[keycloak-user] keycloak and AD
Marek Posolda
mposolda at redhat.com
Fri Sep 14 02:10:04 EDT 2018
We did not test anything like this. If you use reverse proxy in front of
Keycloak and this reverse proxy is doing the SPNEGO handshake, you will
probably need to change some code on the Keycloak side as well and
rewrite SpnegoAuthenticator a bit. Maybe it is possible if you create
your own authenticator and replace the builtin SpnegoAuthenticator it in
the authentication flow with yours. No guarantees... Another question is
why/if the proxy is needed?
Marek
On 13/09/18 10:25, Kannan, Vidhya (CMS) wrote:
> Hello Keycloak users:
>
> I need to integrate Keycloak with AD auth. I see from the doc, Kerberos is proposedhttps://www.keycloak.org/docs/3.2/server_admin/topics/authentication/kerberos.html
>
> >From Tomcat site, there are other options like https://tomcat.apache.org/tomcat-7.0-doc/windows-auth-howto.html#Reverse_proxies
>
> Would this work?
>
> Any experience shared will help.
>
> Thanks,
> Vidhya
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list