them. With regards to config I thought key/value
> > would be sufficient, and much simpler to deal with.
> >
> > With that regards it would probably make sense that KeycloakSession would
> > be bound to a specific realm so we could create Provider instances with
> > the correct config.
> >
> 
> Don't you have a Catch 22 with KeycloakSession and RealmProvider?

True - would it make sense to add a higher level thing for listing realms, adding/removing realms? 99% of the code would still use KeycloakSession which is bound to one Realm. Only RealmsResource would need to use that stuff.

> 
> For sync/federation I was thinking that KeycloakSession.users() would
> take a RealmModel parameter though.
> 
> Maybe something like this for an SPI?
> 
> interface RealmLoadedProviderFactory<T extends Provider> {
> 
>      T createProvider(KeycloakSession session, RealmModel realm);
> }
> 
> 
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
> 


More information about the keycloak-dev mailing list