[keycloak-user] Multi Tenancy
Bill Burke
bburke at redhat.com
Fri Feb 28 09:07:19 EST 2014
On 2/27/2014 11:31 PM, Travis De Silva wrote:
>
> As per your future plans, if we can get a stateless keycloak co-location
> option and also enable external config in a DB when you refactor the
> adapter code, that should cover the needs of most developers who want to
> go beyond the out of the box solutions.
>
> BTW, I hope with the above changes it would be possible to associate one
> war with multiple realms and this is not a core keycloak structure
> design issue.
>
How soon you need this by? Yesterday? ;)
Like I said earlier, I don't think colocation is necessarily a
requirement if we a) provided an option for public clients (don't
require a client secret) or b) you had a shared secret between clients
for all realms. The adapter would just extract the realm name from the
request, invoke on the keycloak server to get the public information
about the realm (i.e. public key), then cache this information locally.
Bill
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-user
mailing list