[keycloak-dev] [keycloak-user] Keycloak Proxy Rename
Peter Skopek
pskopek at redhat.com
Wed Aug 22 04:52:26 EDT 2018
+1
I like Keycloak Gatekeeper too.
Peter
On Wed, Aug 22, 2018 at 6:15 AM Sebastian Laskawiec <slaskawi at redhat.com> wrote:
>
> So if Keycloak Proxy is not an option (nor anything similar to that), I
> would also stay away from anything close to the "adapter".
>
> Therefore, +1 to Keycloak Gatekeeper (@Bruno, I changed my vote in the
> Polly).
>
> On Tue, Aug 21, 2018 at 11:58 PM Stian Thorgersen <sthorger at redhat.com>
> wrote:
>
> > Sure, proxy is the obvious name, but for reasons already mentioned by Bruno
> > it's not really an option for us.
> >
> > It comes from the Keycloak team, so it should have the Keycloak name in it.
> > I agree that doesn't automatically state it's a generic OIDC adapter, but
> > I'd like to keep our name in there.
> >
> > >From the suggestions so far there are two I like:
> >
> > * Keycloak Gatekeeper - suggested by Thomas on the poll. I really like this
> > and it fits nicely with Keycloak. It's also so much cooler than
> > proxy/standalone/etc.
> > * Keycloak Standalone Adapter
> >
> > On Tue, 21 Aug 2018 at 04:27, Fox, Kevin M <Kevin.Fox at pnnl.gov> wrote:
> >
> > > Coming from the outside world, I mostly searched for oidc and proxy as
> > > thats what I needed. I found oauth2_proxy after a little searching, but
> > > have been disappointed in how slow its releases are. Bugs aren't getting
> > > fixed quickly. When I looked at keycloak-proxy initially, I didn't look
> > > closer for a while as i thought is was keycloak specific.
> > >
> > > So, something like oidc-proxy might get you more successful hits.
> > >
> > > Thanks,
> > > Kevin
> > > ________________________________________
> > > From: keycloak-user-bounces at lists.jboss.org [
> > > keycloak-user-bounces at lists.jboss.org] on behalf of Alex Szczuczko [
> > > aszczucz at redhat.com]
> > > Sent: Monday, August 20, 2018 2:04 PM
> > > To: Bruno Oliveira; Hynek Mlnarik
> > > Cc: keycloak-dev; keycloak-user
> > > Subject: Re: [keycloak-user] Keycloak Proxy Rename
> > >
> > > In thinking a new name, I tried to look hard at these things:
> > >
> > > 1. what this software actually does.
> > >
> > > 2. what makes this software desirable to a user.
> > >
> > > 3. what "adapter" has meant for keycloak in the past.
> > >
> > > I'm not the best person to answer these questions, but here's what I've
> > > dug up:
> > >
> > > 1. Accepts HTTP requests and talks with Keycloak via OIDC to see if
> > > the client it serves should treat the requests as authenticated
> > > and/or authorized.
> > >
> > > 2. It avoids the need to install a bit of Keycloak software into the
> > > users' applications.
> > >
> > > 3. According to the docs[1]: Keycloak client adapters are libraries
> > > that makes it very easy to secure applications and services with
> > > Keycloak ... our adapters easy to use and they require less
> > > boilerplate code than what is typically required by a library.
> > >
> > > #1 is what we've been focusing on with names like "proxy". The reasons
> > > such names are dissatisfying is there is nothing unique about sitting in
> > > between two endpoints and doing stuff. So, we need to look at what that
> > > "stuff" means for Keycloak.
> > >
> > > #3 in combination with #2 tells us what this "stuff" means for Keycloak.
> > > This new software is clearly not an adapter. Actually, this new software
> > > accomplishes the mission of an adapter better than adapters themselves!
> > >
> > > Following that logic, Superadapter is my main proposal for a new name.
> > > Maybe throw in OIDC (oidc-superadapter) if there's ever going to be a
> > > saml-superadapter.
> > >
> > > Alternatively, we could focus on the lack of an adapter, with names
> > > based on terms like Adapterless:
> > >
> > > - AKI: Adapterless Keycloak Integrator
> > > - KOSA: Keycloak OIDC Sans-Adapter
> > > - AKOS: Adapterless Keycloak OIDC Server
> > > - KOAF: Keycloak OIDC Adapter-Free
> > > - etc...
> > >
> > > Alex
> > >
> > > [1]
> > >
> > https://www.keycloak.org/docs/latest/securing_apps/index.html#what-are-client-adapters
> > >
> > > Quoting Bruno Oliveira (2018-08-20 09:54:42)
> > > > Only to give a brief context for people not aware of it. Keycloak
> > > > Generic Adapter was not well accepted, because the naming is too
> > > > vague. So we have to reopen this discussion and think about a better
> > > > naming.
> > > >
> > > > During our team call today I suggested just "keycloak-adapter", which
> > > > would cover the apps which don't have its own specific adapter
> > > > solution.
> > > >
> > > > That said, maybe we should open a new poll? I just created a new one
> > > > where people can vote/suggest:
> > > >
> > > > https://poll.ly/#/Lbww4ebG
> > >
> > > _______________________________________________
> > > keycloak-user mailing list
> > > keycloak-user at lists.jboss.org
> > > https://lists.jboss.org/mailman/listinfo/keycloak-user
> > >
> > > _______________________________________________
> > > keycloak-user mailing list
> > > keycloak-user at lists.jboss.org
> > > https://lists.jboss.org/mailman/listinfo/keycloak-user
> > >
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-dev
mailing list