<div dir="ltr"><br><div class="gmail_extra"><br><br><div class="gmail_quote">On Tue, Feb 4, 2014 at 7:58 PM, Bill Burke <span dir="ltr"><<a href="mailto:bburke@redhat.com" target="_blank">bburke@redhat.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="im"><br>
<br>
On 2/4/2014 12:38 PM, Matthias Wessendorf wrote:<br>
> I've added Keycloak AS7 modules to UPS cart but not admin console. I<br>
> believe<br>
> that Keycloak is SaaS, so usage with two different carts reflect<br>
> reality better.<br>
> Configuring Keycloak cart once and let all other carts use is seems<br>
> the right<br>
> way to me.<br>
><br>
><br>
> there is IMO pros and cons in both ways<br>
><br>
<br>
</div>Originally, Keycloak was going to be a SaaS. One internet service where<br>
users could register and create their own Realms....But, we decided that<br>
users will probably want to have full control of their security metadata<br>
and not share a database with other users. Less we have to worry about<br>
from a storage security standpoint.<br>
<br>IMO, UPS should support bundling its own keycloak server already<br>
preconfigured, or, it should hook into an existing keycloak instance. </blockquote><div><br></div><div><br></div><div>exactly - that also makes the user experience way better, running everything in the cloud, OOTB</div><div>
<br></div><div>-M</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> I<br>
don't know if this would require 2 different cartridges, or if you would<br>
have an online "installation" UI to make these types of decisions.<br>
<div class="im HOEnZb"><br>
--<br>
Bill Burke<br>
JBoss, a division of Red Hat<br>
<a href="http://bill.burkecentral.com" target="_blank">http://bill.burkecentral.com</a><br>
</div><div class="HOEnZb"><div class="h5">_______________________________________________<br>
keycloak-dev mailing list<br>
<a href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a><br>
</div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br>Matthias Wessendorf <br><br>blog: <a href="http://matthiaswessendorf.wordpress.com/" target="_blank">http://matthiaswessendorf.wordpress.com/</a><br>
sessions: <a href="http://www.slideshare.net/mwessendorf" target="_blank">http://www.slideshare.net/mwessendorf</a><br>twitter: <a href="http://twitter.com/mwessendorf" target="_blank">http://twitter.com/mwessendorf</a>
</div></div>