[keycloak-dev] Simple mode?
Stan Silvert
ssilvert at redhat.com
Mon Feb 23 12:05:47 EST 2015
So SSO would still work but not single log out? That's probably fine
for simple apps.
I think most apps would need some concept of roles. But if you limited
the roles to two hard-coded roles of "user" and "admin" then that would
cover the requirements of a lot of simple applications.
On 2/23/2015 11:28 AM, Bill Burke wrote:
> Conversations with jboss.org guys got me thinking. Should we have a
> "simple mode" for Keycloak where there is no concept of a client,
> application, or roles? In this case,
>
> * applications don't need session mgmt or single log out
> * All applications are hosted under the same domain i.e *.jboss.org
> (issues.jboss.org, forums.jboss.org, etc...)
> * applications just need to know if 1) the user is logged in, 2) the
> username/id
>
> So, "simple mode" would be:
>
> * No applications/client panel
> * No role pages anywhere
> * Realm would have a global javascript referable cookie that contained
> basic information (userid, username, full name). The domain and path
> would be configurable from admin console
> * Realm would have a list of valid redirect URI patterns.
> * Realm would have a default redirect page for unsolicited logins.
>
>
>
>
More information about the keycloak-dev
mailing list