,欢迎您!
登录您的红帽帐户
尚未注册?下面是您应该进行注册的一些理由:
- 从一个位置浏览知识库文章、管理支持案例和订阅、下载更新以及执行其他操作。
- 查看组织内的用户,以及编辑他们的帐户信息、偏好设置和权限。
- 管理您的红帽认证,查看考试历史记录,以及下载认证相关徽标和文档。
您可以使用红帽帐户访问您的会员个人资料、偏好设置以及其他服务,具体决取决于您的客户状态。
出于安全考虑,如果您在公共计算机上通过红帽服务进行培训或测试,完成后务必退出登录。
退出红帽博客
Blog menu
Some time ago, two different projects were started in the open source community, namely: Ipsilon and Keycloak. These projects were started by groups with different backgrounds and different perspectives. In the beginning, it seemed like these two projects would have very little in common... though both aimed to include
an Identity Provider (IdP) capability as one of their respective main features.
Keycloak, written in Java and originating from the JBoss ecosystem, focused on the needs of application developers who were seeking to offload authentication, access control, SSO and account management to some external entity that would simplify development and reduce related costs in a platform independent way. It is a very similar paradigm to the one I covered in a previous blog but in "Java JBoss land".
Ipsilon, developed in Python, and targeting the Linux platform (only), was focused on the needs of IT administrators, DevOps, and non-Java developers.
As the projects moved along it became apparent that their "overlap" was growing in size and that their respective ultimate goals were more common than originally anticipated. As a result, the teams decided to merge their efforts and work towards a common solution. Keycloak was chosen as the main platform despite a lack of rpm packaging and integration with some of the low-level Linux components like GSS-proxy and SSSD. The community for Keycloak is much bigger and more active so it was an obvious choice. Over the course of the upcoming months, the teams will work together to build a robust solution that will provide the best features of both projects to deliver a general SSO solution.
Ipsilon is included as a Technology Preview with Red Hat Enterprise Linux 7.2 while an official Keycloak-based offering is still on the roadmap. If you are interested in Keycloak - you can take a look at the community version. In addition, there's a great presentation about Keycloak that was delivered last year at the Red Hat Summit in Boston. The Ipsilon team will work with the Keycloak project to deliver better platform integration and in an effort to smooth operations with Active Directory, IdM/FreeIPA and in cross-forest trust configurations and to provide automatic configuration of Service Providers and packaging.
We hope to deliver a robust federated identity solution to our customers in the near term future. Thoughts or questions? Please reach out using the comments section below.