Single Sign-On Made Easy with Keycloak / Red Hat SSO

If you’re looking for a single sign-on solution (SSO) that enables you to secure new or legacy applications and easily use federated identity providers (IdP) such as social networks, you should definitely take a look at Keycloak. Keycloak is the upstream open source community project for Red Hat Single Sign-On (RH-SSO). RH-SSO is a core service that is part of a number of  products such as Red Hat JBoss Enterprise Application Platform. If you’ve logged into to or you are using Keycloak.

On the Red Hat Developer blog there have been a number of recent articles that cover various aspects Keycloak/RH-SSO integration.  A recent DevNation Live Tech Talk covered Securing Spring Boot Microservices with Keycloak. This article discusses the features of Keycloak/RH-SSO that you should be aware of.

Continue reading “Single Sign-On Made Easy with Keycloak / Red Hat SSO”


Next DevNation Live: Secure Spring Boot Microservices with Keycloak, March 1st, 12pm EST

The next online DevNation Live Tech Talk will be Thursday, March 1st at 12pm EST. The topic is Secure Spring Boot Microservices with Keycloak presented by Sébastien Blanc.

Although security and identity management are critical aspects for any application, implementation can be difficult. As a result, these things are often neglected, poorly implemented, and intrusive in the code. Recently, identity management servers have appeared that allow you to outsource and delegate all aspects of authentication and authorization, such as Of these servers, one of the most promising is Keycloak, because it is open source, flexible, and technology agnostic. Keycloak is easily deployable on a variety of infrastructure and is very adaptable for many types of deployments.

Register now, and join the live presentation at 12 pm EST on Thursday, March 1st.

** UPDATE: Missed the live session?  Watch the video online. **

Continue reading “Next DevNation Live: Secure Spring Boot Microservices with Keycloak, March 1st, 12pm EST”


Integrate RH-SSO 7.x with Liferay DXP using SAML

The aim of this tutorial is to configure Red Hat Single Sign On (RH-SSO) to work as an Identity Provider (IdP) for Liferay DXP through SAML.

Liferay DXP supports functionalities for Single Sign On (SSO) such as NTLM, OpenID, and Token-based and integration with IdPs like Google and Facebook. But when it comes to enterprise environments, the requirements may be stricter, especially regarding integration with externals IdPs.

Continue reading “Integrate RH-SSO 7.x with Liferay DXP using SAML”


Red Hat Sessions at Devoxx 2017

The 2017 edition of the legendary Devoxx conference is over, and as always, it has been a fantastic week.

Hosted in Antwerp, Belgium, and sold out months in advance, it’s one of the top events of the Java community. Five days fully packed with workshops, regular conference sessions, BOFs, ignite sessions and even quickie talks during the lunch breaks – there was something for everyone.

The super-comfortable cinema seats at the Devoxx venue are legendary, but also if you couldn’t attend, you wouldn’t miss a thing as the sessions were live streamed. But it gets even better: all the recordings are freely available on YouTube already.

Red Hat was present with more than ten speakers, so Devoxx was a great opportunity for us to show the latest projects. Our sessions covered the full range of software development, from presenting a new garbage collector, over Java coding patterns and updates on popular libraries such as Hibernate, up to several talks related to microservices, including how to test, secure and deploy them on Kubernetes and OpenShift.

Continue reading “Red Hat Sessions at Devoxx 2017”

Docker Authentication Flow

Docker Authentication with Keycloak

Need to lock down your Docker registry?  Keycloak has you covered.

As of version 3.2.0, Keycloak has the ability to act as an “authorization service” for Docker authentication. This means that the Keycloak IDP server can perform identity validation and token issuance when a Docker registry requires authentication. Administrators may now leverage the same user base, audit controls, and configuration mechanisms in Keycloak to extend their SSO ecosystem past OpenID Connect and SAML to cover Docker registries. The chart below illustrates how this flow works:

Docker Authentication Flow

Continue reading “Docker Authentication with Keycloak”