Keycloak User federation using existing MySQL database for users authentication

我的梦境 提交于 2020-07-18 10:05:47

问题


I am trying to setup Keycloak server for our organisation. I have couple of questions.

  1. How can we use our existing user database to authenticate users - User Federation. Keycloak only has LADP/Kerberos options. Is there any custom plugin which can be used for MySQL user authentication or can we use existing connectors itself (LDAP/Kerberos) via some adapter for the database?
  2. Is it possible to have multiple Identity providers within Keycloak environment - (Have Keycloak as IDP for few services, while Keycloak Google IDP for other services).

I have followed the official documentation, but for some reason not able to view the content of the link. Any helpful links to proper guide would be great.


回答1:


You should implement your own user storage SPI to integrate your MySQL db as an external user storage db

https://www.keycloak.org/docs/latest/server_development/index.html#_user-storage-spi




回答2:


Check Keycloak Custom User Federation

It means that, to use diffirent datasource (or process) while Keycloak username / password login

see =>

  1. https://github.com/keycloak/keycloak-documentation/blob/master/server_development/topics/user-storage/simple-example.adoc
  2. https://tech.smartling.com/migrate-to-keycloak-with-zero-downtime-8dcab9e7cb2c github => (https://github.com/Smartling/keycloak-user-migration-provider)

First link => explaining how to configure external db to keycloak.

Second link (need changes)=> these examplecan change like that,

  • you can create a custom federation implementation,
  • it will be call your service,
  • your service will be query your db
  • your service will response your result

Second example(my suggestion) will be abstract your custom code (federation process, your service) and keycloak. Keycloak ony call your service, everything else are your implementation.



来源:https://stackoverflow.com/questions/50087867/keycloak-user-federation-using-existing-mysql-database-for-users-authentication

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!