[keycloak-dev] Am I doing this right?
Stan Silvert
ssilvert at redhat.com
Thu May 14 12:31:38 EDT 2015
Temporary home for Keycloak/Elytron integration is here:
https://github.com/ssilvert/keycloak-elytron-temp
In looking back over it, I realize I need to ask some general questions.
The way the initial realm implementation works is that I implement the
Elytron realm interface. Whenever Elytron asks for a user
authentication, it calls out to a Keycloak server to validate credentials.
The way I'm doing that right now is to use a Direct Access Grant. I
adapted some of Bill's code for this purpose:
https://github.com/ssilvert/keycloak-elytron-temp/blob/master/realm-impl/src/main/java/org/keycloak/elytron/realm/DirectGrantLogin.java
On the Keycloak side, this requires allowing direct access grants on the
realm and defining a direct access client. Is there any reason why
someone would not want to do this? If so, should I provide some
alternate means of authentication?
Stan
More information about the keycloak-dev
mailing list