[keycloak-dev] Thoughts on improving the model for 2.x
Stian Thorgersen
sthorger at redhat.com
Fri Mar 4 02:50:35 EST 2016
Added to the doc
On 4 March 2016 at 02:45, Bill Burke <bburke at redhat.com> wrote:
> Some additional thoughts:
> * All user and realm metadata (group, roles, etc..) needs to be referenced
> by a URI. URI would have a schema like this: {provider}:{identifier}.
> Identifier can be anything. A keycloak datastore would just be a primary
> key id, for LDAP it might be the username, rolename, group name. You get
> the picture. Then a manager service ould be used to resolve the URI into
> an actual Model interface. User reference URIs could point to a broker
> (social or parent IDP),an LDAP store, local keycloak db, etc.
> * For social login and brokering you would assign a user storage mechanism
> to import the user into. We would have 3 possible built-in options, JPA or
> Mongo, and Infinispan clustered in-memory cache.
>
> On 3/3/2016 2:09 PM, Stian Thorgersen wrote:
>
> I've written up some thoughts on improving the model for 2.x at
> https://docs.google.com/a/redhat.com/document/d/1ZmPjlJYvk_fwYvnWxz1E49ioZFZa3kfYCI1xE5gVClc/pub
>
>
>
> _______________________________________________
> keycloak-dev mailing listkeycloak-dev at lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-dev
>
>
> --
> Bill Burke
> JBoss, a division of Red Hathttp://bill.burkecentral.com
>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20160304/8dc9b527/attachment-0001.html
More information about the keycloak-dev
mailing list