search

quarkusio / quarkus

Quarkus: Supersonic Subatomic Java.
https://quarkus.io
Apache License 2.0
13.63k stars 2.64k forks source link

Dynamic Keycloak Policy Enforcer for multi-tenancy #25774

Closed ansonquarkus closed 2 months ago

ansonquarkus commented 2 years ago

Description

Support creating keycloak authorization policy dynamically

Implementation ideas

No response

quarkus-bot[bot] commented 2 years ago

/cc @pedroigor, @sberyozkin

albert0815 commented 1 year ago

Hi @sberyozkin,

I am currently planning to create a multi tenant application with dynamic tenants. Using the OIDC TenantConfigResolver works to configure the tenants for authentication. Based on the documentation and this issue I assume that nothing similar exists for the authorisation using policy enforcer. Is there any plan to also build a dynamic solution for the policy enforcer? And maybe you could help recommending how to deal with this in the meantime.

Thanks

michalvavrik commented 6 months ago

39643 makes it possible through alternative and priority CDI annotations, though I would strongly encourage you to stick with dynamic tenant config resolution as I find it more practical.