[keycloak-user] Get federated roles in user federation provider or authenticator
Juan Pablo Perata
jpperata at gmail.com
Fri Sep 21 09:07:13 EDT 2018
Hi all,
I would like to ask if there is a way to get "federated roles" in a custom
authenticator or custom user federation provider?
I found that defining my own UserAdapter which extends
AbstracrUserAdapterFederatedStorage, there is a method which can be
overrided named "Set<RoleModel> getRoleMappingsInternal()".
I tried to create a role mapping and populate that set with the roles the
user has (in external database). Although, when I receive the security
context in my client application, the roles are missing (I only see some
realm default roles I created in the realm).
I take a step further and tried to debug the code and reached to the point
when the role assignation is done, and the roles I define are obtained from
the user adapter, but then the roles which remain are the only which are
defined in Keycloak. Is my assumption right?
Is there a way to get what I need? Or I need to define each role in
Keycloak as well?
My user federation provider is a read only provider to the external
database and the intention was to not maintain duplicated configuration.
Any help is appreciated.
Kind regards,
Juan
More information about the keycloak-user
mailing list