3:21 a.m.
Hi,
Currently our JavaEE application with servlets, EJB, remote EJB & HornetQ
messaging using JAAS login module with LDAP back end. I am trying to
integrate Keyclock with our WildFly 10.1 server for using identity provider
& SSO.
*Source LDAP/DB Sync*
Found that Keycloak supports LDAP sync & we can sync existing user data
periofically to Keyclock. Is it possiblr to sync from multiple user data
stores as we have to integrate multiple JavaEE web apps?
*JAAS custom login module for Keyclock*
Currently we are using JAAS custom login module for
authentication/authorization. Is it possible to user the same or similar
login module with Keyclock? We need to avoid redirection to Keyclock login
page.
If redirection is must, is there any sample to migrate from JAAS to
Keyclock realm?
Thanks!
--
Life is like this: "Just when we get all the answers of life.... God
changes the question paper....
Valsaraj Viswanathan
4:28 a.m.
Hi,
We are very much interested in this as well, and had some tests done based on the work of
Marek Posolda
https://github.com/mposolda/keycloak-remote-ejb
This poc is based on direct access grants so no redirects are required.
This seems to work just fine when having a ejb module, but when packaging this inside an
EAR we don't seem to be able to get this working any longer. Not sure why yet, as we
did not have enough time to fully debug this. Our EAR consists of several ejb modules,
wars, etc.
Best regards,
Jeroen Muis,
Copas B.V.
-----Original Message-----
From: keycloak-user-bounces(a)lists.jboss.org [mailto:keycloak-user-bounces@lists.jboss.org]
On Behalf Of valsaraj pv
Sent: Thursday, 8 February 2018 10:22
To: keycloak-user(a)lists.jboss.org
Subject: [keycloak-user] Integrating WildFly JavaEE application with Keyclock
Hi,
Currently our JavaEE application with servlets, EJB, remote EJB & HornetQ messaging
using JAAS login module with LDAP back end. I am trying to integrate Keyclock with our
WildFly 10.1 server for using identity provider & SSO.
*Source LDAP/DB Sync*
Found that Keycloak supports LDAP sync & we can sync existing user data periofically
to Keyclock. Is it possiblr to sync from multiple user data stores as we have to integrate
multiple JavaEE web apps?
*JAAS custom login module for Keyclock*
Currently we are using JAAS custom login module for authentication/authorization. Is it
possible to user the same or similar login module with Keyclock? We need to avoid
redirection to Keyclock login page.
If redirection is must, is there any sample to migrate from JAAS to Keyclock realm?
Thanks!
--
Life is like this: "Just when we get all the answers of life.... God changes the
question paper....
Valsaraj Viswanathan
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
5:27 a.m.
We have ear with war and ejb jar. So what option is better and working to
integrate keycloak? If we use keycloak login module, will this set cookies?
I wonder how sso will work in this case.
On 08-Feb-2018 3:58 PM, "Jeroen Muis" <j.muis(a)copas.nl> wrote:
Hi,
We are very much interested in this as well, and had some tests done
based on the work of Marek Posolda
https://github.com/mposolda/keycloak-remote-ejb
This poc is based on direct access grants so no redirects are required.
This seems to work just fine when having a ejb module, but when packaging
this inside an EAR we don't seem to be able to get this working any longer.
Not sure why yet, as we did not have enough time to fully debug this. Our
EAR consists of several ejb modules, wars, etc.
Best regards,
Jeroen Muis,
Copas B.V.
-----Original Message-----
From: keycloak-user-bounces(a)lists.jboss.org [mailto:keycloak-user-bounces@
lists.jboss.org] On Behalf Of valsaraj pv
Sent: Thursday, 8 February 2018 10:22
To: keycloak-user(a)lists.jboss.org
Subject: [keycloak-user] Integrating WildFly JavaEE application with
Keyclock
Hi,
Currently our JavaEE application with servlets, EJB, remote EJB & HornetQ
messaging using JAAS login module with LDAP back end. I am trying to
integrate Keyclock with our WildFly 10.1 server for using identity provider
& SSO.
*Source LDAP/DB Sync*
Found that Keycloak supports LDAP sync & we can sync existing user data
periofically to Keyclock. Is it possiblr to sync from multiple user data
stores as we have to integrate multiple JavaEE web apps?
*JAAS custom login module for Keyclock*
Currently we are using JAAS custom login module for
authentication/authorization. Is it possible to user the same or similar
login module with Keyclock? We need to avoid redirection to Keyclock login
page.
If redirection is must, is there any sample to migrate from JAAS to
Keyclock realm?
Thanks!
--
Life is like this: "Just when we get all the answers of life.... God
changes the question paper....
Valsaraj Viswanathan
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
6:23 a.m.
Hi,
I don’t know, we have not been focusing on the war as I suspected that would work out of
the box. (We have other standalone war deployments which are working). Maybe someone else
can comment?
In any case, our main issue has been around the remote ejb authentication / authorization
issues.
Is anyone on the user group successfully using EAR + remote EJB module(s) and willing to
share solution (including the WildFly domain/standalone.xml settings for JAAS / …)
Best regards,
Jeroen Muis,
Copas B.V.
