Versions Compared

Old Version 44

changes.mady.by.user Technische Redaktion

Saved on

compared with

New Version Current

changes.mady.by.user Technische Redaktion

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Page Properties
hiddentrue
idDONE

Product Version
Report Note
Assignee

Resources & Remarks

Always keep at the same state! enaio - official help: https://help.optimal-systems.com/enaio/v910/admin/administrator/en/dienste/idprovider.htm
... with first 3 sections of this page.

yuuvis Impulse: https://wiki.optimal-systems.de/pages/viewpage.action?spaceKey=MAN&title=Keycloak

yuuvis Momentum & enaio: https://wiki.optimal-systems.de/display/EnaioServices/Keycloak

  • Antje: page started as collection of existing information, has to be split later on in yuuvis and enaio part and translated.
  • Antje: installation guide copied from official enaio documentation (English version) and modified for yuuvis.
  • Antje: information for yuuvis added (from Oktopus wiki)

Modification History

NameDateProduct VersionAction
Antje08 FEB 20212.4New page properties macro.
Antje27 SEP 20212021 WinterImpersonation Section added.
Agnieszka04 OCT 20212021 WinterrLANG
Antje10 NOV 20212021 Winterremove roles from access tokens
Agnieszka10 NOV 20212021 WinterrLANG
Antje24 MAY 2022all versionsadd session cookies



Excerpt

Guideline for manual installation and configuration of keycloak as an identity provider for yuuvis® Momentum.

...

As standard, the installation is done by means of a Helm chart. Two demonstration tenants are created and configured automatically. Further tenants for productive use have to be added and configured manually.
>> /wiki/spaces/YMY/pages/320049969>> Installation Guide

The manual installation and configuration of Keycloak for yuuvis® Momentum API are broadly described here.

...

Note: For productive use, it is recommended to connect Keycloak to a different relational database management system (RDBMS) instead of the embedded standard H2. Suggestions for compatible RDBMS are provided by Keycloak: https://www.keycloak.org/docs/latest/server_installation/index.html#database.

Anchor
TenantAndUser
TenantAndUser

Keycloak: Tenant and User

...

These configuration steps have to be applied to each realm in each Keycloak instance in which to suppress the inclusion of role information in the Keycloak access token.

Anchor
SessionManagement
SessionManagement

Session Management

For each user session, HTTP client and browser set session cookies as described here:
>> Authentication against the Core API

Additionally, the following cookies are set by Keycloak. For more information, please refer to the official Keycloak documentation.

  • AUTH_SESSION_ID_LEGACY
  • AUTH_SESSION_ID
  • KEYCLOAK_IDENTITY_LEGACY
  • KEYCLOAK_IDENTITY
  • KEYCLOAK_PROXY_SESSION_ID
  • KEYCLOAK_SESSION_LEGACY
  • KEYCLOAK_SESSION

Summary

This article explained how to install and configure Keycloak as an identity provider and access management system for yuuvis® Momentum in a manual procedure.

...