Dear all,
thanks to the contribution of MDA (https://mdacorporation.com), we are proposing a new security plugin for GeoServer able to authenticate against a Keycloak (https://www.keycloak.org/) instance.

This is a first version working under several conditions as explained in the documentation.

The module makes use of Keycloak Java Adapters in order to complete the handshake and allow the AuthenticationProvider to retrieve the Principal along with his Roles.

Currently this module has been developed among the Community Security Plugins already implementing OAuth2 Auth Providers also.

https://github.com/geoserver/geoserver/tree/master/src/community/security

http://docs.geoserver.org/stable/en/user/community/oauth2/index.html

Please see the related PRs for both for GeoServer 2.14.x and 3.13.x at

https://github.com/geoserver/geoserver/pull/2916

https://github.com/geoserver/geoserver/pull/2917

+1

Regards,
Simone Giannecchini

GeoServer Professional Services from the experts!
Visit http://goo.gl/it488V for more information.

Ing. Simone Giannecchini
@simogeo
Founder/Director

GeoSolutions S.A.S.
Via di Montramito 3/A
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 333 8128928

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

-------------------------------------------------------
Con riferimento alla normativa sul trattamento dei dati personali
(Reg. UE 2016/679 - Regolamento generale sulla protezione dei dati
“GDPR”), si precisa che ogni circostanza inerente alla presente email
(il suo contenuto, gli eventuali allegati, etc.) è un dato la cui
conoscenza è riservata al/i solo/i destinatario/i indicati dallo
scrivente. Se il messaggio Le è giunto per errore, è tenuta/o a
cancellarlo, ogni altra operazione è illecita. Le sarei comunque grato
se potesse darmene notizia.

This email is intended only for the person or entity to which it is
addressed and may contain information that is privileged, confidential
or otherwise protected from disclosure. We remind that - as provided
by European Regulation 2016/679 “GDPR” - copying, dissemination or use
of this e-mail or the information herein by anyone other than the
intended recipient is prohibited. If you have received this email by
mistake, please notify us immediately by telephone or e-mail.

On Wed, Jun 20, 2018 at 2:33 PM Alessio Fabiani
<alessio.fabiani@anonymised.com> wrote:

Dear all,
thanks to the contribution of MDA (https://mdacorporation.com), we are proposing a new security plugin for GeoServer able to authenticate against a Keycloak (https://www.keycloak.org/) instance.

This is a first version working under several conditions as explained in the documentation.

The module makes use of Keycloak Java Adapters in order to complete the handshake and allow the AuthenticationProvider to retrieve the Principal along with his Roles.

Currently this module has been developed among the Community Security Plugins already implementing OAuth2 Auth Providers also.

https://github.com/geoserver/geoserver/tree/master/src/community/security

http://docs.geoserver.org/stable/en/user/community/oauth2/index.html

Please see the related PRs for both for GeoServer 2.14.x and 3.13.x at

https://github.com/geoserver/geoserver/pull/2916

https://github.com/geoserver/geoserver/pull/2917

--

==

GeoServer Professional Services from the experts! Visit http://goo.gl/it488V for more information.

Ing. Alessio Fabiani

@alfa7691
Founder/Technical Lead

GeoSolutions S.A.S.
Via di Montramito 3/A - 55054 Massarosa (LU) - Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 331 6233686

http://www.geo-solutions.it
http://twitter.com/geosolutions_it
-------------------------------------------------------

Con riferimento alla normativa sul trattamento dei dati personali (Reg. UE 2016/679 - Regolamento generale sulla protezione dei dati “GDPR”), si precisa che ogni circostanza inerente alla presente email (il suo contenuto, gli eventuali allegati, etc.) è un dato la cui conoscenza è riservata al/i solo/i destinatario/i indicati dallo scrivente. Se il messaggio Le è giunto per errore, è tenuta/o a cancellarlo, ogni altra operazione è illecita. Le sarei comunque grato se potesse darmene notizia.

This email is intended only for the person or entity to which it is addressed and may contain information that is privileged, confidential or otherwise protected from disclosure. We remind that - as provided by European Regulation 2016/679 “GDPR” - copying, dissemination or use of this e-mail or the information herein by anyone other than the intended recipient is prohibited. If you have received this email by mistake, please notify us immediately by telephone or e-mail.

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot_______________________________________________
Geoserver-devel mailing list
Geoserver-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel

Sounds useful to me, +1

Though technically you should wait a month to do the backport I don’t have an issue with hitting both branches now if you need to support the previous version now.

Ian

On Thu, Jun 21, 2018 at 10:22 AM, Ian Turton <ijturton@anonymised.com> wrote:

Though technically you should wait a month to do the backport I don't have
an issue with hitting both branches now if you need to support the previous
version now.

I don't think unsupported module need to wait a month, there is no reason
to double check if they work or not (unless they need new core features to
go along, that is)

Cheers
Andrea

==

GeoServer Professional Services from the experts! Visit http://goo.gl/it488V
for more information. == Ing. Andrea Aime @geowolf Technical Lead
GeoSolutions S.A.S. Via di Montramito 3/A 55054 Massarosa (LU) phone: +39
0584 962313 fax: +39 0584 1660272 mob: +39 339 8844549
http://www.geo-solutions.it http://twitter.com/geosolutions_it
------------------------------------------------------- *Con riferimento
alla normativa sul trattamento dei dati personali (Reg. UE 2016/679 -
Regolamento generale sulla protezione dei dati “GDPR”), si precisa che ogni
circostanza inerente alla presente email (il suo contenuto, gli eventuali
allegati, etc.) è un dato la cui conoscenza è riservata al/i solo/i
destinatario/i indicati dallo scrivente. Se il messaggio Le è giunto per
errore, è tenuta/o a cancellarlo, ogni altra operazione è illecita. Le
sarei comunque grato se potesse darmene notizia. This email is intended
only for the person or entity to which it is addressed and may contain
information that is privileged, confidential or otherwise protected from
disclosure. We remind that - as provided by European Regulation 2016/679
“GDPR” - copying, dissemination or use of this e-mail or the information
herein by anyone other than the intended recipient is prohibited. If you
have received this email by mistake, please notify us immediately by
telephone or e-mail.*

I hadn’t noticed this was an unsupported module, then go for it.

Ian