[keycloak-user] Custom Identity Brokering for a CAS Server
Rémy Grünblatt
remy at grunblatt.org
Tue Aug 14 05:25:25 EDT 2018
Hello,
We would like to have a Keycloak server use data from a legacy auth
system (namely, a CAS server,
https://en.wikipedia.org/wiki/Central_Authentication_Service ) to
authenticate people. We do not have admin rights on the CAS server, nor
we are able to access the underlying ldap database it uses internally.
People would be able to have « pure » keycloak accounts (new users), but
also link their identity from the CAS or use the CAS to identify, and
create an account the first time they do so.
I tried to find documentation to develop our own identity provider (as
Keycloak only has an social, oidc, and saml providers), but I find it
difficult to guess what are the interfaces we need to implement.
Right now, this is what I have: https://github.com/Reventl0v/KeycloakCAS
So, questions:
- Is there somewhere listing everything we need to implement beside
looking at the code of keycloak?
- Is there online some custom provider example code for something that
is not talking oidc, saml, or is a social provider?
- Do you think it's a good idea to create such a provider?
I found
http://lists.jboss.org/pipermail/keycloak-user/2017-October/012100.html
but I have no news about the result of this enterprise: Dominik (can I
call you Dominik?), did you manage to achieve this goal?
Many thanks,
Rémy
More information about the keycloak-user
mailing list