[keycloak-user] Limiting (network-based) access to different realms
Guus der Kinderen
guus.der.kinderen at gmail.com
Fri Apr 1 05:46:06 EDT 2016
Hello,
We're working on a setup where we have two realms, a 'master' realm that we
use for administration, and another realm that is public-facing, providing
service to our end-users.
We'd like to be able to prevent access to the master realm for the general
public. We do not want, for example, to have the general public be able to
access the login page for the master realm, but we would like them to be
able to use to login page for the other realm. Things will probably get
interesting in the REST interface in that sense.
Ideally, we would expose each realm on a different network endpoint (at the
very least, use different TCP ports for each realm). We prefer to avoid a
solution that relies on URL / path-based filtering.
Can Keycloak facilitate this? Is it possible to limit exposure of a
particular realm to a specific network endpoint?
Kind regards,
Guus
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160401/8d7fcb91/attachment-0001.html
More information about the keycloak-user
mailing list