A point to note I have the realm id or realm name after the user
authenticates and gets the token.
On Tue, Aug 25, 2015 at 2:18 PM, Satyajit Das <satyajit.das(a)spire2grow.com>
wrote:
Hi Team,
I have some query on multi tenancy.
Scenario:
a)
I have a webservice (named: SampleService) that is to be shared across
multi tenants , i.e in other words, the service will be present in multiple
realms.
The number of realms are dynamic, they can be increased based on new
client onboard.
Configuration:
I have multiple keycloak.json files present in resource folder of
SampleService such as:
realm1-keycloak.json
realm2-keycloak.json.
TO resolve this multiple jsons, I have a path resolver in web.xml of
SampleService:
<context-param>
<param-name>keycloak.config.resolver</param-name>
<param-value>com.crunchify.restjersey.PathBasedKeycloakConfigResolver</param-value>
</context-param>
b)
I have a UI application, that gets authenticated by calling the the
service to get the token:
example
new HttpPost(KeycloakUriBuilder.fromUri("http://localhost:8080/auth")
.path(ServiceUrlConstants.TOKEN_PATH).build(realmName));
Now My question is. I have the token for a particular realm(say realm1)
and I want to call the SampleService using that token. How will
SampleService come to know which keycloakJson to use to resolve the token
validation:
Note my service call URI doesn't change as per realm: example:
URI are
localhost:8080/sampleService/getRequsitionDetails
or
localhost:8080/sampleService/postRequsitionDetails
and not
localhost:8080/sampleService/realm1/getRequsitionDetails
or
localhost:8080/sampleService/realm2/postRequsitionDetails.
Kindly respond to the above case.
Please let me know in case of any issues.