发布于 2016-12-26 03:50:39 | 105 次阅读 | 评论: 0 | 来源: 网友投递
Keycloak SSO 集成解决方案
Keycloak 是一个针对Web应用和 RESTful Web 服务提供 SSO 集成。基于 OAuth 2.0 和 JSON Web Token(JWT) 规范。目前用于实现 JBoss 与 Wildfly 通讯,但将来将为 Tomcat、Jetty、Node.js、Rails、Grails 等环境提供解决方案。
SSO 集成解决方案 Keycloak 2.5.0.CR1 发布了。
该版本主要是修复了 bug,在这个版本已经解决了 165 个 issue。值得关注的更新:
用户存储 SPI - We've removed the old User Federation SPI in this release. If you have custom user federation providers you will need to migrate them to the User Storage SPI.
HMAC 密钥提供程序 - We've added a secret key provider to be able to do HMAC signatures. These are faster than RSA signatures and are used for signing cookies.
可劲用 Impersonation - If you don't want to allow admins to be able to impersonate users you can now fully disable this feature.
这是 Keycloak 2 系列的第二个到最后的版本。期待 1 月底一个更多的 bug 修复和 2.5.1.Final 的发布。之后,将开始使用 Keycloak 3。
未来计划:
Multi data center support - It's kinda possible at the moment, but we are planning to do a lot of improvements in this area
Authentication SPI - We're aiming to cleanup the authentication SPI and may also be adding more built-in authentication capabilities
Validation on Admin Endpoints and Console - There's currently a lack of validation on the admin endpoints which could result in bad configuration
Profile SPI - Single configurable and extensible place to define validation for user validation for self-registration, account management and the admin console
New Account Management - New modern and easier to use account management console
Testing and CI - More automated testing, better test coverage and more Jenkins!