[keycloak-user] Caching user details in a custom User Storage Provider
James Mitchell
jamesm at suitebox.com
Sun Jun 16 18:19:06 EDT 2019
Can I get a sanity check for this? I don't think my users are being
retrieved from the cache.
I'm using Keycloak 6.0.1 and doing proof of concept to use it as IDP
for our application. So far I have a working User Storage Provider to
call the existing API for user details and to authenticate users - I'm
calling the token endpoint with a password grant-type and all is good.
* I can see the initial search for email address works, and the user
is added to the cache (at least the OnUserCache function is called)
* the password matches and the user is authenticated
* then there are many calls to get the user by ID - I think these are
to get attributes for the token claims. These are not getting the
details from the cache, as I can see hits on the existing API.
So my questions are
* should the user be coming from the cache?
* is there a method I can override to confirm if the cache is being used?
These are some logs from the keycloak service and the database adapter
(both running as Docker containers). These logs are generated from the
admin console when I click for user details.
> keycloak_1 | 22:42:47,516 INFO [com.suitebox.keycloak.storage.SbxUserStorageProviderFactory] (default task-2) Create PHPAuth Provider instance
> keycloak_1 | 22:42:47,519 INFO [com.suitebox.keycloak.storage.SbxUserStorageProvider] (default task-2) getUserById: f:df3bf6f5-0ae8-4d0d-8cee-8e01bdbb0649:4
> keycloak_1 | 22:42:49,879 INFO [com.suitebox.keycloak.storage.SbxUserStorageProvider] (default task-2) Caching user f:df3bf6f5-0ae8-4d0d-8cee-8e01bdbb0649:4
> keycloak_1 | 22:42:49,952 INFO [com.suitebox.keycloak.storage.SbxUserStorageProvider] (default task-2) getUserById: f:df3bf6f5-0ae8-4d0d-8cee-8e01bdbb0649:4
> keycloak_1 | 22:42:51,996 INFO [com.suitebox.keycloak.storage.SbxUserStorageProvider] (default task-2) getUserById: f:df3bf6f5-0ae8-4d0d-8cee-8e01bdbb0649:4
> keycloak_1 | 22:42:54,069 INFO [com.suitebox.keycloak.storage.SbxUserStorageProvider] (default task-2) Closing PHPAuth Provider
and the database API
> dbadapter_1 | 2019-06-13 22:42:47.609 INFO 1 --- [p-nio-80-exec-4] c.s.d.controller.backend.UserController : get user id=4
> dbadapter_1 | 2019-06-13 22:42:50.031 INFO 1 --- [p-nio-80-exec-5] c.s.d.controller.backend.UserController : get user id=4
> dbadapter_1 | 2019-06-13 22:42:52.094 INFO 1 --- [p-nio-80-exec-6] c.s.d.controller.backend.UserController : get user id=4
Thanks,
James
More information about the keycloak-user
mailing list