[keycloak-dev] Query on multi Tenancy
Satyajit Das
satyajit.das at spire2grow.com
Tue Aug 25 04:55:11 EDT 2015
A point to note I have the realm id or realm name after the user
authenticates and gets the token.
On Tue, Aug 25, 2015 at 2:18 PM, Satyajit Das <satyajit.das at spire2grow.com>
wrote:
> Hi Team,
>
> I have some query on multi tenancy.
>
> Scenario:
>
> a)
> I have a webservice (named: SampleService) that is to be shared across
> multi tenants , i.e in other words, the service will be present in multiple
> realms.
>
> The number of realms are dynamic, they can be increased based on new
> client onboard.
>
> Configuration:
> I have multiple keycloak.json files present in resource folder of
> SampleService such as:
> realm1-keycloak.json
> realm2-keycloak.json.
>
> TO resolve this multiple jsons, I have a path resolver in web.xml of
> SampleService:
> <context-param>
> <param-name>keycloak.config.resolver</param-name>
>
> <param-value>com.crunchify.restjersey.PathBasedKeycloakConfigResolver</param-value>
> </context-param>
>
>
> b)
> I have a UI application, that gets authenticated by calling the the
> service to get the token:
> example
> new HttpPost(KeycloakUriBuilder.fromUri("http://localhost:8080/auth")
> .path(ServiceUrlConstants.TOKEN_PATH).build(realmName));
>
> Now My question is. I have the token for a particular realm(say realm1)
> and I want to call the SampleService using that token. How will
> SampleService come to know which keycloakJson to use to resolve the token
> validation:
>
> Note my service call URI doesn't change as per realm: example:
> URI are
> localhost:8080/sampleService/getRequsitionDetails
> or
> localhost:8080/sampleService/postRequsitionDetails
>
> and not
>
> localhost:8080/sampleService/realm1/getRequsitionDetails
> or
> localhost:8080/sampleService/realm2/postRequsitionDetails.
>
>
> Kindly respond to the above case.
>
> Please let me know in case of any issues.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20150825/04d66764/attachment.html
More information about the keycloak-dev
mailing list