Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

RFI - Modifications to custom provider #8

Open
decafgeek opened this issue Nov 14, 2023 · 1 comment
Open

RFI - Modifications to custom provider #8

decafgeek opened this issue Nov 14, 2023 · 1 comment

Comments

@decafgeek
Copy link

decafgeek commented Nov 14, 2023

Would it be possible to post the source to the custom KC provider used in this orchestration example? The provided JAR file does not appear to 'play nice' with later versions of KeyCloak due to changes in dependencies that are no longer present in Quarkus (JAX-RS?), so the code--in addition to understanding what goes on behind the scenes--would be helpful to try and resolve those issues going forward.

@cd-rite
Copy link
Contributor

cd-rite commented Nov 14, 2023

Hi @decafgeek
The example uses a custom provider modified from this project that extends the built-in X.509 authenticator. The custom provider will create a new user account if a certificate cannot be mapped to an existing account. It did require some (I believe, minimal) changes from the base project. I'll see if I can find them for you.

Just FYI - This repo is just designed to demonstrate the principles involved in getting STIGMan running behind nginx with x509 authentication, That user creator extension is not required for STIG Manager and is just included to streamline that demo. It would probably not be included in any production deployment!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants