[keycloak-user] feature request: ldap protocol as authentication frontend
Herrmann Hinz
tobias.hinz at gmail.com
Wed Oct 11 08:49:20 EDT 2017
hallo marek,
im talking about ldap as authentication protocol.
atm available auth protocols are SAMl and OpenID (this one is used to
authenticate against a docker registry as well afaik).
my usecase is:
- we have an internal ldap/ad server in the company
- we want to be independent at a later stage of this
- until then we want to setup keycloak as "man in the middle" (ldap proxy
so to say)
- we would like to enrich the user database on our keycloak with own
technical users for ci/cd components like jenkins, nexus, u name it...
- we would like to use keycloaks SSO posibilities
- now: some cicd backends do not support SAML or OpenID - what if we could
talk to keycloak via LDAP authentication protocol instead of using the one
company AD (which does not know yet about the technical users)
do you get my point?
thanks,
tobias
--------------------------------
Tobias Herrmann Hinz
mobil: 01522 1940 885
--------------------------------
On 11 October 2017 at 14:41, Marek Posolda <mposolda at redhat.com> wrote:
> We have support for LDAP. It's documented here [1] . Keycloak is able to
> lookup users from the LDAP and login users with their LDAP
> username/passwords + bunch of other things (Attribute mappings, role/group
> mappings, writable or read-only etc).
>
> Or did I misunderstood what usecase exactly you mean?
>
> [1] http://www.keycloak.org/docs/latest/server_admin/topics/user
> -federation/ldap.html
>
> Marek
>
>
> On 11/10/17 00:12, Herrmann Hinz wrote:
>
>> hello all,
>>
>> afaik at the moment its not possible to authenticate against an keycloak
>> installation via ldap/s protocol. is this correct?
>>
>> if so: any plans on integrating it? is there any work done already?
>>
>> would be very helpful to have this integrated into keycloak. would it even
>> complete more.
>>
>> thanks for your answers in ahead,
>>
>> tobias
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>
>
More information about the keycloak-user
mailing list