[keycloak-dev] Multi tenancy support - a proposal to discuss

Stan Silvert ssilvert at redhat.com
Wed Oct 22 08:56:46 EDT 2014 

And I thought you were being so kind to offer help.  :-)

On 10/22/2014 8:35 AM, Bill Burke wrote:
> I was talking to Juraci. :)
>
> On 10/22/2014 7:51 AM, Stan Silvert wrote:
>> On 10/21/2014 5:26 PM, Bill Burke wrote:
>>> Would be cool if you added a unit test and documentation for this
>>> feature.  If you need some help with that, let me know.
>> I'll definitely be writing doco for this and the rest of the subsystem
>> changes.  I will let you know if I need help with unit tests.
>>> On 10/21/2014 9:43 AM, Juraci Paixão Kröhling wrote:
>>>> -----BEGIN PGP SIGNED MESSAGE-----
>>>> Hash: SHA512
>>>>
>>>> On 10/21/2014 02:45 PM, Stan Silvert wrote:
>>>>> I don't know if this helps your use case, but you will soon be able
>>>>> to deploy more than one Keycloak Auth Server in the same WildFly
>>>>> instance. Each server will have a different web context and be
>>>>> completely independent.
>>>>>
>>>>> So you would have something like:
>>>>> http://localhost:8080/authserverone/admin/index.html
>>>>> http://localhost:8080/authservertwo/admin/index.html
>>>>>
>>>>> In standalone.xml, you will have: <subsystem
>>>>> xmlns="urn:jboss:domain:keycloak:1.0"> <auth-server
>>>>> name="authserverone"> <enabled>true</enabled>
>>>>> <web-context>authserverone</web-context> </auth-server>
>>>>> <auth-server name="authservertwo"> <enabled>true</enabled>
>>>>> <web-context>authservertwo</web-context> </auth-server>
>>>>> </subsystem>
>>>>>
>>>>> You will also need to associate each one with a different
>>>>> datasource using keycloak-server.json.
>>>> That sounds like an interesting scenario, but won't help on this case,
>>>> as the users would register an account themselves. So, either we would
>>>> need to provision Keycloak servers on demand, or we would use one
>>>> realm per account, which is the approach I was thinking.
>>>>
>>>> - - Juca.
>>>> -----BEGIN PGP SIGNATURE-----
>>>> Version: GnuPG v1
>>>>
>>>> iQEcBAEBCgAGBQJURmLrAAoJEDnJtskdmzLMjKQIAI65gLH+J8o2bX6HpESeWey9
>>>> KTVv7y29Le/oTtzbCQy3TOdGD0YYm8f0jZLjG6d7hvYPi6Mfc9DF7NiVjpFtRh/m
>>>> 5EaZe8EoXNZBoWPELKR3xKxIxEzWeujvRVyRl6BYRoPlmSZV1Gb73BINjckABW+D
>>>> ovZk/8WoFy3XMT2EmpLBcwZaWR70IPd7ELFcK/mmPz7emJQD1l7q8zAue8//Y0kr
>>>> U4Lxo1LXG5Fbm48JIs1dY2xIq3X8EAAxJt3g8llM4/uwc9kb6DxsmkU+g8wXMgTV
>>>> Vy6Klw0RKj6jjl3/Q4/gYVdmF6BgtSWqhlqaj+5ajeqWdH4MykcYPbUPek5e6iE=
>>>> =Z5ws
>>>> -----END PGP SIGNATURE-----
>>>> _______________________________________________
>>>> keycloak-dev mailing list
>>>> keycloak-dev at lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>>>
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>

More information about the keycloak-dev mailing list