[keycloak-dev] does keycloak 1.8 supports ECP profile on SP side?
John Dennis
jdennis at redhat.com
Fri Jan 22 10:22:02 EST 2016
On 01/22/2016 03:52 AM, Stian Thorgersen wrote:
> No, at the moment we don't have any plans to support it at all. You
> should be able to find other SP libraries to use though.
If your SP is running inside Apache you can use mod_auth_mellon. We just
finished successfully testing ECP between a mod_auth_mellon SP and
Keycloak 1.8.0.CR1 (caveat, 1.8.0.CR1 had 1 minor issue with the media
type which was promptly fixed by the KC team, 1.8.0 final should be fine).
The truth is an IdP such as KC doesn't need to do much to support ECP,
most of the work for ECP is in the ECP client and the SP. So in addition
to a working SP you'll need to make sure your ECP client plays well with
others.
> On 22 January 2016 at 09:34, Arulkumar Ponnusamy <parul.com at gmail.com
> <mailto:parul.com at gmail.com>> wrote:
>
> do you have any plan to implement it on SP side too on 1.9?
>
>
> On Fri, Jan 22, 2016 at 1:35 PM, Stian Thorgersen
> <sthorger at redhat.com <mailto:sthorger at redhat.com>> wrote:
>
> Only IdP side
>
> On 22 January 2016 at 05:47, Arulkumar Ponnusamy
> <parul.com at gmail.com <mailto:parul.com at gmail.com>> wrote:
>
> keycloak 1.8 CR release notes state, it supports SAML ECP
> profile. want to know, is it on IDP side or it supports both
> IDP and SP side?
--
John
More information about the keycloak-dev
mailing list