[keycloak-user] Caching user details in a custom User Storage Provider

James Mitchell jamesm at suitebox.com
Wed Jun 19 21:58:01 EDT 2019 

I think I see the problem. Based on "examples found on the internet",
I am taking the UserModel, and using "getDelegateForUpdate()" to get
my UserAdapter  - but the code points out this will invalidate the
cache, so I doing it to myself :(

I'll switch to storing my extra data into the cache with onCache() and
extract it when I need it...

On Mon, 17 Jun 2019 at 10:19, James Mitchell <jamesm at suitebox.com> wrote:
>
> Can I get a sanity check for this? I don't think my users are being
> retrieved from the cache.
>
> I'm using Keycloak 6.0.1 and doing proof of concept to use it as IDP
> for our application. So far I have a working User Storage Provider to
> call the existing API for user details and to authenticate users - I'm
> calling the token endpoint with a password grant-type and all is good.
>
> * I can see the initial search for email address works, and the user
> is added to the cache (at least the OnUserCache function is called)
> * the password matches and the user is authenticated
> * then there are many calls to get the user by ID - I think these are
> to get attributes for the token claims. These are not getting the
> details from the cache, as I can see hits on the existing API.
>
> So my questions are
> * should the user be coming from the cache?
> * is there a method I can override to confirm if the cache is being used?
>
>
> These are some logs from the keycloak service and the database adapter
> (both running as Docker containers). These logs are generated from the
> admin console when I click for user details.
>
> > keycloak_1  | 22:42:47,516 INFO  [com.suitebox.keycloak.storage.SbxUserStorageProviderFactory] (default task-2) Create PHPAuth Provider instance
> > keycloak_1  | 22:42:47,519 INFO  [com.suitebox.keycloak.storage.SbxUserStorageProvider] (default task-2) getUserById: f:df3bf6f5-0ae8-4d0d-8cee-8e01bdbb0649:4
> > keycloak_1  | 22:42:49,879 INFO  [com.suitebox.keycloak.storage.SbxUserStorageProvider] (default task-2) Caching user f:df3bf6f5-0ae8-4d0d-8cee-8e01bdbb0649:4
> > keycloak_1  | 22:42:49,952 INFO  [com.suitebox.keycloak.storage.SbxUserStorageProvider] (default task-2) getUserById: f:df3bf6f5-0ae8-4d0d-8cee-8e01bdbb0649:4
> > keycloak_1  | 22:42:51,996 INFO  [com.suitebox.keycloak.storage.SbxUserStorageProvider] (default task-2) getUserById: f:df3bf6f5-0ae8-4d0d-8cee-8e01bdbb0649:4
> > keycloak_1  | 22:42:54,069 INFO  [com.suitebox.keycloak.storage.SbxUserStorageProvider] (default task-2) Closing PHPAuth Provider
>
>
> and the database API
>
> > dbadapter_1  | 2019-06-13 22:42:47.609  INFO 1 --- [p-nio-80-exec-4] c.s.d.controller.backend.UserController  : get user id=4
> > dbadapter_1  | 2019-06-13 22:42:50.031  INFO 1 --- [p-nio-80-exec-5] c.s.d.controller.backend.UserController  : get user id=4
> > dbadapter_1  | 2019-06-13 22:42:52.094  INFO 1 --- [p-nio-80-exec-6] c.s.d.controller.backend.UserController  : get user id=4
>
>
>
>
> Thanks,
> James

More information about the keycloak-user mailing list