How to secure your Spring Apps with Keycloak by Thomas Darimont @ Spring I/O 2018
HTML-код
- Опубликовано: 2 дек 2024
- Spring I/O 2018 - Barcelona, 24-25 May
Slides: github.com/tho...
GitHub repo: github.com/tho...
This talk will introduce Keycloak, an Open Source Identity and Access Management solution from Red Hat, which can help you to equip your applications with centralized authentication and authorization.
Keycloak provides Single Sign-On based on widely used protocols such as OpenID Connect 1.0, OAuth 2.0 and SAML2, that are easy to integrate with own applications. Keycloak comes with many batteries included, e.g. user management, user registration, 2-factor authentication, support for external identity providers such as Google, Facebook, Twitter, custom look-and-feel and integration with directory services like LDAP, Kerberos or Active Directory. Additionally, Keycloak offers a comprehensive extension model that makes it easy to adapt it to your own needs.
After a short overview of Keycloak features, we will introduce some core concepts with a guided tour through Keycloaks Admin UI. We then take an in-depth look at an OAuth / OpenID Connect based authentication flow. After those foundations are set we will demonstrate possibilities for integrating Keycloak in selected authentication scenarios. We conclude the talk with a brief demo of an centralized identity management infrastructure, built around Keycloak.
thanks for this great presentation!
very helpful presentation. we want to use keycloak at our office and need good structured informations like that!
Excellent presentation and keycloak resources. Thanks.
Thanks sir, How to you can share images setup KeyCloak Client in this Project ??? Thanks you very much!
Is it possible to have a table join of Keycloak Users with Transaction tables in another database?
Hello Thomas ,
Thanks a lot for this video. I followed the steps as per your video but I am getting "status": 401,
"error": "Unauthorized", error on postman. IN eclipse, I can see it is not hitting the code.
Would you please help me out. Best Regards.
Could we manage access to REST resources in java app using keycloak client authorization only?
Very good explanation of SSO!
Hello thomas really very helpful presentation ,thank you so much
awesome tutorial on keycloak
how to secure connection with https
How is LDAP/user federation different from the other identity providers? Why is it not listed there?
Hi, i will try to explain in few chars. Identity providers, is part of OpenID Connect/SAML specifications, so it works as specified in the protocols (redirect the authentication/authorization to another Identity Provider (like a social login also)). Federation in this case works as User credentials repository (and in some cases group mapping), so the keycloak import users/groups from there and make a local copy.
Good explanation 🔥
Hello,
Can you tell me, how to do infinispan setup, in detail.
Thanks in advance.
good presentation.
Why is the keyid (kid) not just the public key itself? Seems like an extra roundtrip to figure that out...
to save some bytes
A public key doesn't change often, so it makes sense to cache it, instead of exchanging it all the time. For chatty applications where a payload is not that big compared to public key size, it would hurt network bandwidth since the same information would be transferred over and over again
I think it has to do with revoking jwts.
If the kid is not valid anymore the jwt is not accepted.
And the kid will not be cached for long times I think
Are realms equivalent to tenants?
As per my understanding, yes
Hello Thomas i'm working on a project with keycloak starting by your "spring-boot-keycloak-server-example" project. I have a question about that. I would like to kwnow where is the keycloak themes directory so that if i want to customize a theme i can put my files there.
how to notify youtube that this audio should be tarnslated into English, not German?
Awesome..
35:00 27:00