Book Image

Keycloak - Identity and Access Management for Modern Applications

By : Stian Thorgersen, Pedro Igor Silva
Book Image

Keycloak - Identity and Access Management for Modern Applications

By: Stian Thorgersen, Pedro Igor Silva

Overview of this book

Implementing authentication and authorization for applications can be a daunting experience, often leaving them exposed to security vulnerabilities. Keycloak is an open-source solution for identity management and access management for modern applications, which can make a world of difference if you learn how to use it. Keycloak, helping you get started with using it and securing your applications. Complete with hands-on tutorials, best practices, and self-assessment questions, this easy-to-follow guide will show you how to secure a sample application and then move on to securing different application types. As you progress, you will understand how to configure and manage Keycloak as well as how to leverage some of its more advanced capabilities. Finally, you'll gain insights into securely using Keycloak in production. By the end of this book, you will have learned how to install and manage Keycloak as well as how to secure new and existing applications.
Table of Contents (21 chapters)
Section 1: Getting Started with Keycloak
Section 2: Securing Applications with Keycloak
Section 3: Configuring and Managing Keycloak
Section 4: Security Considerations

Testing your environment

If you are here, you should have a local environment very close to what will become your production environment.

In the previous topics in this chapter, we have covered the following:

  • Setting up Keycloak to use a public domain name for frontend and backend endpoints, as well as logically grouping the different Keycloak instances under a single issuer
  • Setting up Keycloak to listen on HTTPS so that all traffic to and from Keycloak is secure
  • Setting up Keycloak to use a production-grade database using PostgreSQL
  • Setting up clustering so that multiple instances of Keycloak can share the state kept by their caches
  • Setting up a reverse proxy, using HAProxy, so that we can finally access all Keycloak instances through a single public domain name

In the following topics, you are going to perform some basic tests on the environment to make sure everything is working as expected.

Before we begin, make sure HAProxy is started by running...