[keycloak-dev] Atlassian (Jira, Confluence) SSO adapters for OIDC/Keycloak

Vlastimil Elias velias at redhat.com
Fri Oct 6 05:05:45 EDT 2017


Hi,


On 6.10.2017 06:43, Stian Thorgersen wrote:
> Do they really need separate adapters? I would have thought Atlassian 
> would be smart enough to let you write one auth plugin for all.

They have some common frameworks around auth and user management like 
Seraph and Crowd-Embedded used in most of their products, but there are 
still some differences in some areas (as some atlassian products are 
from acquisitions so not totally same internally). Sometimes even new 
version of one product requires changed implementation. My intention is 
to create common base for the adapter, and then as tiny special wrappers 
for distinct products/versions as possible.

>
> Would be good to have this in Keycloak for sure. I can add a repo for 
> you and make you admin of the repo. Does keycloak-atlassian-plugin 
> sound right? We already have one for Jenkins 
> (https://github.com/keycloak/jenkins-keycloak-plugin) although I have 
> no clue what state it is in.

If you can create the repo now and let me work in it then cool, 
keycloak-atlassian-plugin name works for me. I'll use same OSS License 
as Keycloak for this code.

Thanks

Vlastimil

>
> On Thu, Oct 5, 2017 at 2:55 PM, Vlastimil Elias <velias at redhat.com> wrote:
>> Hi, I'm going to implement OIDC/Keycloak SSO adapters for Atlassian 
>> SW like Jira or Confluence, starting with Jira first. My intention is 
>> to have full SSO integration there, so keycloak will be used for all 
>> logins to Jira (jira login page not used in any way), and even 
>> automatic login on first jira visit if user has SSO session in 
>> keycloak already. I wrote similar stuff for CAS protocol so I believe 
>> it is possible to implement it. Do you think a repo for these 
>> adapters (one shared for all of them) should be hosted in 
>> https://github.com/keycloak organization? Or should I implement them 
>> in independent repo first and move under keycloak org later if my 
>> implementation will be worth it? I plan to use OIDC adapter from 
>> keycloak project for my implementation, but my intention is to write 
>> them as universal OIDC adapters, not bound to Keycloak SSO server 
>> itself. Vlastimil
>> -- 
>> Vlastimil Elias Principal Software Engineer, Middleware Engineering 
>> Services Red Hat _______________________________________________ 
>> keycloak-dev mailing list keycloak-dev at lists.jboss.org 
>> <mailto:keycloak-dev at lists.jboss.org> 
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev

-- 
Vlastimil Elias
Principal Software Engineer, Middleware Engineering Services
Red Hat



More information about the keycloak-dev mailing list