[keycloak-dev] Keycloak in JBoss projects

Marek Posolda mposolda at redhat.com
Fri Jan 9 01:25:02 EST 2015 

On 8.1.2015 11:25, Stian Thorgersen wrote:
> There's a lot of JBoss projects already integrating or looking at using Keycloak:
>
> * AeroGear UPS
> * LiveOak
> * RTGov
> * Hawt.io
> * Fabric8
> * Fuse
> * S-RAMP
> * APIMan
> * ...
>
> I think now is the time to make sure we can provide the best and consistent experience for all projects. With that regards there's improvements we can make:
>
> * Embeddable Keycloak - provide a slimmed down profile of Keycloak that can easily be embedded into existing projects. The big question here is should we support deploying to other containers than WildFly? I reckon as long as projects support other projects and we want to be the main auth solution we do. I'd hate to see projects having to provide alternative mechanisms themselves to continue to support Tomcat for example
+1

I think that at least some basic support of auth-server on other 
containers would be good. For example, if I am site administrator with 
my applications running on Jetty in production, then I would look for 
SSO/OIDC solution, which would run on Jetty too. Having my apps on Jetty 
and auth-server on separate WF/EAP6 is overkill. Many tomcat/jetty/etc. 
based deployments would go for different sso than keycloak due to this imo.

Maybe it could be really some slimmed down solution, which won't support 
all the features (like CLI for example). As long as it allows add/remove 
providers and themes and configure them through keycloak-server.json, it 
should be ok imo.

As first thing, it seems that we may need osgi bundling of auth-server 
running on jetty server on fuse/karaf. Currently hawtio and fuse 
integration always requires external keycloak, which is a bit 
limiting... It's something I can look into in near future (likely after 
finish kerberos and other features with bigger priority).

Marek
> * External Keycloak - make it simpler to link a project to an external Keycloak, including sharing the master realm for SSO to all consoles
> * Configuration - for both embeddable and external we need to make it easier for projects to bootstrap and update application configuration (for example if hostname changes)
> * Unified console - we need to align better with PatternFly and RCUE. We should also provide a mechanism for linking between consoles
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev

More information about the keycloak-dev mailing list