Versions Compared

Old Version 27

changes.mady.by.user Justin

Saved on

compared with

New Version 28

changes.mady.by.user Justin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

To quickly get started on Keycloak and for ease of testing, we recommend installing Keycloak via Docker in your local development environment.
Do follow the guide until the part where you have successfully created a sample user in Keycloak & verify by logging in with this new user credentials in the Keycloak Account Console.

At this point of time after completing the Keycloak installation tutorial, you should have:

  • A separate realm called myrealm in Keycloak
  • A sample user created in Keycloak
    Tip: If your Joget instance currently does not have a license, it is limited to free first 3 users only, sorted alphabetically. For ease of testing, you can create a sample user with username of cactus-jim for example.
Note
titleImportant Note

In this tutorial, it is presumed that the Keycloak instance will be running and exposed on the same host machine running your Joget instance. 

In this case, since the default bundled Tomcat server hosting the Joget platform operates on port 8080 by default, do ensure the deployed Keycloak container does not clash with the same host port.

For example, you can map Keycloak container to expose on host port 8500 or any other non-clashing port instead. 

...

  1. Download the SAML Directory Manager Plugin from the Joget Marketplace, and upload the plugin .jar file into your Joget instance.
    This plugin's source code is also available in JogetOSS Github. Projects under JogetOSS are community-driven and community-supported, and you are welcome to contribute to the projects.

  2. Then, in Admin Bar → Settings → General Settings → API IP Whitelist, do whitelist external IP addresses. For now, you can allow all public users (using * symbol to indicate "allow all").
    This is to allow end user browsers to communicate with the SAML plugin.


  3. Save the settings.

3. Plugin Configuration

...

  1. In Admin Bar → Settings → Directory Manager Settings

...

  1. Select Plugin

...

  1. , select SAML Directory Manager

...

Image Removed

...

  1. to start configuring the plugin.
    Image Added
  2. Copy both values of Entity ID and ACS URL, and temporarily save these values in a convenient place for later use.
    These values are required in order to create a valid client in Keycloak.

...

  1. Image Added

  2. IDP Certificates need to be copied from the admin console of the keycloak.
    Open your KeyCloak admin console->Realm Settings ->Keys Tab -> Click on the Certificate RSA 256 Key.

...

  1. Image Modified

...

  1. Image Modified

Paste this value in the IDP Certificate field.

...