[keycloak-dev] federation commited need feedback
Bill Burke
bburke at redhat.com
Thu Jul 24 19:55:19 EDT 2014
On 7/23/2014 5:33 PM, Bill Burke wrote:
> * Going to have an import-attributes on/off switch. A keycloak->ldap
> attribute map will be required to be configured. If this switch is off,
> UserModel proxy will load attributes on demand.
I'm not going to do anything with attributes that doesn't already exist.
Picketlink requires property mappings to actual properties on an
actual class (User). Our LDAP federation will be a bit limited :(
Hopefully what we have is good enough. We can look at improving this
after 1.0.Final. Honestly I'd just like to write our own LDAP
abstraction. Once users start wanting to deal with claims, there's
going to be some stored in LDAP some stored in our store. Picketlink
just can handle this scenario dynamically. Everything must be
statically defined in a Java class and mapped with annotations.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-dev
mailing list