On 7/1/2014 8:32 AM, Tomaz( Cerar wrote:
On Tue, Jul 1, 2014 at 2:25 PM, Vaclav Tunka <vtunka(a)redhat.com
<mailto:vtunka@redhat.com>> wrote:
My impression is Keycloak does not belong into the categories
above, but maybe I don't know all the details.
You don't have all details, but your reasoning is completely sound.
Idea is to have keycloak auth mechanism as an option to have SSO for
admin console.
But that doesn't mean it needs all those dependencies in the core.
We need to distinguish between, auth mechanism that should go to
domain-http
and keycloak subsystem which is completely different beast and should
go to probably full distro.
We don't necessarily need the keycloak subsystem in
order to use
keycloak for authenticating domain-http. But keycloak subsystem is not
the thing that pulls in all the dependencies. It's the keycloak adapter
that does this.
So if we want keycloak to authenticate domain-http out of the box then
we have to include all this stuff with it. That wasn't a problem before
the split. Almost everything it needed was already there.
--
tomaz
_______________________________________________
wildfly-dev mailing list
wildfly-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/wildfly-dev