Re: [Resteasy-developers] Keycloak SSO Alpha 1 Released

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

On 1/28/2014 6:52 AM, Adrian Mitev wrote:
> In previous projects I had a requirement for fine-grained security
> control where the a specific permissions were allowed for a given role.
> Each permission corresponded to a functionality or an action that the
> user could perform.
>

Is it ok for roles/permissions to be the same thing as I expressed?  Or 
do you need a separation?

keycloak.org/docs

> Another usefull functionalities for a SSO server:
> * ability for the users to login using digital certificates (smart cards)

On the roamap for 1.0.

> * easy customization of the login page without having to rebuild the
> entire application (probably by externalizing it outside the war file)

Style sheet plugin is in the works and may even be in the next release.

> * i18n of the ui

On the roadmap

> * Account locking
> * Account disabling by administrator
>

Account management is already available.

> BTW will the functionality be based on PicketLink?
>

Maybe.  We might use it to federate LDAP/AD.  We're using an extension 
hybrid of OAuth2/JWT/JSE right now with plans to fully support OpenID 
connect.

If you want to help drive requirements, ping us on the keycloak-dev list.

Bill

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com