[keycloak-user] Help with SSO
Thomas Recloux
thomas at recloux.fr
Thu May 4 02:15:38 EDT 2017
> > Hi,
Hi,
> > So..summing up:
> > - System "A" is using keycloak with a realm "RealmA" with multiple clients
> > (modules) with sso between them.
> > - Other systems "B", "C" with their custom authentication and authorization
> > - We are using a custom federation on keycloak over the same users
> > database that is shared among all the systems.
> >
> > What's the best practise to achieve sso between all the systems?
> > We are thinking about a proxy that detects if the user has a session on
> > some of the other systems and if that is true, we programatically create a
> > session on keycloak for a given (Is this possible with the API?).
One possible solution could be to use Keycloak as authentification
system for systems B and C.
You can may be use the apache module to proxy these apps and trigger the
authentication workflow with keycloak.
https://keycloak.gitbooks.io/documentation/securing_apps/topics/oidc/mod-auth-openidc.html
Thomas
More information about the keycloak-user
mailing list