Net Gremlin 🚴🏻 🐧 🇩🇪<p><span class="h-card" translate="no"><a href="https://mastodon.social/@Tutanota" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Tutanota</span></a></span> My favorite <a href="https://mastodon.ip6.li/tags/Degoogle" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Degoogle</span></a> and <a href="https://mastodon.ip6.li/tags/Demicrosoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Demicrosoft</span></a> solutions:</p><p>Server side: <span class="h-card" translate="no"><a href="https://mailcow.social/@doncow" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>doncow</span></a></span>, <span class="h-card" translate="no"><a href="https://mastodon.xyz/@nextcloud" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>nextcloud</span></a></span>, some <a href="https://mastodon.ip6.li/tags/Fediverse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fediverse</span></a> projects, <a href="https://mastodon.ip6.li/tags/Matrix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Matrix</span></a> (Synapse) <a href="https://mastodon.ip6.li/tags/Keycloak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Keycloak</span></a> for SSO</p><p>Client side (Linux): <a href="https://mastodon.ip6.li/tags/Evolution" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Evolution</span></a>, <a href="https://mastodon.ip6.li/tags/Libreoffice" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Libreoffice</span></a>, <a href="https://mastodon.ip6.li/tags/Librewolf" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Librewolf</span></a> </p><p>Mobile ( <span class="h-card" translate="no"><a href="https://grapheneos.social/@GrapheneOS" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>GrapheneOS</span></a></span> ): <a href="https://mastodon.ip6.li/tags/FairEmail" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FairEmail</span></a>, <a href="https://mastodon.ip6.li/tags/Firefox" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Firefox</span></a>, some Fediverse clients, Matrix client</p>
#keycloak
1 post1 participant0 posts today
Our security researchers @cod_rse@twitter.com and @inode conducted a security assessment on #Keycloak, identifying significant vulnerabilities impacting this open-source #IAM solution.
Read the full article at https://security.humanativaspa.it/an-analysis-of-the-keycloak-authentication-system
hn security · An analysis of the Keycloak authentication system - hn securityEarlier this year, we carried out […]
Long shot but, if there's any keycloak expert: sometimes the session for federated uses doesn't include email although it's in scope. Any idea where I should look to investigate and ideally fix the problem?
(I can't find anything on GitHub and Google, of course)
Was wir so an Unternehmen / Unis / Schulen / Vereine anbieten:
New 𝗞𝗲𝘆𝗰𝗹𝗼𝗮𝗸 𝗜𝗱𝗲𝗻𝘁𝗶𝘁𝘆 𝗮𝗻𝗱 𝗔𝗰𝗰𝗲𝘀𝘀 𝗠𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁 𝗼𝗻 𝗙𝗿𝗲𝗲𝗕𝗦𝗗 (Keycloak Identity and Access Management on FreeBSD) on my VERMADEN.WORDPRESS.COM blog.
https://vermaden.wordpress.com/2024/03/10/keycloak-on-freebsd/
"Keycloak is an open source identity provider (IdP) with single-sign on (SSO) capabilities. It supports the most widely used enterprise authentication protocols, namely OpenID Connect (OIDC), OAuth 2.0, and SAML. With Keycloak, users sign in once and share the same identity across multiple applications and platforms in a transparent manner."
Learn how to set it up!
https://fedoramagazine.org/keycloak-on-fedora-workstation-with-podman/
Fedora Magazine · Keycloak on Fedora Workstation with Podman - Fedora MagazineDeploy Keycloak with Podman on Fedora Linux, learn how to configure and secure a realm and observe SSO in action with this hands-on lab.
Je viens de publier un cours intitulé "Identité et méthodes d'authentification" sous licence CC-BY : https://broken-by-design.fr/posts/cours-id-authn/
Ce cours s'adresse aux personnes de niveau M2 et aux professionnel.les débutant.es, même si les plus expérimenté.es pourraient y trouver des informations intéressantes.
Il comprend une introduction aux différents types de référentiels d'identités, avant de plonger dans l'authentification, sous des angles juridiques et techniques. Authentification multifacteur, forte, résistante au phishing, assurant de bonnes garanties de vie privée ! Authentification à l'état de l'art ! Vous pourrez en apprendre plus à ces sujets grâce à ce cours.
Et ce n'est que la première partie ! Ce mois-ci, une seconde partie sera publiée, sur le sujet de l'autorisation, avec un TP de mise en place de #Keycloak pour une authentification fédérée avec OpenID Connect! À suivre !
broken-by-design.frIdentité et méthodes d'authentification | Broken by DesignUn cours de niveau M2 sur l'identité et les méthodes d'authentification
Wer mag, kann bei den Chemnitzer Linuxtagen was über Single Sign-on für Webanwendungen von mir hören. Ist aber für die, die sonntags morgens nicht verschlafen. 
https://chemnitzer.linux-tage.de/2024/de/programm/beitrag/213
chemnitzer.linux-tage.deChemnitzer Linux-Tage 2024 · Vortrag: Single Sign-on für Web-AnwendungenDie Chemnitzer Linux-Tage sind eine Veranstaltung rund um das Thema Linux und Open Source für jedermann, die Linux-Nutzer, Insider und Unternehmen zusammenbringt.