2:03 a.m.
Hello,
My organization, is trying to implement a SSO service internally, so that
various business applications can authenticate against it. We also want
this SSO service to manage roles, groups,permissions, role-group
memberships etc.
Currently this authentication is happening using DB tables and Active
Directory server.
We want to hook up these with the keycloak server.
Can this be done using Keycloak? how does keycloak compare to shibboleth?
Will using picketlink in client applications help in anyway to speed up
development.
Thanks for your patience,
Subhro.
7:41 a.m.
Keycloak can manage SSO and roles. We don't have the concept of groups
or permissions. Role groups are something we call a "composite role".
The way roles work is that you can have realm-level roles, or roles that
are associated with an application/client. You can federate user
storage in AD and DBs together. ADs should probably work out of the box
with some configuration. DBs would take custom coding to work with your
schema, but was have an SPI for it.
I don't know how Shibboleth compares to Keycloak. We're moving fast
though. We currently rely on Picketlink for our SAML client adapter.
That's it though. In the near future we will be porting the PL SAML
client adapter to Keycloak.
On 6/17/2015 3:03 AM, Subhrajyoti Moitra wrote:
Hello,
My organization, is trying to implement a SSO service internally, so
that various business applications can authenticate against it. We also
want this SSO service to manage roles, groups,permissions, role-group
memberships etc.
Currently this authentication is happening using DB tables and Active
Directory server.
We want to hook up these with the keycloak server.
Can this be done using Keycloak? how does keycloak compare to shibboleth?
Will using picketlink in client applications help in anyway to speed up
development.
Thanks for your patience,
Subhro.
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
3481
days inactive
3481
days old
1 comments
2 participants
participants (2)
-
Bill Burke -
Subhrajyoti Moitra