Home

The security/keycloak port

keycloak-26.0.0 – Identity and Access Management solution (cvsweb github mirror)

Description

Keycloak is an open source Identity and Access Management solution
aimed at modern applications and services. It makes it easy to
secure applications and services with little to no code, providing
the following features:
- SAML, OAuth 2.0 and OpenID Connect
- Single Sign On
- Admin Console
- Account Management Console
- User Federation with LDAP and Active Directory
- Identity Brokering and Social Login
No homepage

Readme

+-------------------------------------------------------------------------------
| Running ${PKGSTEM} on OpenBSD
+-------------------------------------------------------------------------------

Config files
============

The default config file for keycloak is stored at:

    ${SYSCONFDIR}/keycloak/keycloak.conf

While the data files are stored at:

    ${LOCALSTATEDIR}/db/keycloak


Working with a reverse proxy
============================

Keycloak needs HTTPS and will not work without a TLS certificate. A reverse proxy
such as nginx, relayd or haproxy, can be used to do TLS termination. In such a
case, keycloak must be told to trust the reverse proxy by setting the
following options in the config file:

    http-enabled=true
    http-port=
    proxy=edge


Working in a cluster
====================

Keycloak supports clustered, high availability mode. This needs multicast enabled,
the details of which can be read in multicast(4).

Due to the limitations of Java on OpenBSD, it is recommended to only use the IPv4
stack for keycloak, both in normal and cluster modes.

Maintainer

Aisha Tammy

Only for arches

aarch64 amd64 i386

Categories

java security

Run dependencies

Files

Search