https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21577
--- Comment #9 from David Cook <[email protected]> --- (In reply to David Cook from comment #8) > I also wrote a Keycloak extension that uses the REST API endpoint from bug > 30962 which allows you to use Keycloak as the Identity Provider with the > Koha user database as the underlying user datastore. > > I haven't made this extension public yet, as I'm not that keen on supporting > it solo. But I suppose I should just do it one of these days... I've uploaded the Keycloak extension at https://gitlab.com/minusdavid/keycloak-user-storage-koha Hopefully there is enough information there for people to build, deploy, and use it. If not, raise an issue there or email me or something. But that extension allows you to use Keycloak as a SAML/Shibboleth Identity Provider using Koha's user database for authentication. So you can setup Koha to authenticate against Keycloak, and you'll be logging into Keycloak's interface using your Koha username and password. You can then have other systems authenticating against Keycloak using a Koha username and password. This is a way of achieving the goal of bug 21577 without re-inventing the wheel. Keycloak is a great open source identity management system backed by Red Hat, and it's great that we can use it to build up Koha functionality. -- That being said... I should add a warning that this Keycloak extension relies on a deprecated SPI. At some stage, it will go away, although it will be replaced with a new system. At that point, I'll do a new Keycloak extension that uses that. But good to know what's coming down the pipes... -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
