On Mon, Oct 13, 2014 at 4:08 PM, Egor Kolesnikov <egor.kolesnikov@fastlane-it.com> wrote:

Hi Matthias

 

I do understand that Aerogear is quite young product and may not have all features yet


AeroGear is more, than just its UPS (UnifiedPush Server) - which we are talking about here :) 
 

– just need to understand your vision of the project to align our further development appropriately.

 

Having said that, I can see two possible integration options with projects like ours:

1.       Aerogear+Keycloak combo used for “all things auth” (this will require unlocking master/admin user);

moving forward, I'd like us to go there. Again it was just done to limit the initial scope of the UPS

 

2.       Configuring Aerogear to use external Keycloak installation.

we have had discussions about that too. that it should be possible to have our UnifiedPush Server on one machine, and a standalone keycloak server, that is used for more. not just UPS

 

Option 1 appears to be the easiest way around, whether Option 2 looks like the most appropriate solution in the SSO world – as in, there’s still a “single” sign-on point which is used by all third-party systems. If I understand correctly, this could possibly be as easy as setting up auth-server-url property in Aerogear’s keycloak.json so it delegates to external Keycloak instance instead of using its “own” one.

 

I’m happy to spend some time investigating and experimenting with both options.

 

Cheers

Egor

 

 

 

From: aerogear-dev-bounces@lists.jboss.org [mailto:aerogear-dev-bounces@lists.jboss.org] On Behalf Of Matthias Wessendorf
Sent: Tuesday, 14 October 2014 12:49 AM


To: AeroGear Developer Mailing List
Subject: Re: [aerogear-dev] Using existing Keycloak installation with Aerogear

 

 

 

On Mon, Oct 13, 2014 at 3:40 PM, Egor Kolesnikov <egor.kolesnikov@fastlane-it.com> wrote:

Hi Matthias

 

That’s correct – we are already using Keycloak to secure our RESTful APIs for mobile and web client access. Not that having separate installation for exclusive Aerogear is a dealbreaker, but it would re-introduce the problem Keycloak was supposed to solve in the first place J

 

fully understand! But we, initially, felt like limiting a bit. that said, we are flexible and there might be a chance to have this changed 

 

 

I can see that UpsSecurityApplication class kills off Keycloak admin user in master realm – would it break anything if I disabled this feature and started using Aerogear-supplied Keycloak for other purposes on separate realms?

 

I don't think so (not tested). I recall we did this mainly to avoid adding new realms

 

 

Our use case is mobile app (iOS+android), backend and AngularJS-based web frontend and so far Keycloak fits our purpose like a glove. Now that we’re adding Push notification support, Aerogear appears to be quite logical choice.

 

 

sounds great!

 

 

Thanks

Egor

 

From: aerogear-dev-bounces@lists.jboss.org [mailto:aerogear-dev-bounces@lists.jboss.org] On Behalf Of Matthias Wessendorf
Sent: Tuesday, 14 October 2014 12:29 AM
To: AeroGear Developer Mailing List
Subject: Re: [aerogear-dev] Using existing Keycloak installation with Aerogear

 

Hi,

 

for the UnifiedPush Server the initial integration case was to function only for the need of the AeroGear UnifiedPush server.

 

So, looks like, you'd appreciate a bit more flexibility, to basically use the auth-server for other apps as well ?

 

 

 

On Mon, Oct 13, 2014 at 3:18 PM, ekolesnikov <ek@fastlane-it.com> wrote:

Hi,

Apologies for writing straight into DEV forums - I was unable to locate
"aerogear-users" mailing list anywhere. Please feel free to point me to the
right direction if this mailing list is inappropriate for questions like
this.

Is it possible to use/integrate Aerogear with existing Keycloak
installation? We are already using Keycloak for all things auth in our
application and have found ourselves in the situation where we potentially
have to manage separate infrastructure - which makes the whole point of
using Keycloak a bit irrelevant.

As an alternative, we could consider using Keycloak supplied with with
Aerogear - unfortunately, it looks like Aerogear has disabled Keycloak
option to create additional realms.

I would really appreciate it if you could share your thought on this.

Thanks
Egor



--
View this message in context: http://aerogear-dev.1069024.n5.nabble.com/Using-existing-Keycloak-installation-with-Aerogear-tp9440.html
Sent from the aerogear-dev mailing list archive at Nabble.com.
_______________________________________________
aerogear-dev mailing list
aerogear-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev



 

--
Matthias Wessendorf

blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf

 

This email is free from viruses and malware because avast! Antivirus protection is active.

 


_______________________________________________
aerogear-dev mailing list
aerogear-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev



 

--
Matthias Wessendorf

blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf



This email is free from viruses and malware because avast! Antivirus protection is active.



_______________________________________________
aerogear-dev mailing list
aerogear-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev



--
Matthias Wessendorf

blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf