9:53 a.m.
The use case for me is to use multiple realms for authentication (e.g.
one realm for each organisation) that can access a single application
using a common set of roles.
Its sort of discussed from a different perspective on the apiman list here:
http://lists.jboss.org/pipermail/apiman-user/2015-October/000361.html
Tim
On 14/10/2015 15:34, Bill Burke wrote:
No, we are not creatin "global" groups and roles. use case
please?.
We're trying to keep realms isolated from one another.
On 10/14/2015 7:29 AM, Tim Dudgeon wrote:
> The scope of this is presumably groups within an individual realm?
> Is there any possibility for "global" groups and roles that can span
> multiple realms?
>
> Tim
>
> On 13/10/2015 17:18, Bill Burke wrote:
>> You just want something like github groups? List your requirements.
>>
>> I am starting on Groups next week after 1.6 goes out.
>>
>> On 10/13/2015 9:11 AM, Subhrajyoti Moitra wrote:
>>> Thanks Stian for the update. any more details about this group feature,
>>> if you can pl share?
>>> We are using composite roles currently to manage "business
groups".
>>> Since the group definitions are fixed and mutually exclusive, we are
>>> able to manage it with composite roles.
>>>
>>> Regards,
>>> Subhro.
>>>
>>> On Tue, Oct 13, 2015 at 4:39 PM, Stian Thorgersen <sthorger(a)redhat.com
>>> <mailto:sthorger@redhat.com>> wrote:
>>>
>>> We are also planning on introducing groups soon. Users will be able
>>> to belong to one or more groups and a group can have roles and/or
>>> attributes associated with it.
>>>
>>> On 13 October 2015 at 12:58, Subhrajyoti Moitra
>>> <subhrajyotim(a)gmail.com <mailto:subhrajyotim@gmail.com>>
wrote:
>>>
>>> I think u can investigate composite-roles for the same.
>>> http://keycloak.github.io/docs/userguide/html/roles.html#d4e2207
>>>
>>> The composite-roles can be client specific roles re-presenting
>>> your organizations, and keycloak roles can be the actual
>>> "business roles" under these composite roles.
>>>
>>> HTH.
>>> Subhro.
>>>
>>> On Tue, Oct 13, 2015 at 4:13 PM, Kunal K <kunal(a)plivo.com
>>> <mailto:kunal@plivo.com>> wrote:
>>>
>>> Hi all,
>>>
>>> I am setting up an SSO server and i'm evaluating both CAS
>>> and Keycloak. One of my main requirements is letting users
>>> have multiple teams and be a part of multiple organizations.
>>> I'm trying to wrap my head around how to do this in
>>> Keycloak. Something on the lines of what Github does -
>>> https://github.com/blog/674-introducing-organizations As an
>>> evaluation process, I've already created a POC using CAS.
>>>
>>> I would really appreciate any pointers on how to do this
>>> with Keycloak.
>>>
>>> Best,
>>>
>>> Kunal
>>>
>>>
>>> --
>>> *KUNAL KERKAR *| PRODUCT ENGINEER
>>> Plivo, Inc. 340 Pine St, San Francisco - 94104, USA
>>> Web: www.plivo.com <http://www.plivo.com/> | Twitter:
@plivo
>>> <http://twitter.com/plivo>;, @tsudot
<http://twitter.com/tsudot>
>>>
>>>
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user(a)lists.jboss.org
>>> <mailto:keycloak-user@lists.jboss.org>
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>>
>>>
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user(a)lists.jboss.org
<mailto:keycloak-user@lists.jboss.org>
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user(a)lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>