From: valsaraj pv [mailto:valsarajpv@gmail.com]
Sent: Thursday, 8 February 2018 12:28
To: Jeroen Muis <j.muis(a)copas.nl>
Cc: keycloak-user(a)lists.jboss.org
Subject: RE: [keycloak-user] Integrating WildFly JavaEE application with Keyclock
We have ear with war and ejb jar. So what option is better and working to integrate
keycloak? If we use keycloak login module, will this set cookies? I wonder how sso will
work in this case.
On 08-Feb-2018 3:58 PM, "Jeroen Muis"
<j.muis@copas.nl<mailto:j.muis@copas.nl>> wrote:
Hi,
We are very much interested in this as well, and had some tests done based on the work of
Marek Posolda
https://github.com/mposolda/keycloak-remote-ejb
This poc is based on direct access grants so no redirects are required.
This seems to work just fine when having a ejb module, but when packaging this inside an
EAR we don't seem to be able to get this working any longer. Not sure why yet, as we
did not have enough time to fully debug this. Our EAR consists of several ejb modules,
wars, etc.
Best regards,
Jeroen Muis,
Copas B.V.
-----Original Message-----
From:
keycloak-user-bounces@lists.jboss.org<mailto:keycloak-user-bounces@lists.jboss.org>
[mailto:keycloak-user-bounces@lists.jboss.org<mailto:keycloak-user-bounces@lists.jboss.org>]
On Behalf Of valsaraj pv
Sent: Thursday, 8 February 2018 10:22
To: keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org>
Subject: [keycloak-user] Integrating WildFly JavaEE application with Keyclock
Hi,
Currently our JavaEE application with servlets, EJB, remote EJB & HornetQ messaging
using JAAS login module with LDAP back end. I am trying to integrate Keyclock with our
WildFly 10.1 server for using identity provider & SSO.
*Source LDAP/DB Sync*
Found that Keycloak supports LDAP sync & we can sync existing user data periofically
to Keyclock. Is it possiblr to sync from multiple user data stores as we have to integrate
multiple JavaEE web apps?
*JAAS custom login module for Keyclock*
Currently we are using JAAS custom login module for authentication/authorization. Is it
possible to user the same or similar login module with Keyclock? We need to avoid
redirection to Keyclock login page.
If redirection is must, is there any sample to migrate from JAAS to Keyclock realm?
Thanks!
--
Life is like this: "Just when we get all the answers of life.... God changes the
question paper....
Valsaraj Viswanathan
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user
7 a.m.
You have war deployment working with jaas login module?
On 08-Feb-2018 5:53 PM, "Jeroen Muis" <j.muis(a)copas.nl> wrote:
Hi,
I don’t know, we have not been focusing on the war as I suspected that
would work out of the box. (We have other standalone war deployments which
are working). Maybe someone else can comment?
In any case, our main issue has been around the remote ejb authentication
/ authorization issues.
Is anyone on the user group successfully using EAR + remote EJB module(s)
and willing to share solution (including the WildFly domain/standalone.xml
settings for JAAS / …)
Best regards,
Jeroen Muis,
Copas B.V.
*From:* valsaraj pv [mailto:valsarajpv@gmail.com]
*Sent:* Thursday, 8 February 2018 12:28
*To:* Jeroen Muis <j.muis(a)copas.nl>
*Cc:* keycloak-user(a)lists.jboss.org
*Subject:* RE: [keycloak-user] Integrating WildFly JavaEE application
with Keyclock
We have ear with war and ejb jar. So what option is better and working to
integrate keycloak? If we use keycloak login module, will this set cookies?
I wonder how sso will work in this case.
On 08-Feb-2018 3:58 PM, "Jeroen Muis" <j.muis(a)copas.nl> wrote:
Hi,
We are very much interested in this as well, and had some tests done
based on the work of Marek Posolda
https://github.com/mposolda/keycloak-remote-ejb
This poc is based on direct access grants so no redirects are required.
This seems to work just fine when having a ejb module, but when packaging
this inside an EAR we don't seem to be able to get this working any longer.
Not sure why yet, as we did not have enough time to fully debug this. Our
EAR consists of several ejb modules, wars, etc.
Best regards,
Jeroen Muis,
Copas B.V.
-----Original Message-----
From: keycloak-user-bounces(a)lists.jboss.org [mailto:keycloak-user-bounces@
lists.jboss.org] On Behalf Of valsaraj pv
Sent: Thursday, 8 February 2018 10:22
To: keycloak-user(a)lists.jboss.org
Subject: [keycloak-user] Integrating WildFly JavaEE application with
Keyclock
Hi,
Currently our JavaEE application with servlets, EJB, remote EJB & HornetQ
messaging using JAAS login module with LDAP back end. I am trying to
integrate Keyclock with our WildFly 10.1 server for using identity provider
& SSO.
*Source LDAP/DB Sync*
Found that Keycloak supports LDAP sync & we can sync existing user data
periofically to Keyclock. Is it possiblr to sync from multiple user data
stores as we have to integrate multiple JavaEE web apps?
*JAAS custom login module for Keyclock*
Currently we are using JAAS custom login module for
authentication/authorization. Is it possible to user the same or similar
login module with Keyclock? We need to avoid redirection to Keyclock login
page.
If redirection is must, is there any sample to migrate from JAAS to
Keyclock realm?
Thanks!
--
Life is like this: "Just when we get all the answers of life.... God
changes the question paper....
Valsaraj Viswanathan
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
2982
days inactive
2982
days old
4 comments
2 participants
participants (2)
-
Jeroen Muis -
valsaraj pv