We are getting out of the role-your-own IDP business and instead,
providing an actual IDP. This means no more PL IDM API. The majority
of our efforts have been focused at the IDP side, and not the SP side.
We hope to eventually have some of the useful annotations like in PL's
Java EE integration but we haven't had the cycles to do it. The IDP
(Keycloak) does have custom authenticator SPI. It also has a custom
user federation SPI. It has LDAP support out of the box too.
On 6/15/16 11:31 AM, Shaun Willows wrote:
We are evaluating security frameworks for new application(s) within
our
organisation. Picketlink provides a number of features that are
desirable to us as an organisation. However, as I understand, Picketlink
is being migrated into Keycloak, and this process started in March 2015.
Is it possible to provide any updates regarding the migration of the
following features:
· Picketlink’s Java EE integration (particularly its integration
with the DeltaSpike security interceptor) is especially useful to us.
Will Keycloak provide similar CDI / Java EE integration? The FAQ at
http://picketlink.org/keycloak-merge-faq/ indicates that this was
planned to be the case, but I cannot see any progress on this issue in
the Keycloak Github or JIRA.
· Picketlink’s IDM capabilities included a JPA IDM and the
ability to easily create new IDMs. How can this be achieved in Keycloak?
· Picketlink’s capability to provide custom authenticators and
token providers is also useful to us. How can this be achieved in Keycloak?
I appreciate the need to consolidate projects within Red Hat, however as
Picketlink is not being actively developed and there is no clear
migration path from Picketlink to Keycloak for a number of features,
users of both frameworks are left with no interim solution.
Thanks for any help in this regard
Shaun Willows
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev