CyberSecurityBoard
Sponsor Register Login

Securing Infinispan With Keycloak

Infinispan is often used in scenarios where low-latency access to data is critical, such as caching frequently accessed database queries, session data in web applications, or other use cases where quick access to data can improve overall system performance.
Keycloak is an open-source identity and access management solution developed by Red Hat.
Keycloak is designed to simplify the implementation of security protocols and standards such as OAuth 2.0, OpenID Connect, and SAML. Some key features include Single Sign-On, Identity Brokering, User Authentication, User Federation, RBAC, and more.
Keycloak uses Infinispan as its underlying data store for caching and storage purposes.
Infinispan provides scalable and efficient caching of authentication and authorization-related data.
Some ways Keycloak leverages Infinispan include Caching User Sessions, storing Authorization policies, providing distributed caching, improving performance, failover recovering and more.
Infinispan provides several ways to handle authentication and user management.
Token-based authentication is supported, and Keycloak can be used for that purpose.
Because we're going to run Keycloak in one container and Infinispan in another, let's set up a network to connect them.
Keycloak Image will create an administrator user by defining the KEYCLOAK ADMIN and KEYCLOAK ADMIN PASSWORD environment variables.
Keycloak realms are a fundamental concept in Keycloak.
Once we have the two clients created, we need to create an admin user for Infinispan.
The Infinispan Server will be reaching out to the Keycloak Server inside the Docker environment.
Accessing the following URL provides the information used by the Infinispan Web console to handle authentication.
The Infinispan Console will use the information above, and making use of the Keycloak Javascript Adapter, the interface will redirect to Keycloak for user authentication.
When opening the Infinispan Console, Infinispan will attempt to make a call to a REST API that requires authentication.
You'll be redirected to the Keycloak authentication, where you should use the credentials admin/adminPassword.
After Keycloak redirects back to the Infinispan Console, you can verify that the admin is authenticated.
Return to the Infinispan Console, and you'll notice that the admin user is now granted the admin role in Infinispan as well.
Learn more about it in the Keycloak and Infinispan documentation.


This Cyber News was published on feeds.dzone.com. Publication date: Wed, 10 Jan 2024 19:13:06 +0000


Cyber News related to Securing Infinispan With Keycloak

Securing Infinispan With Keycloak - Infinispan is often used in scenarios where low-latency access to data is critical, such as caching frequently accessed database queries, session data in web applications, or other use cases where quick access to data can improve overall system ...
10 months ago Feeds.dzone.com
Infinispan Insights: Security Basics and Secured Caches - Infinispan uses Role-Based Access Control for authorization. Security realms integrate Infinispan Server deployments with the network protocols and infrastructure in your environment that control access and verify user identities. Infinispan ...
10 months ago Feeds.dzone.com
Deploy Keycloak Single Sign-On With Ansible - In this article, you'll use Ansible to simplify and automate the installation of Keycloak, a popular open-source tool to implement single sign-on for Web applications. The tutorial in this article builds on an Ansible Collection named middleware ...
11 months ago Feeds.dzone.com
Automate Your SSO With Ansible and Keycloak - The article Deploy Keycloak single sign-on with Ansible discussed how to automate the deployment of Keycloak. In this follow-up article, we'll use that as a baseline and explore how to automate the configuration of the Keycloak single sign-on server, ...
11 months ago Feeds.dzone.com
Securing Student Data in Cloud Services - In today's educational landscape, securing student data in cloud services is of utmost importance. One key aspect of securing student data in cloud services is ensuring proper data encryption. This article explores the various challenges and best ...
10 months ago Securityzap.com
CVE-2020-10746 - A flaw was found in Infinispan (org.infinispan:infinispan-server-runtime) version 10, where it permits local access to controls via both REST and HotRod APIs. This flaw allows a user authenticated to the local machine to perform all operations on the ...
3 years ago
CVE-2021-3637 - A flaw was found in keycloak-model-infinispan in keycloak versions before 14.0.0 where authenticationSessions map in RootAuthenticationSessionEntity grows boundlessly which could lead to a DoS attack. ...
3 years ago
CVE-2019-10174 - A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with Infinispan's privileges. The attacker can use reflection ...
2 years ago
CVE-2023-6787 - A flaw was found in Keycloak that occurs from an error in the re-authentication mechanism within org.keycloak.authentication. This flaw allows hijacking an active Keycloak session by triggering a new authentication process with the query parameter ...
6 months ago
CVE-2024-7260 - An open redirect vulnerability was found in Keycloak. A specially crafted URL can be constructed where the referrer and referrer_uri parameters are made to trick a user to visit a malicious webpage. A trusted URL can trick users and automation into ...
1 month ago
Master the Art of Data Security - As we step further into the digital age, the importance of data security becomes increasingly apparent. As with all data storage services, it's crucial to ensure that the data stored on Amazon S3 is secure, particularly when it's 'at rest'-that is, ...
11 months ago Feeds.dzone.com
Strategies for Securing Student Data in Cloud Services - This article addresses the strategies that educational organizations can employ to ensure the protection and confidentiality of student data in cloud services. Implementing strong access controls is crucial for ensuring the security of student data ...
10 months ago Securityzap.com
Securing Educational Robots: IoT Security in Robotics Education - As robotics continues to be integrated into educational settings, the use of educational robots powered by the Internet of Things presents exciting opportunities for enhancing learning experiences. With technological advancements come the critical ...
10 months ago Securityzap.com
The Ultimate Guide To Securing Virtual Machines - Virtual machines have become an essential component of many sectors in the digital era, providing flexibility, scalability, and cost-efficiency. The security of these virtualized environments, on the other hand, is critical. This article will guide ...
10 months ago Feeds.dzone.com
Three Trends to Watch in 2024 - Our new guide, The Healthcare CISO's Guide to Cybersecurity Transformation, highlights the latest trends in healthcare today and where security leaders should focus their defensive efforts going forward. Malicious attacks on healthcare have grown ...
9 months ago Paloaltonetworks.com
CISA Seeks Public Comment on Newly Developed Secure Configuration Baselines for Google Workspace - As federal civilian agencies continue to modernize IT enterprises, increased reliance on cloud services, platform services, and external providers has introduced new types of risks. Recent threat activity from groups such as Storm-0558 have ...
11 months ago Cisa.gov
The Art of Securing Cloud-Native Mobile Applications - We will explore the dynamic intersection of cloud-native architecture and mobile application security, delving into the strategies and best practices essential for safeguarding sensitive data, ensuring user privacy, and fortifying against emerging ...
11 months ago Feeds.dzone.com
Wireless Network Security: Safeguarding Your Digital Haven - As the ubiquity of wireless networks grows, so does the need for proper security measures to protect home networks from malicious attacks. Ensuring secure connections and maintaining a safe online environment requires a comprehensive understanding of ...
11 months ago Securityzap.com
Securing the code: navigating code and GitHub secrets scanning - Enter the world of GitHub secrets scanning tools, the vigilant sentinels of your digital gala. Secrets scanning in GitHub is anchored by two fundamental strategies: proactive prevention and reactive detection, each serving a critical function in ...
11 months ago Securityboulevard.com
Cybersecurity for Homeschooling Parents: A Guide - With the increased reliance on technology and online tools, homeschooling parents must also address the pressing issue of cybersecurity. Whether it's securing tech tools, teaching safe online practices, or accessing valuable resources, this guide ...
10 months ago Securityzap.com
The key to connected care excellence - Antoinette Hodes is a Global Solutions Architect, specializing in IoT, and serves as an Evangelist with the Check Point Office of the CTO. She has worked as an engineer in IT for over 25 years and is an experienced security solutions architect in the ...
10 months ago Blog.checkpoint.com
Cyqur Launches A Game-Changing Data Encryption - In today's almost entirely digitized cyber world, private data and passwords must always remain secure and protected. In most cases, safeguarding sensitive access credentials requires entrusting them to third-party databases. This has proven to be a ...
10 months ago Cybersecuritynews.com
Cloud Security: Stats and Strategies - An interesting aspect in O'Reilly's latest Cloud Adoption report based on a global survey conducted is that 90% of the responders are using the cloud to support their business. One of the key takeaways from the State of the Cloud report from Flexera ...
10 months ago Feeds.dzone.com
Securing Remote Work: A Guide for Businesses - This article aims to provide businesses with a comprehensive guide to securing remote work, covering the essential components of remote work security policies and exploring best practices for ensuring secure communication. By implementing these ...
9 months ago Securityzap.com
10 reasons why securing software supply chains needs to start with containers - Containers and Kubernetes are table stakes for multi-cloud app development, and they're also among the least protected of any areas of software supply chains. Kubernetes commands 92% of the container orchestration platform market, despite DevOps ...
9 months ago Venturebeat.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)