[keycloak-dev] combine proxy and keycloak server
Bill Burke
bburke at redhat.com
Tue Aug 16 17:07:51 EDT 2016
One of the main reasons for this whole email thread was to provide a way
to reduce the number of moving parts that need to be installed and
configured. And reduce the number of steps it takes to secure an
application. Integration with other things is interesting, but not the
goal of what I'm proposing.
On 8/16/16 4:53 PM, Marc Boorshtein wrote:
>> There's also plenty of options around proxies (Apache, nginx, APIMan,
>> 3scale, etc.). I'm not convinced we should even have our own. Sounds like
>> APIMan might actually survive and end up being supported in some form, so
>> that may still be a better option to us rolling our own proxy/gateway.
>>
> For what its worth, OpenUnison could play this role with KC where
> OpenUnison does the integration with with applications and KC via OIDC
> or SAML2 (I'm working on a POC right now using KC for authentication,
> MyVirtualDirectory for multi directory access and OpenUnison/ScaleJS
> for provisioning/Reverse Proxy) with Kubernetes and its working great.
> We already have a powerful LastMile system for application integration
> that lets us integrate with J2EE, LAMP and .NET applications. The
> integration between OpenUnison and KC took me about 5 minutes. We
> have source2image that makes the deployment even easier.
>
>
> -
> Marc Boorshtein
> CTO Tremolo Security
> marc.boorshtein at tremolosecurity.com
> Twitter - @mlbiam / @tremolosecurity
More information about the keycloak-dev
mailing list