[keycloak-dev] dynamic key look and relative uri support added
Bill Burke
bburke at redhat.com
Tue May 6 07:36:06 EDT 2014
On 5/6/2014 4:56 AM, Stian Thorgersen wrote:
>
>
> ----- Original Message -----
>> From: "Bill Burke" <bburke at redhat.com>
>> To: keycloak-dev at lists.jboss.org
>> Sent: Friday, 2 May, 2014 6:05:05 PM
>> Subject: [keycloak-dev] dynamic key look and relative uri support added
>>
>> * For adapter config, you can now leave out the realm's public key as
>> long as you have a valid auth-server-url. Keycloak will now ping this
>> auth server to obtain the public key for the realm.
>>
>> * The adapter config supports a relative URI for the auth-server-url.
>> It will use the current requests scheme, host, and port to create urls.
>> A relative url examples is: "/auth"
>>
>> * The auth server supports relative URLS for redirect urls, admin urls,
>> and base urls. i.e. "/customer-portal/*". The current request is used
>> to to build the redirect url to validate against, THe scheme, host, and
>> port is used.
>>
>> With these changes, it makes it a bit easier to bundle preconfigured
>> apps and keycloak on a single server. Hoping this will resolve a bunch
>> of Aerogear issues.
>
> Sounds good - but I wonder if this could be used to redirect to a custom domain?
What do you mean?
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-dev
mailing list