The aim of this tutorial is to configure Red Hat Single Sign On (RH-SSO) to work as an Identity Provider (IdP) for Liferay DXP through SAML.
Liferay DXP supports functionalities for Single Sign On (SSO) such as NTLM, OpenID, and Token-based and integration with IdPs like Google and Facebook. But when it comes to enterprise environments, the requirements may be stricter, especially regarding integration with externals IdPs.
Continue reading “Integrate RH-SSO 7.x with Liferay DXP using SAML”
Lets suppose that you have a remote Enterprise JavaBeans (EJB) application where the EJB client is a service pack (SP) application in a Security Assertion Markup Language (SAML) architecture. You would like your remote EJB to be authenticated using same assertion which was used for SP.
Before proceeding with this tutorial, you should have a basic understanding of EJB and Picketlink.
Continue reading “Enabling SAML-based SSO with Remote EJB through Picketlink”
This article discusses how to set up and configure a Keycloak instance to use OpenShift for authentication via Identity Brokering. This allows for Single Sign On between the OpenShift cluster and the Keycloak instance. The Keycloak instance will be running on the OpenShift cluster and leverage a ServiceAccount OAuth Client.
Continue reading “Keycloak Identity Brokering with OpenShift”
This step-by-step guide is a follow-up to the Red Hat 3scale API Management new 2.1 version announcement. As many of you will know, this new version simplifies the integration between APIcast gateway and Red Hat Single Sign-On through OpenID Connect (OIDC) for API authentication. As a result, now you can select OpenID Connect as your authentication mechanism besides API Key, App Key pair, and OAuth. Also, the on-premise version adds a new component that synchronizes the client creation on the Red Hat Single Sign-On domain.
Continue reading “HOW-TO setup 3scale OpenID Connect (OIDC) Integration with RH SSO”
It was more than 2 years ago that I blogged about building a Managed File Transfer (MFT) solution using Fuse and AMQ. First, many things have progressed, particularly the technology landscape. Second, MFT protocols have evolved. AS4 provides a new and improved way of securely exchanging documents over HTTP. In addition, the OASIS consortium governs a vendor-neutral open standard. This is great news, but how do we achieve support for these new standards and transports with our antiquated, legacy, and proprietary MFT software?
Continue reading “Managed File Transfer (MFT) 2.0 with Fuse, 3scale and AMQ”
Need to lock down your Docker registry? Keycloak has you covered.
As of version 3.2.0, Keycloak has the ability to act as an “authorization service” for Docker authentication. This means that the Keycloak IDP server can perform identity validation and token issuance when a Docker registry requires authentication. Administrators may now leverage the same user base, audit controls, and configuration mechanisms in Keycloak to extend their SSO ecosystem past OpenID Connect and SAML to cover Docker registries. The chart below illustrates how this flow works:
Continue reading “Docker Authentication with Keycloak”
Red Hat 3scale API Management Platform simplifies the integration between APIcast gateway and Red Hat Single Sign-On through OpenID Connect (OIDC) for API authentication. Consequently, the new version enables API provider users to select and configure their API authentication process from the Admin Portal UI.
Continue reading “3scale API Management Simplifies OpenID Connect Integration”
In this post, I will provide a walk through of how to set up Identity Brokering on an RH-SSO server.
Red Hat Single Sign-On (RH-SSO) provides Web single sign-on and identity federation based on SAML 2.0, OpenID Connect and OAuth 2.0 specifications.
For this tutorial, you will need:
- An RH-SSO Instance.
- A Web/Mobile Application with an OpenID Connect adapter.
- An OpenID Connect Provider Server (Such as Keycloak) to be used as the 3rd Party Identity Provider.
Continue reading “OpenID Connect Identity Brokering with Red Hat Single Sign-On”
I am pleased to announce the immediate availability of Red Hat Software Collections 3.0 Beta, Red Hat’s newest installment of open source development tools, dynamic languages, databases, and more. Delivered on a separate lifecycle from Red Hat Enterprise Linux with a more frequent release cadence, Red Hat Software Collections bridges development agility and production stability by helping you create modern applications that can be confidently deployed into production. Most of these components are also available in Linux container image format to streamline microservices development.
In addition to these new components having traditional support for x86_64, Red Hat Software Collection 3.0 Beta adds support for three new architectures: s390x, aarch64, and ppc64le.
NEW ADDITIONS to Red Hat Software Collections 3.0 Beta include:
Continue reading “Red Hat updates Python, PHP, Node.js, more; supports new arches”
The tutorial Spring Boot and OAuth2 showed how to enable OAuth2 with Spring Boot with Facebook as AuthProvider; this blog is the extension of showing how to use KeyCloak as AuthProvider instead of Facebook. I intend to keep this example as close to the original Spring Boot and OAuth2 and will explain the changes to the configuration to make the same application work with KeyCloak. The source code for the examples are available in the github repositories listed below.
Continue reading Spring Boot and OAuth2 with Keycloak