[keycloak-user] How to store additional data for the SSO session of an user?

Bill Burke bburke at redhat.com
Fri Sep 11 10:52:20 EDT 2015


In Keycloak 1.5 we have an authentication flow SPI.  That might be the 
best place to incorporate your authentication plugin.

On 9/11/2015 10:05 AM, Hermann Hill wrote:
> Hi everybody,
>
> I’m currently working on attaching a company-internal authentication API
> to Keycloak by implementing an UserFederationProvider.
>
> Basically it is working, but when authenticating to our internal API I
> get back some additional data that should be tied to the lifetime of the
> SSO session of the authenticating user. Is there any pre-defined place
> to store such data?
>
> As an alternative approach, I stored this data in a HashMap and tried to
> use the LOGIN and LOGOUT events to keep the contents of the HashMap
> current. This approach would work for the login (though I’d have to
> introduce an intermediate storage – the LOGIN event comes some time
> after the “validatePassword” call), but in my experiments a LOGOUT event
> was only generated when I was logging myself out, not when my SSO
> session expired or was removed by an administrator account. Is there a
> way to be reliably notified at the beginning and the end of a session?
>
> By now I’m really out of ideas. I would really appreciate if somebody
> could be so kind and point me in the right direction…
>
> Best regards,
>
> *Hermann Josef Hill*
> Software Architect
>
> *optile GmbH*
> Ganghoferstraße 39 | 80339 München
> Mobil +49 (151) 5385 0784
>
> hermann.hill at optile.net | www.optile.net
>
> USt.Id.-Nr. DE268847980
> Geschäftsführer: Daniel Smeds
> Handelsregister München HRB 183178
>
> *+++ Besuchen Sie uns auf der dmexco 2015 am 16. & 17. September, Köln,
> Halle 7.1 Stand F013 +++*
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com


More information about the keycloak-user mailing list