[keycloak-dev] Shortening URLs

Stian Thorgersen stian at redhat.com
Fri Jan 23 08:52:04 EST 2015



----- Original Message -----
> From: "Stan Silvert" <ssilvert at redhat.com>
> To: keycloak-dev at lists.jboss.org
> Sent: Friday, January 23, 2015 2:47:20 PM
> Subject: Re: [keycloak-dev] Shortening URLs
> 
> On 1/23/2015 8:45 AM, Stan Silvert wrote:
> > So if it's something the user needs to remember, let's make it super easy:
> >
> > http://foo.com/stan
> >
> > Of course then we would need to either enforce that they only create one
> > realm  So for multiple realms we could make it:
> >
> > http://realm.foo.com/stan
> I mean http://realmname.foo.com

I don't think that'll work - if we drop '/realms/' part we would have to move everything under a realm

> >
> > On 1/23/2015 8:20 AM, Stian Thorgersen wrote:
> >> ----- Original Message -----
> >>> From: "Stan Silvert" <ssilvert at redhat.com>
> >>> To: "Stian Thorgersen" <stian at redhat.com>
> >>> Cc: keycloak-dev at lists.jboss.org
> >>> Sent: Friday, January 23, 2015 2:10:00 PM
> >>> Subject: Re: [keycloak-dev] Shortening URLs
> >>>
> >>> On 1/23/2015 8:06 AM, Stian Thorgersen wrote:
> >>>> ----- Original Message -----
> >>>>> From: "Stan Silvert" <ssilvert at redhat.com>
> >>>>> To: keycloak-dev at lists.jboss.org
> >>>>> Sent: Friday, January 23, 2015 2:01:23 PM
> >>>>> Subject: Re: [keycloak-dev] Shortening URLs
> >>>>>
> >>>>> I like the idea of an option to bind the auth server to the root
> >>>>> context.   I think that would be especially good for the appliance
> >>>>> dist.
> >>>>>
> >>>>> But I'm not sure about the rest.  What is the problem we are solving?
> >>>> Shorter and easier to remember URLs ;)
> >>>>
> >>>> At least one the account will be something that users access directly.
> >>> Which one is the URL that they will need to remember?  Maybe we could
> >>> make an alias.
> >> Account is accessible by users directly:
> >> - http://localhost:8080/auth/realms/master/account
> >>
> >> BTW why not change it? If it can make things simpler for users. Devs that
> >> don't use our adapters, but use standard openid connect libs for example,
> >> will need to figure out all urls and configure them in the lib their
> >> using.
> >>
> >>>>> On 1/23/2015 6:23 AM, Stian Thorgersen wrote:
> >>>>>> Our URLs are quite long, examples:
> >>>>>>
> >>>>>> *
> >>>>>> http://localhost:8080/auth/realms/master/protocols/openid-connect/login
> >>>>>> * http://localhost:8080/auth/realms/master/account
> >>>>>>
> >>>>>> We could remove the 'realms' part and 'protocols' parts couldn't we?
> >>>>>>
> >>>>>> * http://localhost:8080/auth/master/oidc/login
> >>>>>> * http://localhost:8080/auth/master/account
> >>>>>>
> >>>>>> That would require moving everything under a realm and I guess we'd
> >>>>>> need
> >>>>>> to
> >>>>>> hard-wire the protocols, but I think that should be fine.
> >>>>>>
> >>>>>> We also need to make sure we can just the root context:
> >>>>>>
> >>>>>> * http://localhost:8080/master/oidc/login
> >>>>>> * http://localhost:8080/master/account
> >>>>>>
> >>>>>> We can also introduce other mechanisms to select the realm. For
> >>>>>> example a
> >>>>>> server with single realm can just omit it altogether:
> >>>>>>
> >>>>>> * http://localhost:8080/oidc/login
> >>>>>> * http://localhost:8080/account
> >>>>>>
> >>>>>> And we could allow setting what domains uses what realms:
> >>>>>>
> >>>>>> * http://keycloak-master/oidc/login
> >>>>>> * http://keycloak-other/oidc/login
> >>>>>>
> >>>>>>
> >>>>>> _______________________________________________
> >>>>>> keycloak-dev mailing list
> >>>>>> keycloak-dev at lists.jboss.org
> >>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
> >>>>> _______________________________________________
> >>>>> keycloak-dev mailing list
> >>>>> keycloak-dev at lists.jboss.org
> >>>>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
> >>>>>
> > _______________________________________________
> > keycloak-dev mailing list
> > keycloak-dev at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-dev
> 
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
> 


More information about the keycloak-dev mailing list