[keycloak-dev] Restrict admins to only allow granting roles they are privileged to

Juraci Paixão Kröhling jpkroehling at redhat.com
Wed Mar 25 09:12:53 EDT 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 03/25/2015 01:20 PM, Bolesław Dawidowicz wrote:
> Also before we do anything more we need to sync with other pojects
> with similar requirements to make sure we have something meeting
> their reqs. Hawcular has such needs. FeedHenry guys have. etc.

Hawkular absolutely have a need for something like that, but at the
time, we are doing it by ourselves, mainly because our multi-tenancy
concept doesn't maps nicely with Keycloak's.

What would probably help is to have the PicketLink's Permission API
available (with the notion of partitions, resources and so on), but I
guess that the PicketLink integration will still take some time to
happen.

- - Juca.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBAgAGBQJVErRVAAoJECKM1e+fkPrXu/YIAJRJ+QqOnwsyCjokiqmCvzG1
qCk3zq+xHMFYtX5TG2BkOGHUc3Bpn7Bp/jiLfeNAT1Q6IpH/meuenwBFbjRS8GoA
Vl/sjDndwjH915yVdIt/Pt2GZiIr69ScvXMPZPhmNv4INCcr5YCq9AgPNUOlhWVM
bm54/mveUd98ozFwxTwFZLvypoha+VXVNSq9k99PzuAlNIYJw7IOTNQ0p2WZBL2B
eTSuu2ZBBn6/1ERz+eI0zY1cOXd/nOwfd7VDC8NgxehaG1SMBvo+C+QVTNz2hCA6
pPI3ZKyfDXI9yRfrYsBSkTjhziFv+Z3U82NzcBIFPv0Z2lB29d02iMttQVUZ1RU=
=WqlZ
-----END PGP SIGNATURE-----


More information about the keycloak-dev mailing list