Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
@sariel While FreeIPA also does "central authentication", Keycloak and FreeIPA do not have the same purpose, and are certainly not alternatives.
-
@stop
I don't know, what you would use if you would really want to do single signon.
But that beast is written in Java and Java probably is the one language with the most mature refactoring support in IDEs. So if they aren't living the refactoring mindset even while doing Java...
The codebase has to be a dumpster fire of security issues - which isn't the most desirable property of software literally used for securing things.
P.S.:
https://bountyplease.com/attacking-... -
stop68023y@Oktokolo i looked at the cve list and around 15 high and 3 critical bugs(43 cves in the nvd for this application as whole).
i think for an 6 year old software its not bad, especially since its the base of an redhat-product.
and the article is about attacking keycloak if the admin makes some config errrors. This is something that can happen with every software with this scope.
Related Rants
This is from the REST API docs of Keycloak.
https://keycloak.org/docs-api/12.0/...
rant
docs