[Hawkular-dev] Tenancy model (was Re: Do not depend on Keycloak anymore)

Thomas Segismont tsegismo at redhat.com
Mon Apr 18 12:43:59 EDT 2016


2016-04-18 17:14 GMT+02:00 Juraci Paixão Kröhling <jpkroehling at redhat.com>:

> On 18.04.2016 16:57, Juraci Paixão Kröhling wrote:
> > On 15.04.2016 15:14, Juraci Paixão Kröhling wrote:
> >> On 15.04.2016 14:43, Heiko W.Rupp wrote:
> >>> Yes, that *may* require a change. Or not if we e.g. have
> >>> - accounts-keycloak
> >>> - accounts-jaas
> >>> where the latter does the mapping as a jaas provider/plugin.
> >
> > I'm still not convinced why we would need two modules. If we assume that
> > Hawkular is similar to a database, in the sense that end users have no
> > access to it, then there would be no need for any advanced feature from
> > Keycloak. Plain JAAS would suffice.
> >
>
> Sent without finishing :)
>
> Another aspect that comes with the removal of the dependency on Keycloak
> is surrounding tenancy. We don't have the same requirements as before,
> and in the case described above where Hawkular could be seen as a
> "database", the tenancy would/should be managed on the user-facing
> application.
>
> This means that we'd have a breaking change for components like
> Inventory and Metrics, where the tenant is currently the same as the
> persona, which in turn is derived from the logged in user (or
> organization selected on the account switcher). Not having a tenancy
> model anymore means that all users are of the same tenant, so,
> components that care about tenancy should be changed.
>
> Note that there are two ways of interpreting "tenancy" here: the first
> is about how data is stored, and the second is how data is accessed.
> Previously, a tenant would write and read only its own data. Now, tenant
> is just another piece of the data, so, components would not actively
> check if the data belongs to the current user. We trust that the
> user-facing application is performing these checks.
>

If we don't check that the authenticated user can only access the data he
is entitled to read, it's not good. It's protecting your web application
with client side checks only.


>
> - Juca.
> _______________________________________________
> hawkular-dev mailing list
> hawkular-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/hawkular-dev
>



-- 
Thomas Segismont
JBoss ON Engineering Team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/hawkular-dev/attachments/20160418/bb97403d/attachment.html 


More information about the hawkular-dev mailing list