[keycloak-dev] Can KeyCloack be used without any passwords?

Gabriel Cardoso gcardoso at redhat.com
Wed Dec 11 15:10:02 EST 2013


To keep the alignment between the label and the element at its right, labels that occupy two lines must have the class="two-lines" ;)

On Dec 11, 2013, at 4:29 PM, Stian Thorgersen wrote:

> I just realized why there may have been some confusion on the social login and creation of users.
> 
> Showing the registration form on first social login is optional, but the option to disable has disappeared from the admin console. I've just committed a fix for this.
> 
> ----- Original Message -----
>> From: "Matt Casperson" <mcaspers at redhat.com>
>> To: "Bill Burke" <bburke at redhat.com>
>> Cc: keycloak-dev at lists.jboss.org
>> Sent: Saturday, 7 December, 2013 8:20:51 PM
>> Subject: Re: [keycloak-dev] Can KeyCloack be used without any passwords?
>> 
>> I certainly don't mean to downplay the value of being able to manage
>> accounts. Being able to assign custom roles that are not reflected in
>> LDAP/AD is going to be important, and necessary for social logins. And even
>> though we would prefer not deal with local passwords, being able to support
>> that feature with a toggle in a UI is a selling point.
>> 
>> Regards
>> 
>> Matthew Casperson
>> RHCE, RHCJA # 111-072-237
>> Engineering Content Services
>> Brisbane, Australia
>> 
>> 
>> From: "Bill Burke" <bburke at redhat.com>
>> To: keycloak-dev at lists.jboss.org
>> Sent: Saturday, 7 December, 2013 8:54:21 AM
>> Subject: Re: [keycloak-dev] Can KeyCloack be used without any passwords?
>> 
>> On 12/6/2013 4:35 PM, Matt Casperson wrote:
>>> If KeyCloak could give us the ability to defer account and password
>>> management entirely to social logins or an existing LDAP/AD database
>>> with something as simple as a toggle in the admin console, it would be a
>>> huge win.
>>> 
>> 
>> Keycloak aims to be an SSO solution, not an SSO adapter.
>> 
>> For non-social deployments, account management is a huge part of what
>> Keycloak does. Maybe I'm naive in thinking admins will want to use
>> Keycloak to management accounts though.
>> 
>> Even for social deployments, there's a lot of account management
>> involved, i.e. managing oauth grants, registering devices, all things we
>> want to be able to do.
>> 
>> 
>> What is stored in LDAP/AD databases usually? user/password/credentials
>> only? What about permissions/role mappings? Is doing a background sync
>> to an LDAP/AD database not something people are going to want to do?
>> Syncing means credentials are copied.
>> 
>> Bill
>> 
>> --
>> Bill Burke
>> JBoss, a division of Red Hat
>> http://bill.burkecentral.com
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>> 
>> 
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>> 
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev


--
Gabriel Cardoso
GateIn Portal | User Experience Designer


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20131211/d4a62009/attachment.html 


More information about the keycloak-dev mailing list