[aerogear-dev] Using existing Keycloak installation with Aerogear

Egor Kolesnikov egor.kolesnikov at fastlane-it.com
Mon Oct 13 10:08:34 EDT 2014 

Hi Matthias 

 

I do understand that Aerogear is quite young product and may not have all features yet – just need to understand your vision of the project to align our further development appropriately.

 

Having said that, I can see two possible integration options with projects like ours:

1.       Aerogear+Keycloak combo used for “all things auth” (this will require unlocking master/admin user);

2.       Configuring Aerogear to use external Keycloak installation.

Option 1 appears to be the easiest way around, whether Option 2 looks like the most appropriate solution in the SSO world – as in, there’s still a “single” sign-on point which is used by all third-party systems. If I understand correctly, this could possibly be as easy as setting up auth-server-url property in Aerogear’s keycloak.json so it delegates to external Keycloak instance instead of using its “own” one.

 

I’m happy to spend some time investigating and experimenting with both options.

 

Cheers

Egor 

 

 

 

From: aerogear-dev-bounces at lists.jboss.org [mailto:aerogear-dev-bounces at lists.jboss.org] On Behalf Of Matthias Wessendorf
Sent: Tuesday, 14 October 2014 12:49 AM
To: AeroGear Developer Mailing List
Subject: Re: [aerogear-dev] Using existing Keycloak installation with Aerogear

 

 

 

On Mon, Oct 13, 2014 at 3:40 PM, Egor Kolesnikov <egor.kolesnikov at fastlane-it.com <mailto:egor.kolesnikov at fastlane-it.com> > wrote:

Hi Matthias

 

That’s correct – we are already using Keycloak to secure our RESTful APIs for mobile and web client access. Not that having separate installation for exclusive Aerogear is a dealbreaker, but it would re-introduce the problem Keycloak was supposed to solve in the first place :)

 

fully understand! But we, initially, felt like limiting a bit. that said, we are flexible and there might be a chance to have this changed 

 

 

I can see that UpsSecurityApplication class kills off Keycloak admin user in master realm – would it break anything if I disabled this feature and started using Aerogear-supplied Keycloak for other purposes on separate realms?

 

I don't think so (not tested). I recall we did this mainly to avoid adding new realms

 

 

Our use case is mobile app (iOS+android), backend and AngularJS-based web frontend and so far Keycloak fits our purpose like a glove. Now that we’re adding Push notification support, Aerogear appears to be quite logical choice.

 

 

sounds great!

 

 

Thanks

Egor

 

From: aerogear-dev-bounces at lists.jboss.org <mailto:aerogear-dev-bounces at lists.jboss.org>  [mailto:aerogear-dev-bounces at lists.jboss.org <mailto:aerogear-dev-bounces at lists.jboss.org> ] On Behalf Of Matthias Wessendorf
Sent: Tuesday, 14 October 2014 12:29 AM
To: AeroGear Developer Mailing List
Subject: Re: [aerogear-dev] Using existing Keycloak installation with Aerogear

 

Hi,

 

for the UnifiedPush Server the initial integration case was to function only for the need of the AeroGear UnifiedPush server.

 

So, looks like, you'd appreciate a bit more flexibility, to basically use the auth-server for other apps as well ?

 

 

 

On Mon, Oct 13, 2014 at 3:18 PM, ekolesnikov <ek at fastlane-it.com <mailto:ek at fastlane-it.com> > wrote:

Hi,

Apologies for writing straight into DEV forums - I was unable to locate
"aerogear-users" mailing list anywhere. Please feel free to point me to the
right direction if this mailing list is inappropriate for questions like
this.

Is it possible to use/integrate Aerogear with existing Keycloak
installation? We are already using Keycloak for all things auth in our
application and have found ourselves in the situation where we potentially
have to manage separate infrastructure - which makes the whole point of
using Keycloak a bit irrelevant.

As an alternative, we could consider using Keycloak supplied with with
Aerogear - unfortunately, it looks like Aerogear has disabled Keycloak
option to create additional realms.

I would really appreciate it if you could share your thought on this.

Thanks
Egor



--
View this message in context: http://aerogear-dev.1069024.n5.nabble.com/Using-existing-Keycloak-installation-with-Aerogear-tp9440.html
Sent from the aerogear-dev mailing list archive at Nabble.com.
_______________________________________________
aerogear-dev mailing list
aerogear-dev at lists.jboss.org <mailto:aerogear-dev at lists.jboss.org> 
https://lists.jboss.org/mailman/listinfo/aerogear-dev





 

-- 
Matthias Wessendorf 

blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf 

 

  _____  


 <http://www.avast.com/> 

This email is free from viruses and malware because avast! Antivirus <http://www.avast.com/>  protection is active. 

 


_______________________________________________
aerogear-dev mailing list
aerogear-dev at lists.jboss.org <mailto:aerogear-dev at lists.jboss.org> 
https://lists.jboss.org/mailman/listinfo/aerogear-dev





 

-- 
Matthias Wessendorf 

blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf 



---
This email is free from viruses and malware because avast! Antivirus protection is active.
http://www.avast.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/aerogear-dev/attachments/20141014/6fc193f4/attachment.html

More information about the aerogear-dev mailing list