Authentication

X.509 user certificate authentication with Red Hat’s single sign-on technology

X.509 user certificate authentication with Red Hat’s single sign-on technology

orivat
By Olivier Rivat

This article illustrates how to configure a browser authentication flow using X.509 user-signed certificates. Once you have set up authentication using X.509 user-signed certificates, your users will not be required to enter a username and password when authenticating against Red Hat’s single sign-on technology (SSO). Instead, they will present an X.509 certificate to the SSO instance.

Continue reading X.509 user certificate authentication with Red Hat’s single sign-on technology

Share
Red Hat Single Sign-On: Give it a try for no cost!

Red Hat Single Sign-On: Give it a try for no cost!

nmasse
By Nicolas Massé

In a software world where each day is more hostile than the previous one, security matters and developers are coping with more and more non-functional requirements about security. The most common ones are the “OWASP Top 10”: the ten security risks that every developer should know. There are many more security risks you should care about, but those ten risks are the ones having the most impact on the security of your software. Among them are authentication and access control.

The good news is that authentication and access control are now commodities in the open source world, thanks to Red Hat Single Sign-On Red Hat Single Sign-On is an access management tool that takes care of the details of most authentication protocols such as SAML, OAuth, and OpenID Connect; user consent with UMA; and even access control. It is easy to use, is very well-documented, and has a very active community: Keycloak.

This article describes how to download and install Red Hat Single Sign-On for no cost.

Continue reading “Red Hat Single Sign-On: Give it a try for no cost!”

Share
How to set up LDAP authentication for the Red Hat AMQ 7 message broker console

How to set up LDAP authentication for the Red Hat AMQ 7 message broker console

elvadasnono
By Elvadas Nono

This post is a continuation of the series on Red Hat AMQ 7 security topics for developers and ops people started by Mary Cochran.  We will see how to configure LDAP authentication on a Red Hat AMQ 7 broker instance. In order to do so, we will go perform the followings actions:

  • Set up a simple LDAP server with a set of users and groups using Apache Directory Studio.
  • Connect Red Hat AMQ 7 to LDAP using authentication providers.
  • Enable custom LDAP authorization policies in Red Hat AMQ 7.

 

Continue reading “How to set up LDAP authentication for the Red Hat AMQ 7 message broker console”

Share
Docker Authentication with Keycloak

Docker Authentication with Keycloak

jcain
By Josh Cain

Need to lock down your Docker registry?  Keycloak has you covered.

As of version 3.2.0, Keycloak has the ability to act as an “authorization service” for Docker authentication. This means that the Keycloak IDP server can perform identity validation and token issuance when a Docker registry requires authentication. Administrators may now leverage the same user base, audit controls, and configuration mechanisms in Keycloak to extend their SSO ecosystem past OpenID Connect and SAML to cover Docker registries. The chart below illustrates how this flow works:

Docker Authentication Flow

Continue reading “Docker Authentication with Keycloak”

Share