🔑Keycloak

Introduction to Keycloak

Keycloak is an open-source Identity and Access Management (IAM) solution that helps organizations to secure their applications and services. It is based on the popular open-source project Red Hat Single Sign-On (RH-SSO) and provides a centralized platform for managing authentication and authorization.

Be careful, this documentation has not been tested !!!

Installation

apt-get update -y
apt-get upgrade -y
apt-get install default-jdk -y
java --version
wget https://github.com/keycloak/keycloak/releases/download/15.0.2/keycloak-15.0.2.tar.gz
tar -xvzf keycloak-15.0.2.tar.gz
mv keycloak-15.0.2 /opt/keycloak
groupadd keycloak
useradd -r -g keycloak -d /opt/keycloak -s /sbin/nologin keycloak
chown -R keycloak: /opt/keycloak
chmod o+x /opt/keycloak/bin/

Configuration

mkdir /etc/keycloak
cp /opt/keycloak/docs/contrib/scripts/systemd/wildfly.conf /etc/keycloak/keycloak.conf 
cp /opt/keycloak/docs/contrib/scripts/systemd/launch.sh /opt/keycloak/bin/
chown keycloak: /opt/keycloak/bin/launch.sh
nano /opt/keycloak/bin/launch.sh

cp /opt/keycloak/docs/contrib/scripts/systemd/wildfly.service /etc/systemd/system/keycloak.service
nano /etc/systemd/system/keycloak.service

systemctl daemon-reload
systemctl start keycloak
systemctl enable keycloak
systemctl status keycloak
netstat -tulpna #or ss -antpl | grep 8080
tail -f /opt/keycloak/standalone/log/server.log

Create an Admin User for Keycloak

/opt/keycloak/bin/add-user-keycloak.sh -u admin
systemctl restart keycloak
/opt/keycloak/bin/kcadm.sh config credentials --server http://localhost:8080/auth --realm master --user admin
/opt/keycloak/bin/kcadm.sh update realms/master -s sslRequired=NONE

Web GUI access

Conclusion

In this course, we have covered the basics of Keycloak and how to install it on a Linux machine. Keycloak provides a powerful and flexible platform for managing authentication and authorization in your organization, and is a great choice for securing your applications and services.

Please note that this is a basic outline and you'll have to fill the gaps with the specific version you're using, your own configurations and customizations.