Need to lock down your Docker registry? Keycloak has you covered.
As of version 3.2.0, Keycloak has the ability to act as an “authorization service” for Docker authentication. This means that the Keycloak IDP server can perform identity validation and token issuance when a Docker registry requires authentication. Administrators may now leverage the same user base, audit controls, and configuration mechanisms in Keycloak to extend their SSO ecosystem past OpenID Connect and SAML to cover Docker registries. The chart below illustrates how this flow works:
Continue reading “Docker Authentication with Keycloak”
Authorization and Authentication are both important aspects to secure development. Come check out our latest video in the secure development series and learn about often overlooked authorization events in your applications. The video also discusses Cross-Site Request Forgeries (CSRF), what they are and how to avoid them (e.g. OWASP CSRF Prevention Cheat Sheet).