Integrate RH-SSO 7.x with Liferay DXP using SAML

The aim of this tutorial is to configure Red Hat Single Sign On (RH-SSO) to work as an Identity Provider (IdP) for Liferay DXP through SAML.

Liferay DXP supports functionalities for Single Sign On (SSO) such as NTLM, OpenID, and Token-based and integration with IdPs like Google and Facebook. But when it comes to enterprise environments, the requirements may be stricter, especially regarding integration with externals IdPs.

Continue reading “Integrate RH-SSO 7.x with Liferay DXP using SAML”

Share

Enabling SAML-based SSO with Remote EJB through Picketlink

Lets suppose that you have a remote Enterprise JavaBeans (EJB) application where the EJB client is a service pack (SP) application in a Security Assertion Markup Language (SAML) architecture. You would like your remote EJB to be authenticated using same assertion which was used for SP.

Before proceeding with this tutorial, you should have a basic understanding of EJB and Picketlink.

Continue reading “Enabling SAML-based SSO with Remote EJB through Picketlink”

Share

HOW-TO setup 3scale OpenID Connect (OIDC) Integration with RH SSO

This step-by-step guide is a follow-up to the Red Hat 3scale API Management new 2.1 version announcement. As many of you will know, this new version simplifies the integration between APIcast gateway and Red Hat Single Sign-On through OpenID Connect (OIDC) for API authentication. As a result, now you can select OpenID Connect as your authentication mechanism besides API Key, App Key pair, and OAuth. Also, the on-premise version adds a new component that synchronizes the client creation on the Red Hat Single Sign-On domain.

Continue reading “HOW-TO setup 3scale OpenID Connect (OIDC) Integration with RH SSO”

Share

Managed File Transfer (MFT) 2.0 with Fuse, 3scale and AMQ

It was more than 2 years ago that I blogged about building a Managed File Transfer (MFT) solution using Fuse and AMQ. First, many things have progressed, particularly the technology landscape. Second, MFT protocols have evolved. AS4 provides a new and improved way of securely exchanging documents over HTTP. In addition, the OASIS consortium governs a vendor-neutral open standard. This is great news, but how do we achieve support for these new standards and transports with our antiquated, legacy, and proprietary MFT software?

Continue reading “Managed File Transfer (MFT) 2.0 with Fuse, 3scale and AMQ”

Share
Docker Authentication Flow

Docker Authentication with Keycloak

Need to lock down your Docker registry?  Keycloak has you covered.

As of version 3.2.0, Keycloak has the ability to act as an “authorization service” for Docker authentication. This means that the Keycloak IDP server can perform identity validation and token issuance when a Docker registry requires authentication. Administrators may now leverage the same user base, audit controls, and configuration mechanisms in Keycloak to extend their SSO ecosystem past OpenID Connect and SAML to cover Docker registries. The chart below illustrates how this flow works:

Docker Authentication Flow

Continue reading “Docker Authentication with Keycloak”

Share
OIDC Settings

3scale API Management Simplifies OpenID Connect Integration

Red Hat 3scale API Management Platform simplifies the integration between APIcast gateway and Red Hat Single Sign-On through OpenID Connect (OIDC) for API authentication. Consequently, the new version enables API provider users to select and configure their API authentication process from the Admin Portal UI

Continue reading “3scale API Management Simplifies OpenID Connect Integration”

Share