On 7/18/2014 2:00 PM, Steven Pousty wrote:
I was thinking about using Keycloak to provide authentication in an
application I am building. I am building this app to evaluate how
microservices REALLY work rather than all the hype.
I am building a single page app & mobile UI, talking to different REST
services, each of which is a separate application.
Here is a rough picture of all the services.
Reading the doc I see how I can use Keycloak to authenticate if all my
REST endpoints are in the same App Server. Unfortunately, I do not want
to make that assumption for my architecture. Can I still use Keycloak?
All of your rest endpoints don't need to be in the same App Server.
What gave you that impression? The demo is the way it is for setup
Each REST service in your architecture would be a "bearer-only"
application. Just like in the demo where the "database-service" is a
bearer-only application. Users would log in through your "single page
app" and get access token they could use to execute the rest services.
If the mobile client runs in a browser, then it would have to use CORS.
Also something Keycloak supports.
JBoss, a division of Red Hat