[keycloak-dev] Client Storage SPI and KEYCLOAK-6408

cedric@couralet.eu cedric at couralet.eu
Wed Jun 12 02:26:22 EDT 2019 

In case it could help , for our limited case, we would like the possibility to fetch client configuration from ldap (and secret).
Historically, we manage application account (and roles)  in ldap. Having keycloak able to retrieve those from ldap would be a huge help. 
Personnally, I'd like to use keycloak as an orchestrator (very good at that) between different "store", without state.

 
Le Mardi, Juin 11, 2019 12:49 CEST, Stian Thorgersen <sthorger at redhat.com> a écrit: 
 
> We are planning a bigger rework of the storage layer in the future as part
> of Keycloak .Next.
> 
> With that in mind you should rather follow the discussion around that as it
> unfolds over the next few months.
> 
> For the current implementation we can be open to smaller stuff, but not big
> overhauls.
> 
> Finishing the client storage API may be useful, but to be honest not many
> people have been interested here. I'd rather see a simpler client store
> where it's easier to replace with a custom store. I don't think there's
> need to federate multiple client stores for a single realm.
> 
> For LDAP I'm not sure what you mean about separate core and user stuff. It
> is only a user store, at least now. Are you perhaps thinking about storing
> clients in LDAP?
> 
> On Sat, 8 Jun 2019 at 08:46, Justin Gross <jgross.biz at gmail.com> wrote:
> 
> > Good afternoon, good evening and good morning everyone! I am Justin and
> > I’d like to start contributing to Keycloak.
> >
> > Is there anyone on the list that is interested in the continuing
> > development of Client Storage SPI? (KEYCLOAK-6408 in JIRA)
> >
> > If you answered yes to the above, what storage systems/software are you
> > interested in using for client storage?
> >
> > Preparing to take on some of the things listed in KEYCLOAK-6408.
> >
> > I am in the middle of a lite refactoring of some useful things which are
> > currently specific to user storage federation such as
> > SynchronizationResult, ImportSynchronization, etc… so they can be used by
> > the yet to be finished Client Storage API.
> >
> > I also plan to refactor some of the LDAP federation stuff so that the user
> > specific stuff is separate from the core LDAP functionality itself.
> > Eventually I want to use LDAP to store client configuration and there’s a
> > lot of useful LDAP functionality stashed away in the user federation stuff.
> >
> >
> > Thank you,
> >
> > Justin Gross
> >
> > _______________________________________________
> > keycloak-dev mailing list
> > keycloak-dev at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-dev
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev

More information about the keycloak-dev mailing list