[aerogear-dev] Keycloak user/roles management
Bruno Oliveira
bruno at abstractj.org
Mon May 26 08:10:57 EDT 2014
Good morning peeps, after the latest change[1] correct me if I'm wrong. But
I think KC and UPS will do pretty much what we need.
We have a push admin and the super user on KC side enabled. Let me know
if that is what you need and I will take a look at viewer role.
[1] -
https://github.com/aerogear/aerogear-unifiedpush-server/commit/3e118b1c758493942ef2a00e1541302a03e5519c
On 2014-05-21, Matthias Wessendorf wrote:
> Just a thought... regarding those two roles 'PushAdmin' and 'Super-User',
> IMO the Super-user should be able to see all apps (and their variants,
> including registered devices).
>
>
>
>
> On Wed, May 21, 2014 at 2:55 PM, Bruno Oliveira <bruno at abstractj.org> wrote:
>
> > Thank you Matthias, I will look at it and return back with more
> > questions if necessary.
> >
> > On 2014-05-21, Matthias Wessendorf wrote:
> > > Hello,
> > >
> > > yes - the handling is done by Keycloak itself; Last time we looked at
> > user
> > > management, we had the following in terms of roles:
> > >
> > > https://gist.github.com/sebastienblanc/6547605
> > >
> > > Not sure the names of these roles are great.... let's see
> > >
> > > Basically I think the role definition in the gist still addresses most of
> > > what we want to archive:
> > > * super-user: in charge of managing the UPS realm (including users); can
> > > see _ALL_ push applications (that's the admin in Sebi's gist)
> > > * PushAdmin: Someone that can manage applications and variants, but is
> > not
> > > able to add new users; he also sees only his applications/variants etc
> > > (that's the developer in sebis gist)
> > >
> > > The gist also contains a 'Viewer' role - At this point I am not sure we
> > do
> > > really need this. My impression is that if we have PushAdmins for our
> > 1.0.0
> > > community release that will be enough.
> > >
> > > -Matthias
> > >
> > >
> > >
> > >
> > > On Tue, May 20, 2014 at 10:02 PM, Bruno Oliveira <bruno at abstractj.org
> > >wrote:
> > >
> > > > Good morning peeps,
> > > >
> > > > Before I jump in https://issues.jboss.org/browse/AGPUSH-639. I would
> > > > like to understand what do you guys want say with this issue.
> > > >
> > > > Currently Keycloak already has its own user/roles managements. What do
> > > > you guys are looking for? Any specific requirements?
> > > >
> > > > --
> > > >
> > > > abstractj
> > > > _______________________________________________
> > > > aerogear-dev mailing list
> > > > aerogear-dev at lists.jboss.org
> > > > https://lists.jboss.org/mailman/listinfo/aerogear-dev
> > > >
> > >
> > >
> > >
> > > --
> > > Matthias Wessendorf
> > >
> > > blog: http://matthiaswessendorf.wordpress.com/
> > > sessions: http://www.slideshare.net/mwessendorf
> > > twitter: http://twitter.com/mwessendorf
> >
> > > _______________________________________________
> > > aerogear-dev mailing list
> > > aerogear-dev at lists.jboss.org
> > > https://lists.jboss.org/mailman/listinfo/aerogear-dev
> >
> >
> > --
> >
> > abstractj
> > _______________________________________________
> > aerogear-dev mailing list
> > aerogear-dev at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/aerogear-dev
> >
>
>
>
> --
> Matthias Wessendorf
>
> blog: http://matthiaswessendorf.wordpress.com/
> sessions: http://www.slideshare.net/mwessendorf
> twitter: http://twitter.com/mwessendorf
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev
--
abstractj
More information about the aerogear-dev
mailing list