Open discussions on specific topics selected by the Software Working Group and selected from the list of SWG Topics For Discussion.
Tuesday, April 5, 2022 - Keycloak: Using Keycloak for Identity and Access Management moderated by Gowtham Naraharisetty
Slides: RoundTable-Keycloak04.05.22.pptx
Recording: https://uofi.box.com/s/4exrth3formb0e8dolu9el7fyhhcn93w
Attendees:
Vara Veera Gowtham Naraharisetty
Sandeep Puthanveetil Satheesan
Discussion:
- Keycloak authentication has been used in many projects run through NCSA. It is used exclusively for registration, using a postgres database. The frontend is customized to look like the project login page, but in reality it is the keycloak page that has been customized.
- The project waits for the token from keycloak and will let the user into the project
- Keycloak allows you to manage users and groups
- We will be dropping LDAP within the next year and going with keycloak exclusively within IN-CORE
- Discussion followed of what works better than keycloak for registration and authentication.
- Clowder can get the token by enabling a few things in keycloak
- Congratulations to Vara Veera Gowtham Naraharisetty for presenting a very complex program in a very detailed way.
Projects that use Keycloak:
- Clowder 2.0
- Cheese Hub
- Farmdoc & Cover Crop
- In-Core,
- Muses
- Antares
- SPT-3G
- Workbench
- DES
Could we start a conversation with the security group to discuss keycloak and other security issues.
If you are interested in contributing to a Round Table, please see these links: