9:40 a.m.
Hi Everyone,
I have set-up keycloak locally and I like it a lot. I generally like to
hide implementation detail from related services so that they can be
decoupled.
I know keycloak have libs for plenty of different frameworks etc, although
I am thinking about setting it up using Apache and mod_auth_openidc
The advantage is that our software will have openid connect as a dependency
rather than keycloak. I would like to ask you what I am missing out with
such a setup?
Are there any major features I am loosing by not using keycloak specific
clients libs to connect my appllications to keycloak directly?
Thanks for any insights !
Istvan
3:07 a.m.
There are two main things you'd miss:
* Direct support for roles - there are ways to do this though
* Backchannel logout - our logout mechanism for OIDC is currently
proprietary as there was no OIDC spec for it when we implemented it, and
it's still only a draft I believe
On 6 February 2017 at 16:40, Istvan Orban <istvan.orban(a)gmail.com> wrote:
Hi Everyone,
I have set-up keycloak locally and I like it a lot. I generally like to
hide implementation detail from related services so that they can be
decoupled.
I know keycloak have libs for plenty of different frameworks etc, although
I am thinking about setting it up using Apache and mod_auth_openidc
The advantage is that our software will have openid connect as a dependency
rather than keycloak. I would like to ask you what I am missing out with
such a setup?
Are there any major features I am loosing by not using keycloak specific
clients libs to connect my appllications to keycloak directly?
Thanks for any insights !
Istvan
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
3:17 a.m.
Hi,
Thanks for getting back to me on this one!
On the backchannel logout bit: I reckon you guys are planning to conform to
OIDC spec. Do you have a rought idea on timeline? I want to make sure that
I keep an eye out and perhaps implement this as it becomes available.
Thanks for your answer again!
Kind Regards
On 7 February 2017 at 09:07, Stian Thorgersen <sthorger(a)redhat.com> wrote:
There are two main things you'd miss:
* Direct support for roles - there are ways to do this though
* Backchannel logout - our logout mechanism for OIDC is currently
proprietary as there was no OIDC spec for it when we implemented it, and
it's still only a draft I believe
On 6 February 2017 at 16:40, Istvan Orban <istvan.orban(a)gmail.com> wrote:
> Hi Everyone,
>
> I have set-up keycloak locally and I like it a lot. I generally like to
> hide implementation detail from related services so that they can be
> decoupled.
> I know keycloak have libs for plenty of different frameworks etc, although
> I am thinking about setting it up using Apache and mod_auth_openidc
> The advantage is that our software will have openid connect as a
> dependency
> rather than keycloak. I would like to ask you what I am missing out with
> such a setup?
> Are there any major features I am loosing by not using keycloak specific
> clients libs to connect my appllications to keycloak directly?
>
> Thanks for any insights !
>
> Istvan
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
--
Kind Regards,
*----------------------------------------------------------------------------------------------------------------*
*Istvan Orban* *I *Skype: istvan_o *I *Mobile: +44 (0) 7956 122 144 *I *
2865
days inactive
2866
days old
2 comments
2 participants
participants (2)
-
Istvan Orban -
Stian Thorgersen