Single Sign-On Made Easy with Keycloak / Red Hat SSO

If you’re looking for a single sign-on solution (SSO) that enables you to secure new or legacy applications and easily use federated identity providers (IdP) such as social networks, you should definitely take a look at Keycloak. Keycloak is the upstream open source community project for Red Hat Single Sign-On (RH-SSO). RH-SSO is a core service that is part of a number of  products such as Red Hat JBoss Enterprise Application Platform. If you’ve logged into to developers.redhat.com or openshift.com you are using Keycloak.

On the Red Hat Developer blog there have been a number of recent articles that cover various aspects Keycloak/RH-SSO integration.  A recent DevNation Live Tech Talk covered Securing Spring Boot Microservices with Keycloak. This article discusses the features of Keycloak/RH-SSO that you should be aware of.

Continue reading “Single Sign-On Made Easy with Keycloak / Red Hat SSO”

Share

Next DevNation Live: Secure Spring Boot Microservices with Keycloak, March 1st, 12pm EST

The next online DevNation Live Tech Talk will be Thursday, March 1st at 12pm EST. The topic is Secure Spring Boot Microservices with Keycloak presented by Sébastien Blanc.

Although security and identity management are critical aspects for any application, implementation can be difficult. As a result, these things are often neglected, poorly implemented, and intrusive in the code. Recently, identity management servers have appeared that allow you to outsource and delegate all aspects of authentication and authorization, such as auth0.com. Of these servers, one of the most promising is Keycloak, because it is open source, flexible, and technology agnostic. Keycloak is easily deployable on a variety of infrastructure and is very adaptable for many types of deployments.

Register now, and join the live presentation at 12 pm EST on Thursday, March 1st.

** UPDATE: Missed the live session?  Watch the video online. **

Continue reading “Next DevNation Live: Secure Spring Boot Microservices with Keycloak, March 1st, 12pm EST”

Share

Integrate RH-SSO 7.x with Liferay DXP using SAML

The aim of this tutorial is to configure Red Hat Single Sign On (RH-SSO) to work as an Identity Provider (IdP) for Liferay DXP through SAML.

Liferay DXP supports functionalities for Single Sign On (SSO) such as NTLM, OpenID, and Token-based and integration with IdPs like Google and Facebook. But when it comes to enterprise environments, the requirements may be stricter, especially regarding integration with externals IdPs.

Continue reading “Integrate RH-SSO 7.x with Liferay DXP using SAML”

Share

Red Hat Sessions at Devoxx 2017

The 2017 edition of the legendary Devoxx conference is over, and as always, it has been a fantastic week.

Hosted in Antwerp, Belgium, and sold out months in advance, it’s one of the top events of the Java community. Five days fully packed with workshops, regular conference sessions, BOFs, ignite sessions and even quickie talks during the lunch breaks – there was something for everyone.

The super-comfortable cinema seats at the Devoxx venue are legendary, but also if you couldn’t attend, you wouldn’t miss a thing as the sessions were live streamed. But it gets even better: all the recordings are freely available on YouTube already.

Red Hat was present with more than ten speakers, so Devoxx was a great opportunity for us to show the latest projects. Our sessions covered the full range of software development, from presenting a new garbage collector, over Java coding patterns and updates on popular libraries such as Hibernate, up to several talks related to microservices, including how to test, secure and deploy them on Kubernetes and OpenShift.

Continue reading “Red Hat Sessions at Devoxx 2017”

Share
Docker Authentication Flow

Docker Authentication with Keycloak

Need to lock down your Docker registry?  Keycloak has you covered.

As of version 3.2.0, Keycloak has the ability to act as an “authorization service” for Docker authentication. This means that the Keycloak IDP server can perform identity validation and token issuance when a Docker registry requires authentication. Administrators may now leverage the same user base, audit controls, and configuration mechanisms in Keycloak to extend their SSO ecosystem past OpenID Connect and SAML to cover Docker registries. The chart below illustrates how this flow works:

Docker Authentication Flow

Continue reading “Docker Authentication with Keycloak”

Share

OpenID Connect Identity Brokering with Red Hat Single Sign-On

Introduction

In this post, I will provide a walk through of how to set up Identity Brokering on an RH-SSO server.

Red Hat Single Sign-On (RH-SSO) provides Web single sign-on and identity federation based on SAML 2.0, OpenID Connect and OAuth 2.0 specifications.

For this tutorial, you will need:

  • An RH-SSO Instance.
  • A Web/Mobile Application with an OpenID Connect adapter.
  • An OpenID Connect Provider Server (Such as Keycloak) to be used as the 3rd Party Identity Provider.

Continue reading “OpenID Connect Identity Brokering with Red Hat Single Sign-On”

Share

Easily secure your Spring Boot applications with Keycloak

What is Keycloak?

Although security is a crucial aspect of any application, its implementation can be difficult. Worse, it is often neglected, poorly implemented and intrusive in the code. But lately, security servers have appeared which allow for outsourcing and delegating all the authentication and authorization aspects. Of these servers, one of the most promising is Keycloak, open-source, flexible, and agnostic of any technology, it is easily deployable/adaptable in its own infrastructure.

Moreover, Keycloak is more than just an authentication server, it also provides a complete Identity Management system, user federation for third parties like LDAP and a lot more … Check it out on here.

The project can also be found on Github

Continue reading “Easily secure your Spring Boot applications with Keycloak”

Share