[keycloak-dev] [aerogear-dev] Aerogear UPS + Keycloak cartridge combined together POC
kpiwko at redhat.com
Thu Feb 6 08:22:15 EST 2014
On Tue, 4 Feb 2014 20:28:53 +0100
Matthias Wessendorf <matzew at apache.org> wrote:
> On Tue, Feb 4, 2014 at 7:58 PM, Bill Burke <bburke at redhat.com> wrote:
> > On 2/4/2014 12:38 PM, Matthias Wessendorf wrote:
> > > I've added Keycloak AS7 modules to UPS cart but not admin console. I
> > > believe
> > > that Keycloak is SaaS, so usage with two different carts reflect
> > > reality better.
> > > Configuring Keycloak cart once and let all other carts use is seems
> > > the right
> > > way to me.
> > >
> > >
> > > there is IMO pros and cons in both ways
> > >
> > Originally, Keycloak was going to be a SaaS. One internet service where
> > users could register and create their own Realms....But, we decided that
> > users will probably want to have full control of their security metadata
> > and not share a database with other users. Less we have to worry about
> > from a storage security standpoint.
> > IMO, UPS should support bundling its own keycloak server already
> > preconfigured, or, it should hook into an existing keycloak instance.
> exactly - that also makes the user experience way better, running
> everything in the cloud, OOTB
How would we handle "scaling" scenario in cloud? While it does make perfect
sense to scale UPS part of combined cartridge, scaling Keycloak auth app does
not make any sense to me.
> > I
> > don't know if this would require 2 different cartridges, or if you would
> > have an online "installation" UI to make these types of decisions.
> > --
> > Bill Burke
> > JBoss, a division of Red Hat
> > http://bill.burkecentral.com
> > _______________________________________________
> > keycloak-dev mailing list
> > keycloak-dev at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-dev
More information about the keycloak-dev