Re: [keycloak-user] Multi Tenancy
On 2/27/2014 11:31 PM, Travis De Silva wrote:
As per your future plans, if we can get a stateless keycloak co-location
option and also enable external config in a DB when you refactor the
adapter code, that should cover the needs of most developers who want to
go beyond the out of the box solutions.
BTW, I hope with the above changes it would be possible to associate one
war with multiple realms and this is not a core keycloak structure
design issue.
How soon you need this by? Yesterday? ;)
Like I said earlier, I don't think colocation is necessarily a
requirement if we a) provided an option for public clients (don't
require a client secret) or b) you had a shared secret between clients
for all realms. The adapter would just extract the realm name from the
request, invoke on the keycloak server to get the public information
about the realm (i.e. public key), then cache this information locally.
Bill
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com