[keycloak-dev] Some questions from a Keycloak talk
sblanc at redhat.com
Thu Mar 30 07:47:14 EDT 2017
On Thu, Mar 30, 2017 at 12:43 PM, Thomas Darimont <
thomas.darimont at googlemail.com> wrote:
> Hi group,
> yesterday I gave a talk about Keycloak at the Javaland conference in
> The talk was well attended (~100) and I got a lot of questions at the end.
Congrats ! I also saw some nice tweets about your talk.
Let me just answer the question about Spring Boot / Security
> Some of the things people asked for were:
> Q1: Will Keycloak support JWT with EC signature?
> Q2: How to integrate Keycloak login forms or use custom login components
> in Single Page Applications?
> Q3:Will the Spring Boot Adapter make use of the Spring Security Adapter
> instead of
> using the Servlet Container specific implementations?
For now no, we had this discussion already sometime ago but we have a
pretty fair amount of users who uses Spring Boot without Spring Security so
it make sense to keep it separated. But in the next release there will be
some small enhancement to make the combination of the 2 more smooth.
> Q4: Is there a reserved path for custom REST-Resources to avoid
> clashes with Keycloak REST-Resources in new releases?
> Q5: Is there a documentation of all exposed Resource paths in Keycloak
> (appart from the REST API Docs)?
> Q6: Are there some guidelines for protecting a Keycloak server?
> Q7: The RH-SSO commercial offering states that it is based on the Open
> Community Edition of Keycloak and that on can get patches and support.
> Will those patches (e.g. for security vulnerabilities) also end up in the
> Community Edition?
> In addition to those questions. Some people asked for a list of services
> using Keycloak.
It's an easy one but one big user is ... Red Hat ;)
> Since not many people talk about that they are using Keycloak
> I found a nice way to find some Keycloak installations with a simple
> google search, just try:
> inurl:auth inurl:realms inurl:protocol
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
More information about the keycloak-dev