3

I have an Web application with Java EE security running in Wildfly 9 that uses Keycloak 1.4 (in a separate service) as the authentication and authorization service. I'd like to allow users logged in to the Web App realm to be SSO authenticated in Alfresco Share.

I've tried following the Keycloak documentation for configuring a keycloak adapter in the Alfresco Share Tomcat app, and also the Alfresco documentation for configuring an external SSO provider, but to no avail.

I'm using alfresco-community-5.0.d.

Has anyone successfully done this? If so, how?

Arjan Tijms
  • 37,782
  • 12
  • 108
  • 140
John
  • 101
  • 1
  • 7
  • I wonder if this would be better on [ServerFault](http://serverfault.com/) rather than here, since it's more about the servers/deployment, rather than coding? – Gagravarr Oct 22 '15 at 23:38
  • It was apparently not welcome on ServerFault. They don't even have a keycloak tag and the admin thought the questions dealing with Apache and Tomcat were identical. He also thought "try a mailing list." meant the question was answered. I'm still looking for a solution, but it won't come from there. – John Oct 26 '15 at 15:50
  • confirm, not serverfault - this is dealing with software integration, stack overflow appropriate (security software, yes, but software integration here). – dhartford May 05 '16 at 13:27

2 Answers2

0

The alfresco SSO integration points changed in 5.x, so may not have much information/history.

I do know that there are a number of community initiatives for integration with OpenAM SSO - you can probably leverage a lot of that work!

However, note that the scope may be limited to authentication-only, not authorization, as alfresco's authorization is deeply embedded.

Random find: You can also delegate Alfresco to Apache if Keycloak is setup for apache, review authentication.chain=external-apache:external

dhartford
  • 1,125
  • 2
  • 12
  • 35
0

USE CAS like jasig or other it work for all aplication and easy spring configuration

cyril
  • 872
  • 6
  • 29