Re: [keycloak-user] Discourse SSO with Keycloak
Keycloak supports SAML and OpenID Connect concurrently. It could do the
same for Discourse's protocol. I didn't see how they handled rest
invocations though.
On 3/8/2015 2:19 PM, Dean Peterson wrote:
I do not want to replace what I currently have though. I use
Keycloak.js to include security in my own AngularJS client side
applications and those communicate with REST services in a separate
Wildfly server secured with Keycloak using the wildfly adapter. I want
to add Discourse as a third party messaging application and want to
integrate it with my existing security. I just wanted to be sure there
wasn't something, feature wise, in Keycloak I might be able to
leverage. I will probably just make a REST endpoint in my Wildfly
server that gets the already logged in user information and create the
necessary sso response Discourse is looking for. It will be more
complicated if users are not currently logged into my application and
they try to go directly to the Discourse portion of the site. I will
have to redirect the user somehow to the keycloak login page, then when
that flow ends remember where they were in the Discourse flow of
things. I just hate having to maintain security code though and that is
why I went with Keycloak in the first place. I wonder how Auth0 did it:
https://meta.discourse.org/t/auth0-single-sign-on-for-enterprise-and-supp...
On Sun, Mar 8, 2015 at 11:31 AM, Dean Peterson <peterson.dean(a)gmail.com
<mailto:peterson.dean@gmail.com>> wrote:
Is there a best practice when it comes to adding hooks to Keycloak
for integrating with software that let's you replace their security
with Keycloak security? For example, Discourse provides this guide:
https://meta.discourse.org/t/official-single-sign-on-for-discourse/13045.
It assumes the user is using their own home grown security where
they can easily intercept redirects. Is there a mechanism in
Keycloak that allows end users to more easily implement the solution
they describe in that guide? I realize you don't have time to give
me a solution. Can you just nudge me in the right direction?
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com