A Review on Identity and Access Management Server (KeyCloak)

A Review on Identity and Access Management Server (KeyCloak)

Divyabharathi D. N., Nagaraj G. Cholli
DOI: 10.4018/IJSPPC.2020070104
(Individual Articles)
No Current Special Offers


KeyCloak is an open source identity and access management arrangement focused on present day applications and administrations. It makes it simple to protect applications and administrations with next to zero code. The identity and access management server component provides centralized user management, authentication, and single sign-on identity brokering user federation, social login, client adapters, an admin console, and an account management console for the applications. With KeyCloak, the user management and authentication functions may be integrated with an externally managed system, such as LDAP or active directory. KeyCloak provides single sign-on infrastructure for authentication and session management. In this paper, the authors present an overview of KeyCloak that gives the objectives and features of KeyCloak and comparisons between the servers. They also present protocols of KeyCloak. Finally, benefits of KeyCloak are defined.
Article Preview

1. Introduction

Managing user identity is a basic3component for science passages, which must give secure and auditable access to limited assets, for example,3supercomputers, informational collections,3authorized logical applications, and for-charge processing mists. Science3portals must confirm clients, choose if they are approved to get to explicit assets, oversee lapsed records, and debilitate bargained accounts. The fundamental3methodology is for a passage to give its own client the executives and verification framework that is a basic piece of the door's usage. An entryway that works over a progressively3universally useful system, for example, Drupal or Joomla may utilize validation additional items for overseeing3clients. Door engineers today have a few extra alternatives. First is the development of all-around bolstered verification3administrations, for example, the In Common Federation3that is utilized by numerous scholarly establishments. Facebook, Google, GitHub and other Web-based organizations3additionally give free confirmation benefits that can be coordinated into online applications. OpenID Connect Basney et al., (2014) has become a well-known convention for Web verification; it works over the OAuth 2 approval conventionTuecke et al., (2016). CILogon3gives a bringing together confirmation layer over these various suppliers. Consequently, doors may redistribute client validation to different administrations. The3entryway may even now decide to deal with its clients inside3through a client store, (for example, a joined database or3LDAP server), or it might redistribute this too; a grounds3focused passage may, for instance, interface with a client3account framework, (for example, LDAP) oversaw by the grounds bunch suppliers. The second significant pattern has been the development of science door stage as-an administration contributions. These are facilitated administrations that can serve numerous entryway inhabitants at the same time. Science passage stages give universally useful administrations, for example, client the board, information the executives, and employment execution, while the entryway occupant gives UIs outfitted towards a client network. Entryway occupants get to the door stage middleware3through secure, arrange open APIs. Different examples for connections between entryway occupants and door middleware are inspected in (Chhatwani & Harkut, 2014), which can be mapped to OAuth 2 approval award streams.

Keycloak is3an open source Identity and Access Management arrangement focused on present day applications and administrations. It makes it simple to protect applications and administrations3with almost no code. It offers an expansive arrangement of highlights, as SSO, verification and approval, social login, multifaceted confirmation and concentrated client the board.

Keycloak is a3confirmation server discharged in52014, written in JAVA,5open-source and gave under the5Apache 2 permit, administrations and5access control5for5web applications. This implies3applications don't need to manage login, approval, or client enlistment pages. Along these lines, clients validate the Keycloak3server and don't have to verify to various applications, utilizing SSO innovation, depends on standard conventions and offers help for OpenID5Connect, OAuth 2.0,5and SAML, 3the SSO arrangement bolster numerous domains (spaces). Likewise, offers an Assistance Provider Interface(SPI) that permits make and include custom supplier authenticator and3consequently broadening usefulness. Keycloak has an incredible UI which gives, organization of customers, clients, verification the executives, among5others. From form 4,3Keycloak permits to add5new pages to the User5Account Management5Console, without altering the5classes previously characterized, they5have just executed another supplier (ThemeResourceProvider) that can be utilized to stack extra formats and assets Christie et al., (2017). Another positive5purpose of Keycloak is that5they have consistent updates5and a functioning network where5they help tackle issues that emerge. Keycloak5runs on5Wildfly.

Complete Article List

Search this Journal:
Volume 16: 1 Issue (2024): Forthcoming, Available for Pre-Order
Volume 15: 1 Issue (2023)
Volume 14: 4 Issues (2022): 1 Released, 3 Forthcoming
Volume 13: 4 Issues (2021)
Volume 12: 4 Issues (2020)
View Complete Journal Contents Listing