4:58 a.m.
Hey there, I didn't find any documentation about this particular topic, let
me explain a bit. How can I bind my application to a Keycloak server
instance and be sure that this binding is immutable?
I know about certs and public key but if someone changes the key on my app
it would be able to use a different Keycloak instance to authenticate,
isn'it?
Thanks for your clarification and I apologize if this is not the right way
to use the mailing list.
10:27 p.m.
Hi Leandro,
So basically you're shipping an application pre-configured to use your
Keycloak, and you want to prohibit users from changing this to another
server?
What type of application is it? Off the top of my head, you can use
server certificate verification on the adapter side. Not sure however
if it's available OOTB. But you're right: the user might replace server
name and certificate, so I'm afraid there's no 100% bulletproof solution here.
Cheers,
Dmitry Telegin
CTO, Acutus s.r.o.
Keycloak Consulting and Training
Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
+42 (022) 888-30-71
E-mail: info(a)acutus.pro
On Thu, 2018-07-26 at 11:58 +0200, Leandro Rebosio wrote:
Hey there, I didn't find any documentation about this particular
topic, let
me explain a bit. How can I bind my application to a Keycloak server
instance and be sure that this binding is immutable?
I know about certs and public key but if someone changes the key on my app
it would be able to use a different Keycloak instance to authenticate,
isn'it?
Thanks for your clarification and I apologize if this is not the right way
to use the mailing list.
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
2344
days inactive
2349
days old
1 comments
2 participants
participants (2)
-
Dmitry Telegin -
Leandro Rebosio