[keycloak-dev] Keycloak Modules developed for the Cloudtrust project

Thomas Darimont thomas.darimont at googlemail.com
Tue Aug 14 15:26:21 EDT 2018


Hello Alistair,

those are IMHO awesome modules thanks for sharing :)
btw. you also have a handy go Keycloak client :)
https://github.com/cloudtrust/keycloak-client

Regarding SAML ScriptMapper (KEYCLOAK-5520) I think it totally makes sense
to integrate that into Keycloak directly.
I was onto writing that myself but then priorities changed..., but your
implementation looks quite good already :)
I'm pretty sure that if you get the tests running inside the Keycloak
test-suite the Keycloak team would be happy to discuss/merge your PR.

Cheers,
Thomas

Am Di., 14. Aug. 2018 um 12:04 Uhr schrieb Doswald Alistair <
alistair.doswald at elca.ch>:

> Hello,
>
> I just wanted to let this mailing list know that for the Cloudtrust
> project (https://github.com/cloudtrust), we have developed a certain
> number modules for Keycloak. These are currently compatible with the
> version 3.4.3.Final of Keycloak, but we will make them compatible with
> Keycloak 4.X (where X will be the latest sub-version of Keycloak when we
> start working on this) as soon as we can. These modules are:
>
> * keycloak-wsfed (https://github.com/cloudtrust/keycloak-wsfed): an
> implementation of the WS-Federation protocol for keycloak. This allows to
> select the WS-Federation protocol for Keycloak clients and for identity
> brokers.
>
> * keycloak-authorization (
> https://github.com/cloudtrust/keycloak-authorization): this module allows
> the use of the client authorization system to prevent a user which is
> authenticated in a Keycloak realm to access a given client. It works no
> matter which protocol is used, and without the client having to support any
> extra protocol. Note: this solution is a bit hacky, but necessary for one
> of our use-cases.
>
> * keycloak-client-mappers (
> https://github.com/cloudtrust/keycloak-client-mappers): a module for
> adding any mappers that we might need that are not yet part of Keycloak.
> Currently only contains a JavaScript mapper for SAML, analogous to the OIDC
> script mapper. I've noticed that there's an open issue for this feature (
> https://issues.jboss.org/browse/KEYCLOAK-5520). If desirable I could
> submit this code not as a module but a solution to the issue.
>
> * keycloak-export (https://github.com/cloudtrust/keycloak-export): a
> module adding an endpoint to fully export a realm while Keycloak is still
> running (no need for restarts!).
>
> Cheers,
>
> Alistair
>
> PS: I mailed this to both dev and user mailing lists as I believe it may
> interest members of both mailing lists. However, upon sending to the dev
> mailing list the first time it bounced. This is the second attempt.
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>


More information about the keycloak-dev mailing list