[wildfly-dev] Pending core split
Darran Lofthouse
darran.lofthouse at jboss.com
Thu Jul 3 05:28:04 EDT 2014
On 01/07/14 13:32, Tomaž Cerar wrote:
>
> On Tue, Jul 1, 2014 at 2:25 PM, Vaclav Tunka <vtunka at redhat.com
> <mailto:vtunka at redhat.com>> wrote:
>
> My impression is Keycloak does not belong into the categories
> above, but maybe I don't know all the details.
>
>
>
> You don't have all details, but your reasoning is completely sound.
>
> Idea is to have keycloak auth mechanism as an option to have SSO for
> admin console.
> But that doesn't mean it needs all those dependencies in the core.
>
> We need to distinguish between, auth mechanism that should go to domain-http
> and keycloak subsystem which is completely different beast and should go
> to probably full distro.
+1
Just to clarify one point, the current security infrastructure within
the server be that management or ee is being replaced with Elytron and
anything that is integrated such as PicketLink and KeyCloak will be
integrated on top of that so what we are learning at the moment is more
proof of concept rather than final solution when it comes to the
KeyCloak integration.
The approach that we are moving to for Elytron is that it will entirely
be contained within a subsystem. So for our distributions we are most
likely going to want security out of the box so would include the
Elytron subsystem - however as advisable as it is I don't see it's
inclusion by default as a base requirement on a core of the sever.
> --
> tomaz
>
>
> _______________________________________________
> wildfly-dev mailing list
> wildfly-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/wildfly-dev
>
More information about the wildfly-dev
mailing list