[keycloak-dev] Move email first name, last name and email to be stored as user attribute, not UserModel property?

Vlastimil Elias velias at redhat.com
Fri Mar 18 09:52:56 EDT 2016


More emails for one account are simple, you need one to be main for 
login purposes and to be used to send "forgot pwd" and similar emails 
to, we have it now. Rest emails may be just in common attribute (it 
allows to store more values). Question is if you want to support 
validation/verification process for these additional emails and consider 
them in uniqueness tests ;-)

More accounts with same email is more tricky ;-)

Vl.

On 18.3.2016 14:46, Stian Thorgersen wrote:
>
> +1 Primary or "login" email should be left on user entity. We need to 
> consider how we're going to support having more than one email 
> associated with one account as well as multiple accounts with same 
> email. I'd say we'd have a login email, but also contact emails.
>
> On 18 Mar 2016 2:41 p.m., "Marek Posolda" <mposolda at redhat.com 
> <mailto:mposolda at redhat.com>> wrote:
>
>     +1 for have unified mapper for properties and attributes. That's
>     very easy to do, we can just fallback to setAttribute/getAttribute
>     if there is not property . LDAP UserAttribute mapper is already
>     unified and is doing like that.
>
>     Having the basic attributes in separate table might theoretically
>     have some performance impact. For example if email is stored as
>     attribute, then each searching by email needs to join 2 tables
>     instead of one. There is also DB constraint to enforce unique
>     email. So maybe at least email worth to keep as it is?
>
>     Marek
>
>
>     On 18/03/16 13:36, Stian Thorgersen wrote:
>>
>>     +1 Makes sense to me. Especially the part of not having two
>>     different mappers. It could still be useful to have a get/set for
>>     common attributes, but they would just pass through to attributes
>>     rather than separate fields.
>>
>>     On 18 Mar 2016 1:17 p.m., "Vlastimil Elias" <velias at redhat.com
>>     <mailto:velias at redhat.com>> wrote:
>>
>>         Hi,
>>
>>         as part of planned persistence storage SPI changes we talked
>>         about on
>>         f2f we should probably consider removing of first name, last
>>         name and
>>         email from UserModel property, but implement them as normal user
>>         attributes with predefined names.
>>
>>         This unification should simplify few things, for example separate
>>         mappers for attributes and properties in Clients and Identity
>>         Providers
>>         configuration, which may be hard to understand for beginners
>>         (questions
>>         like "what the hell is difference between user properties and
>>         attributes?", "What user properties are available there?").
>>
>>         This should also simplify implementation of User profile
>>         validation SPI
>>         we talked about on f2f meeting.
>>
>>         What do you think?
>>
>>         Vl.
>>
>>         --
>>         Vlastimil Elias
>>         Principal Software Engineer
>>         Developer Portal Engineering Team
>>
>>         _______________________________________________
>>         keycloak-dev mailing list
>>         keycloak-dev at lists.jboss.org
>>         <mailto:keycloak-dev at lists.jboss.org>
>>         https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>
>>
>>
>>     _______________________________________________
>>     keycloak-dev mailing list
>>     keycloak-dev at lists.jboss.org <mailto:keycloak-dev at lists.jboss.org>
>>     https://lists.jboss.org/mailman/listinfo/keycloak-dev
>

-- 
Vlastimil Elias
Principal Software Engineer
Developer Portal Engineering Team

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20160318/9438697e/attachment.html 


More information about the keycloak-dev mailing list