I am building rest services by Quarkus, I have some endpoints that are authenticated by keycloak, but some are authenticated by basic authentication. Can I do that in Quarkus ?
Thanks a lot.
Related
Does SSO between OIDC and SAML2 clients are possible in Keycloak? if so how to achieve this condition, either by IDP initiated or SP initiated authentication process.
Does Keycloak produce cookies that can be used in SAML SP clients, even though we authenticate with OIDC clients?
I'm trying to connect my OIDC clients such as VueJS and Spring Boot applications with SAP ECC EHP7, so that I can use the authenticated user either token or cookie to send request SAP ECC EHP7 API.
I have already configure SAP ECC EHP7 SAML2 configuration to add Keycloak as a trusted identity provider and import it as a SP in Keycloak clients.
I need a clear infrastructure and technical configuration of authentication flow and request on how we can achieve this
I use Apache Karaf 4.x for my rest services. I would like to provide authentication and authorization for my services via Keycloak. I do not want to make direct changes in each service. Instead, I would like to configure karaf in the way that if request is not authenticated then it will forward to keycloak to get a session. or maybe there could be client credentials or bearer token and karaf could check that token before allowing to use the service.
Any help is appreciated.
Thanks in advance
I was checking keycloak authorization service to implement authorization service for few of the REST endpoints which do not have keycloak adapter implemented.
From keycloak quick starts example it looks like authorization service only supported for end points which has keycloak adapter implemented.
Has any one tried to perform keycloak authentication to a REST request before request actually goes to that server.
The REST endpoints are written in Node.JS and i can't implement the adapter in Node.JS because it is not maintained by us. :)
I have the following:
An existing WEB application using SAML for authentication. Using B2C custom
policies, I have successfully set up Azure AD B2C to allow this
application to authenticate users using SAML.
An API (ASP.NET Web API) using OpenID connect to authenticate callers (on the same Azure AD B2C).
I would like to authenticate calls from the Web Application to the WebAPI using the identity of the Web application authenticated user.
So I have would need a JWT token so I can validate it in my API middleware.
Is there any simple way of converting the SAML Assertion to a JWT token so the Web application can send it to my API with requests ?
I have read somewhere that IdentityServer could do the job using Azure ACS (For AAD B2C ?) but I understand that ACS will be retired on November...
Thanks.
You can ask your IDP to provide the JWT token as a SAML attribute inside your current SAML tokens, or ask them to provide you with an alternative way of acquiring the JWT tokens you require.
Also, you can configure IdentityServer to return JWT. Go to global config and change the default token type to JWT (same value as the default http token type).
How can I use ServiceStack's Credentials authentication to implement a custom OAuth2 solution? I am trying to use it so I don't have to use 3rd party providers like Google.
The CredentialsAuthProvider is not an OAuth2 provider, it enables a conventional UserName / Password Login and uses ServiceStack's built-in /register Service for Registration/SignUp.
The HttpBenchmarks LiveDemo explains how to enable both Credentials Auth as OAuth Providers in the same application.