[keycloak-user] implement one way user sync from legacy db to keycloak

Istvan Orban istvan.orban at gmail.com
Thu Feb 9 04:08:37 EST 2017


Hi Guys,

I am in the process of moving to keycloak and I need to make a decision how
to migrate my users.

I think I have two options

1, migrate users using JSON import.

I can grab the password from the db as they are encrypted with a reversible
encryption :)
In this case I have one question. I need to generate an output JSON and for
that I need to see how keycloak salts and encrypts the passwords by
default. Can you point me to the class that does this ? Can I include
keycloak as a dependency and call the same class to do the work for me ?

2, migrate uses on-the-fly

I did find this example
-> examples/userstorage/readonly/PropertyFileUserStorageProvider.java which
is a great starting point although I have one question on this one.

Do I need to implement CredentialInputUpdater   All I need to do is one way
import of the users from my DB which I will probably do via an API call I
do not wish to sync users back to the legacy db at all. Would it be enough
to simply just implement these interfaces ->

UserStorageProvider,

UserLookupProvider,
CredentialInputValidator,

Also I did find an enum in UserStorageProvider called EditMode and I could
not find out where to use this enum ? Do I need to worry about this at all?

Thanks for any help !


-- 
Kind Regards,

*----------------------------------------------------------------------------------------------------------------*
*Istvan Orban* *I *Skype: istvan_o *I *Mobile: +44 (0) 7956 122 144 *I  *


More information about the keycloak-user mailing list