From: "Stan Silvert" <ssilvert(a)redhat.com&gt; To: keycloak-dev(a)lists.jboss.org Sent: Thursday, 14 May, 2015 6:31:38 PM Subject: [keycloak-dev] Am I doing this right? Temporary home for Keycloak/Elytron integration is here: https://github.com/ssilvert/keycloak-elytron-temp In looking back over it, I realize I need to ask some general questions. The way the initial realm implementation works is that I implement the Elytron realm interface. Whenever Elytron asks for a user authentication, it calls out to a Keycloak server to validate credentials. The way I'm doing that right now is to use a Direct Access Grant. I adapted some of Bill's code for this purpose: https://github.com/ssilvert/keycloak-elytron-temp/blob/master/realm-impl/... On the Keycloak side, this requires allowing direct access grants on the realm and defining a direct access client. Is there any reason why someone would not want to do this? If so, should I provide some alternate means of authentication?

Stan _______________________________________________ keycloak-dev mailing list keycloak-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-dev