On 2/22/2014 10:46 PM, Travis De Silva wrote:
I just read the discussions on KEYCLOAK-292 on the developer mailing
list.
http://lists.jboss.org/pipermail/keycloak-dev/2014-February/001378.html
The concept of creating an application under the keycloak-admin realm
for each realm created looks interesting.
When it comes to multi tenancy, I think the issue is around the
application installation process. If there is a way where we don't have
to provide individual application level keycloak.json's or WildFly/JBoss
subsystem XML's, then we are getting closer to multi tenancy. I am
thinking can this be done at a keycloak top level or the ability to use
wildcards for the resource elements in the json.
The application itself needs to be able to handle multiple realms at
once? How would you choose which realm to belong to when initiating a
login? Can you elaborate a bit more on what the flow would look like
(what you want) when interacting with your applications?
Aerogear UPS might be in a similar position as you too, so this is
something I'd like to solve sooner rather than later.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com