[keycloak-user] Notify Keycloak Bearer Clients on Admin Actions
Dmitry Telegin
dt at acutus.pro
Tue Nov 13 23:20:55 EST 2018
Hello Miguel,
There is no default mechanism to notify clients, so you'll have to implement it yourself.
That shouldn't be that hard, especially given that it's a perfect case for a message-driven solution. I'd suggest that you use Keycloak's builtin ActiveMQ Artemis message broker [1], which supports persistence and message redelivery.
Write your EventListenerProvider, listen for AdminEvents, publish them to MQ and subscribe your clients to it. If your clients are also Java-based, JMS should be your choice. Otherwise, you should be using AMQP directly.
Good luck,
Dmitry Telegin
CTO, Acutus s.r.o.
Keycloak Consulting and Training
Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
+42 (022) 888-30-71
E-mail: info at acutus.pro
[1] http://activemq.apache.org/artemis/
On Tue, 2018-11-06 at 15:27 +0200, Miguel Haber wrote:
> Hi,
>
> I'm just wondering about one scenario where I'm running:
>
> - Keycloak server (using it as a user base, and for
> authentication/authorization)
> - 3 resource servers connected to the Keycloak as bearer-only clients
>
> These resource servers store separate information about users.
>
> One use case I need to investigate:
>
> - Keycloak admin logs in, deletes one user that has data in all 3 resource
> servers
>
> Questions:
>
> 1) Do the 3 resource servers get notified at the moment in order to purge
> the user data from their DBs?
> 2) What if 1 resource server is offline, does it get notified as soon as it
> goes back online?
>
> Thanks
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list