[keycloak-user] Keycloak Modules developed for the Cloudtrust project
Meissa M'baye Sakho
msakho at redhat.com
Thu Dec 6 10:58:54 EST 2018
Hello Alistair,
Have you created the pull request for the keycloak-export module?
It's a very useful one and I think it could be nice if it becomes fully a
part of keycloak.
Meissa
Le ven. 17 août 2018 à 14:40, Doswald Alistair <alistair.doswald at elca.ch> a
écrit :
> I’ve done the PR for the extension page (keycloak-authorization and
> keycloak-export), and it’s been accepted. For the client-mapper I’ll see
> what’s necessary to be done to have it merged directly into Keycloak.
>
> For the mechanism of keycloak-authorization, I for one would like having
> this functionality supported OOTB, whether through our (admittedly not very
> sophisticated) system, or another. I received a message from Stian
> Thorgersen on the dev mailing (here:
> http://lists.jboss.org/pipermail/keycloak-dev/2018-August/011116.html )
> list asking more details about the module, so I’ll at least be discussing
> the matter with him.
>
> Cheers,
>
> Alistair
>
> From: Pedro Igor Silva <psilva at redhat.com>
> Sent: vendredi 10 août 2018 18:52
> To: Marek Posolda <mposolda at redhat.com>
> Cc: Doswald Alistair <alistair.doswald at elca.ch>;
> keycloak-user at lists.jboss.org
> Subject: Re: [keycloak-user] Keycloak Modules developed for the Cloudtrust
> project
>
> Cool stuff ! Thanks for sharing.
>
> I've looked keycloak-authorization very quickly and changes look really
> simple, I'm glad to start a discussion about supporting this OOTB. Maybe
> this can be part of the review of admin fine-grained permissions we are
> planning.
>
> Regards.
> Pedro Igor
>
> On Fri, Aug 10, 2018 at 9:43 AM, Marek Posolda <mposolda at redhat.com
> <mailto:mposolda at redhat.com>> wrote:
> Thanks for the heads up!
>
> IMO it will be cool if you send PR for the javascript mapper directly to
> Keycloak, however we may need automated test and also docs (separate PR
> needs to be sent for the docs).
>
> For the keycloak-authorization and keycloak-export (and maybe for
> keycloak-client-mappers too if you don't have time for the PR to
> upstream), it may be good to send PR to update the extensions page
> maybe? It's here: https://www.keycloak.org/extensions.html and sources
> are here:
>
> https://github.com/keycloak/keycloak-web/tree/master/src/main/resources/extensions
> . Assuming that those things are generally useful for the other users
> from the community (I am not 100% sure about the keycloak-authorization.
> Rather leaving to you to decide if it's generally useful or not). The
> keycloak-wsfed is already on the extensions page.
>
> Thanks!
> Marek
>
>
> On 10/08/18 11:44, Doswald Alistair wrote:
> > Hello,
> >
> > I just wanted to let this mailing list know that for the Cloudtrust
> project (https://github.com/cloudtrust), we have developed a certain
> number modules for Keycloak. These are currently compatible with the
> version 3.4.3.Final of Keycloak, but we will make them compatible with
> Keycloak 4.X (where X will be the latest sub-version of Keycloak when we
> start working on this) as soon as we can. These modules are:
> >
> > * keycloak-wsfed (https://github.com/cloudtrust/keycloak-wsfed): an
> implementation of the WS-Federation protocol for keycloak. This allows to
> select the WS-Federation protocol for Keycloak clients and for identity
> brokers.
> >
> > * keycloak-authorization (
> https://github.com/cloudtrust/keycloak-authorization): this module allows
> the use of the client authorization system to prevent a user which is
> authenticated in a Keycloak realm to access a given client. It works no
> matter which protocol is used, and without the client having to support any
> extra protocol. Note: this solution is a bit hacky, but necessary for one
> of our use-cases.
> >
> > * keycloak-client-mappers (
> https://github.com/cloudtrust/keycloak-client-mappers): a module for
> adding any mappers that we might need that are not yet part of Keycloak.
> Currently only contains a JavaScript mapper for SAML, analogous to the OIDC
> script mapper. I've noticed that there's an open issue for this feature (
> https://issues.jboss.org/browse/KEYCLOAK-5520). If desirable I could
> submit this code not as a module but a solution to the issue.
> >
> > * keycloak-export (https://github.com/cloudtrust/keycloak-export): a
> module adding an endpoint to fully export a realm while Keycloak is still
> running (no need for restarts!).
> >
> > Cheers,
> >
> > Alistair
> >
> > PS: I'm mailing this both dev and user mailing lists as I believe it may
> interest members of both mailing lists
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list