[keycloak-user] To LDAP or NOT?

[Christopher Wallace]

We are building a new application with RBAC Security Model, we always
attempt to use as much COTs functionality of our technology stack as
possible. We are working with 1.7 version of KEYCLOAK for SSO (Thank you
for this product by the way) We are at a decision point of where to persist
our users, roles and permissions. We considered LDAP, but then with the
introduction of composite roles into KEYCLOAK there was consolidation could
we support users and roles directly in KEYCLOAK and permissions in our
datastore. My question to the group what is the best practice? Is there
value in having the additional LDAP user repository? Most places my
experience is there is both LDAP or AD and SSO I wanted to keep the email
fairly short, but if you have additional questions please feel free.

Thank You!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20151222/433ae8b3/attachment.html