Provides a Keycloak user federation provider for migrating users from a legacy system to Keycloak with zero downtime. For more information, read our post, Migrate to Keycloak with Zero Downtime on the Smartling Engineering Blog.

1. Replace your legacy login system with Keycloak without downtime
2. Migrate users to Keycloak without having to reset their passwords
3. If something totally unexpected goes wrong with your new system launch, you can roll back with little to no user facing impact

1. The user-migration-federation-provider
2. A sample legacy-user-app
3. A portal-demo service set up as a Keycloak client

The Smartling user federation provider will import your users on demand into Keycloak's local storage, including username and password validation with the legacy system. For an in depth look at how on demand user migration works, read our post, Migrate to Keycloak with Zero Downtime on the Smartling Engineering Blog.

Download Keycloak 1.7.0.Final and unzip / un-tar it.

Clone this repository to your local workstation. You will have to edit gradle.properties to point to the location where you installed Keycloak 1.7.0.Final. This location should not contain spaces in the path.

To install the Federation and configure Keycloak:

From this repository, run:

./gradlew deployModules
cd <path to keycloak>

Open standalone/configuration/keycloak-server.json with your preferred text editor. Update the "providers" configuration to include module:net.smartling.provider.federation:

"providers": [
  "classpath:${jboss.server.config.dir}/providers/*",
  "module:net.smartling.provider.federation"
],

The federation provider can now be used from Keycloak.

This project contains two sample applications as noted above. The first behaves as a legacy user service maintaining user information for the sample company. The second is a portal service that simply displays information about the logged in user.

The steps below outline how use the examples.

Start Keycloak, if it isn't already running, and log into the master realm as admin. Import the included demo-realm.json file.

From the location you cloned this repository into, start the legacy user service.

$ ./gradlew :legacy-user-app:bootRun

From the location you cloned this repository into, start the demo portal.

$ ./gradlew :portal-demo:bootRun

Open http://localhost:9082 in your web browser. You can log in as any of the sample users in the legacy user service.

The included sample users are:

• [email protected]
• [email protected]
• [email protected]

For simplicity, all of the user's passwords are Martini4.