[keycloak-user] Securing Application which is exposed to Guest Users

Naresh Kumar Reddy pnreddy.svu at gmail.com
Mon Jan 18 03:34:42 EST 2016


Let me clarify the work flow.

organizer is a keyclock user. he schedules a webinar and an invitation mail
will be sent to all participants(guest users). the mail will have
webinarid/webinar secret. When participants(guest users) visits webinar
portal it should ask for webinar Id/secret to authenticate.

How to achieve this with keycloak assuming two kinds of applications under
same realm?

Thanks

On Mon, Jan 18, 2016 at 1:58 PM, Naresh Kumar Reddy <pnreddy.svu at gmail.com>
wrote:

> login is required but with custom fields like webinarId/webinar secret
> which are common for all guest users.
>
> On Mon, Jan 18, 2016 at 1:45 PM, Stian Thorgersen <sthorger at redhat.com>
> wrote:
>
>> Assuming by guest users you mean that no login is required then why does
>> it need securing at all?
>>
>> On 16 January 2016 at 02:53, Naresh Kumar Reddy <pnreddy.svu at gmail.com>
>> wrote:
>>
>>> Hi,
>>>
>>> We have two applications which provides webinar functionality.
>>>
>>> 1) Provisioning app-- Organizers provision webinar and manage their
>>> account. Since organizers are Keycloak users, I can secure provisioning app
>>> out of the box.
>>>
>>> 2) Webinar app-- The users of this app are organizers and participants.
>>> Participants are no more provisioned as Keycloack users. Those are guest
>>> users.
>>>
>>>  My question is how do we secure second app with keyclock?
>>>
>>> * Note*: Both apps will be under same realm.
>>>
>>> Is there anyway to secure with custom field like webinarId which is
>>> passed as a parameter?
>>>
>>> Or something better solution?
>>>
>>> Under same realm securing one app with keycloak users and other app with
>>> custom authentication?
>>>
>>> Thanks for the great work.
>>>
>>>
>>> Thanks & Regards
>>> Naresh
>>>
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160118/5b7b13d6/attachment-0001.html 


More information about the keycloak-user mailing list