[keycloak-dev] Multi tenancy support - a proposal to discuss
Bill Burke
bburke at redhat.com
Tue Oct 21 17:26:59 EDT 2014
Would be cool if you added a unit test and documentation for this
feature. If you need some help with that, let me know.
On 10/21/2014 9:43 AM, Juraci Paixão Kröhling wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> On 10/21/2014 02:45 PM, Stan Silvert wrote:
>> I don't know if this helps your use case, but you will soon be able
>> to deploy more than one Keycloak Auth Server in the same WildFly
>> instance. Each server will have a different web context and be
>> completely independent.
>>
>> So you would have something like:
>> http://localhost:8080/authserverone/admin/index.html
>> http://localhost:8080/authservertwo/admin/index.html
>>
>> In standalone.xml, you will have: <subsystem
>> xmlns="urn:jboss:domain:keycloak:1.0"> <auth-server
>> name="authserverone"> <enabled>true</enabled>
>> <web-context>authserverone</web-context> </auth-server>
>> <auth-server name="authservertwo"> <enabled>true</enabled>
>> <web-context>authservertwo</web-context> </auth-server>
>> </subsystem>
>>
>> You will also need to associate each one with a different
>> datasource using keycloak-server.json.
>
> That sounds like an interesting scenario, but won't help on this case,
> as the users would register an account themselves. So, either we would
> need to provision Keycloak servers on demand, or we would use one
> realm per account, which is the approach I was thinking.
>
> - - Juca.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
>
> iQEcBAEBCgAGBQJURmLrAAoJEDnJtskdmzLMjKQIAI65gLH+J8o2bX6HpESeWey9
> KTVv7y29Le/oTtzbCQy3TOdGD0YYm8f0jZLjG6d7hvYPi6Mfc9DF7NiVjpFtRh/m
> 5EaZe8EoXNZBoWPELKR3xKxIxEzWeujvRVyRl6BYRoPlmSZV1Gb73BINjckABW+D
> ovZk/8WoFy3XMT2EmpLBcwZaWR70IPd7ELFcK/mmPz7emJQD1l7q8zAue8//Y0kr
> U4Lxo1LXG5Fbm48JIs1dY2xIq3X8EAAxJt3g8llM4/uwc9kb6DxsmkU+g8wXMgTV
> Vy6Klw0RKj6jjl3/Q4/gYVdmF6BgtSWqhlqaj+5ajeqWdH4MykcYPbUPek5e6iE=
> =Z5ws
> -----END PGP SIGNATURE-----
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-dev
mailing list