[keycloak-dev] Provider config
Bill Burke
bburke at redhat.com
Tue Jul 22 11:57:37 EDT 2014
On 7/22/2014 9:53 AM, Stian Thorgersen wrote:
>
>
> ----- Original Message -----
>> From: "Bill Burke" <bburke at redhat.com>
>> To: "Stian Thorgersen" <stian at redhat.com>
>> Cc: keycloak-dev at lists.jboss.org
>> Sent: Tuesday, 22 July, 2014 2:43:11 PM
>> Subject: Re: [keycloak-dev] Provider config
>>
>> Certain providers may have multiple instances/configs of themselves in
>> the same realm. i.e. authentication providers (soon to be federation
>> providers) which may be federating multiple different LDAP databases.
>> Also, in the future, social may turn into a "federated broker SPI" where
>> multiple generic federated broker providers can be configured per realm
>> (i.e. SAML or other openid connections).
>
> Didn't consider that, we'll definitively need it
>
In my private fork, I pulled getProviderFactory methods from
DefaultKeycloakSessionFactory up to KeycloakSessionFactory methods.
Then defined my own specialized create methods. I don't use
KeycloakSession.getProvider() anymore.
>>
>> I honestly don't want a generic "provider" admin console page where you
>> generically configure the providers. I think it is a mistake. We're
>> supposed to be making things easier and we should be making tailored
>> console pages for what we ship out of the box.
>
> What about we allow configuring specific SPIs in the correct place, but still use a form that is populated with labels/inputs from the providers ConfigOptions?
>
LDAP config already doesn't fit into pure labels/inputs. IMO, rendering
information belongs in HTML :)
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-dev
mailing list