
<html>

  <head>

    <meta content="text/html; charset=ISO-8859-1"

      http-equiv="Content-Type">

  </head>

  <body text="#000000" bgcolor="#FFFFFF">

    <div class="moz-cite-prefix">On 7/1/2014 8:32 AM, Toma&#382; Cerar wrote:<br>

    </div>

    <blockquote

cite="mid:CAMquZP4k-NR0TCmV39o7=QJRgTaFLLGETtVkb0OwC4xoTjigiA@mail.gmail.com"

      type="cite">

      <div dir="ltr">

        <div class="gmail_extra"><br>

          <div class="gmail_quote">On Tue, Jul 1, 2014 at 2:25 PM,

            Vaclav Tunka <span dir="ltr">&lt;<a moz-do-not-send="true"

                href="mailto:vtunka@redhat.com" target="_blank">vtunka@redhat.com</a>&gt;</span>

            wrote:<br>

            <blockquote class="gmail_quote" style="margin:0 0 0

              .8ex;border-left:1px #ccc solid;padding-left:1ex">

              <div id=":dl2" class="a3s" style="overflow:hidden">My

                impression is Keycloak does not belong into the

                categories<br>

                above, but maybe I don't know all the details.</div>

            </blockquote>

          </div>

          <br>

          <br>

        </div>

        <div class="gmail_extra">You don't have all details, but your

          reasoning is completely sound.<br>

          <br>

        </div>

        <div class="gmail_extra">

          Idea is to have keycloak auth mechanism as an option to have

          SSO for admin console.<br>

        </div>

        <div class="gmail_extra">But that doesn't mean it needs all

          those dependencies in the core.<br>

          <br>

        </div>

        <div class="gmail_extra">

          We need to distinguish between, auth mechanism that should go

          to domain-http<br>

          and keycloak subsystem which is completely different beast and

          should go to probably full distro.<br>

        </div>

      </div>

    </blockquote>

    We don't necessarily need the keycloak subsystem in order to use

    keycloak for authenticating domain-http.&nbsp; But keycloak subsystem is

    not the thing that pulls in all the dependencies.&nbsp; It's the keycloak

    adapter that does this.<br>

    <br>

    So if we want keycloak to authenticate domain-http out of the box

    then we have to include all this stuff with it.&nbsp; That wasn't a

    problem before the split.&nbsp; Almost everything it needed was already

    there.<br>

    <br>

    <blockquote

cite="mid:CAMquZP4k-NR0TCmV39o7=QJRgTaFLLGETtVkb0OwC4xoTjigiA@mail.gmail.com"

      type="cite">

      <div dir="ltr">

        <div class="gmail_extra"><br>

          --<br>

        </div>

        <div class="gmail_extra">

          tomaz<br>

        </div>

      </div>

      <br>

      <fieldset class="mimeAttachmentHeader"></fieldset>

      <br>

      <pre wrap="">_______________________________________________

wildfly-dev mailing list

<a class="moz-txt-link-abbreviated" href="mailto:wildfly-dev@lists.jboss.org">wildfly-dev@lists.jboss.org</a>

<a class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/wildfly-dev">https://lists.jboss.org/mailman/listinfo/wildfly-dev</a></pre>

    </blockquote>

    <br>

  </body>

</html>