1:02 a.m.
Dear Team
We are evaluating the keycloak SSO, we require some of the features to be deployed.
1. We are planning to deploy Primary Server in our Data center and replica in the AWS
data center - does keycloak supports replication between primary and secondary
2. How to address Non SAML / Open ID - we have in house application which does not
support SAML, how to address those applications
3. We are integrated Keycloak with Active directory and LDAP, but change password is
not supported for AD / LDAP.
Regards
[All]
Above email is subject to 'Disclaimer' as per <a
href="http://tafe.co.in/email-disclaimer.htm">http://tafe.co.in/email-disclaimer.htm</a>
2:16 a.m.
Hi,
No expert here at all, but
On 12/04/2017 08:02 AM, trmadhu(a)tafe.com wrote:
2. How to address Non SAML / Open ID - we have in house
application which does not support SAML, how to address those applications
I guess
this question is really too generic.
You need to find something (ldap comes to mind) that your userdb and
your applications have in common. In the case of saml2/open id connect,
keycloak can help. For other cases, you need to arrange somthing else.
(again: ldap comes to mind)
3. We are integrated Keycloak with Active directory and LDAP, but
change password is not supported for AD / LDAP.
Password change via ldap/AD *is*
supported. We are using it.
(unless I misunderstand your question..?)
MJ
12:14 p.m.
Hi,
2. How to address Non SAML / Open ID - we have in house
application which does not support SAML, how to address those
applications
If your in-house application supports *any* SSO technology, either
standard or ad-hoc, you could implement that as a Keycloak plug-in.
Keycloak is really extensible, once I had to implement OpenID 2.0
(older version) support, it wasn't that hard. In this case, you won't
need to modify the application itself.
Alternatively, if you do control your application's internals
(especially authentication mechanisms), you could implement
authentication via Keycloak REST endpoint using direct grant.
Regards,
Dmitry
3. We are integrated Keycloak with Active directory and LDAP, but
change password is not supported for AD / LDAP.
Regards
[All]
Above email is subject to 'Disclaimer' as per <a href="http://tafe.co
.in/email-disclaimer.htm">http://tafe.co.in/email-disclaimer.htm</a>;
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
2580
days inactive
2580
days old
2 comments
3 participants
participants (3)
-
Dmitry Telegin -
mj -
trmadhu@tafe.com