SSO USer Federation in nethserver (gluu,keycloack,privacyID3A)

This conversation begins with a simple nice article here:

identity federation
we all have many systems that we log into, as well as we manage multiple users in our organizations who log in to various tools and systems.

for internal use cases, LDAP and AD, work great, but for external products, it does not. because of security concerns etc.

The goal of this spree, is to get a great implementation that will help us use Nethserver
as a user management system, that connects to a user federation, then we can make use of SSO and SAML, as well as other technologies to authenticate with other servers.

4 Likes

As was pointed out in this thread here by @Karim_Paul
getting keycloack to do a two-way user sync is currently not possible. we will keep testing to see if it can be possible.
I stumbled upon gluu as a potential system that can be used for this case.

https://www.gluu.org

Anyone who has used it can contribute on our endeavour.
ill be attemtping to get it to work.
@mrmarkuz care to join

1 Like

i have installed gluu on my server, but it seems like there has to be some virtualhosts setup.

during installation, the software prompted to install apache. i rejected, as nethserver already has Nethserver installed.

Now that the installation has been completed, its hard to figure out, how exactly to edit those records.

I’ll post installation asap, you need to configure local apache to reverse proxy to the gluu spawn container.

the setup script in detail is found here:

changing gluu hostname:
https://github.com/GluuFederation/community-edition-setup/tree/master/static/scripts/change_hostname

1 Like

@mrmarkuz i am curious, you were testing one of the solutions.

Which ones so far have you managed to look into?

this seems to be a solution solved by SCIM, just an update.