I need to use the authentication server without OIDC/OAuth2/SAMLv2 implementation as an
external IdP,
in order to integrate existing authentication system.
(some commercial products supports such the case)
I consulted identity broker's section in keycloak's manual below and found that if
I use this feature the external IdP must support OIDC or SAMLv2.
https://keycloak.gitbooks.io/documentation/server_admin/topics/identity-b...
Therefore, I realized it by using redirect based authentication flows.
Can identity Brokering can support such the case?
Aside from this, I'd like to contribute it to Community extensions and examples.
Best Regards
Takashi Norimatsu
Hitachi, Ltd.
---
From: Stian Thorgersen [mailto:sthorger@redhat.com]
Sent: Tuesday, June 27, 2017 5:52 PM
To: 乗松隆志 / NORIMATSU,TAKASHI
Cc: keycloak-dev(a)lists.jboss.org
Subject: [!]Re: [keycloak-dev] Proposal of using existing authentication server on behalf
of keycloak browser-based authentication
I'm not in favour of adding this. If it's using redirect based authentication
flows it should be done through identity brokering, not authentication flows. It's
also a very complex example that we don't want to maintain. We've also in the
process of moving all examples away from the main Keycloak repository into a separate
quickstart repository.
On 27 June 2017 at 08:54, 乗松隆志 / NORIMATSU,TAKASHI
<takashi.norimatsu.ws(a)hitachi.com> wrote:
Hello.
Previously, I had proposed the feature of delegating authentication to an external
authentication server on behalf of keycloak's browser-based authentication mechanism.
I've integrated this feature to keycloak's "examples" packages and send
PR (
https://github.com/keycloak/keycloak/pull/4260).
Hope this PR is reviewed and merged as an example for combining some providers to
customize keycloak.
Detailed description of this feature is mentioned below.
https://github.com/Hitachi/PoV-keycloak-authentication-delegation
I am now engaging in integrating this feature to keycloak as product-base default
providers, but encounter technical problems about writing arquillian. Would someone tell
me how to resolve this problem?
[Problem]
- I could not find how to run an external authentication server(application running on
wildfly 10) during each arquillian test cases.
After resolving this problem and writing and running arquillian test cases, I'll send
PR for this feature as product-base default providers.
Best Regards
Takashi Norimatsu
Hitachi, Ltd.
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev