[keycloak-dev] portal identity experiences
Boleslaw Dawidowicz
bdawidow at redhat.com
Mon Sep 16 11:51:54 EDT 2013
On Sep 16, 2013, at 3:09 PM, Bill Burke <bburke at redhat.com> wrote:
>> We have some. Which aspect are you interested in? Majority of
>> deployments are around integrating MSAD - as majority of organizations
>> just inherit it as part of Windows Domain.
>>
>
> They used portal as an identity broker to MSAD? What did they use MSAD
> for? User metadata and credentials? Or was application security
> metadata in their too? (roles/role mappings).
No identity broker. Mainly there were two use cases
- LDAP integration. MSAD is still most popular one. Major requirement is around authentication and being able to tied roles membership store there with security. All sorts of LDAP schema shapes involved.
- SSO integration with already deployed frameworks. Most popular are Web SSO solutions. Then there is SAML for more specific cases. Using JAAS always helped as it allowed easily plugging in custom solutions
Time to time organisations have their own IDM solutions - for example exposed with web services - and want to integrate those. Both for auth and role/group mapping.
More information about the keycloak-dev
mailing list