My organization, is trying to implement a SSO service internally, so that various business applications can authenticate against it. We also want this SSO service to manage roles, groups,permissions, role-group memberships etc.

 

Currently this authentication is happening using DB tables and Active Directory server.

We want to hook up these with the keycloak server.

Can this be done using Keycloak? how does keycloak compare to shibboleth?

Will using picketlink in client applications help in anyway to speed up development.

Thanks for your patience,

Subhro.