par Mathieu PASSENAUD | Jan 26, 2026 | Gestion des Identités
Keycloak OAuth2-Proxy Configuration Generator: with our main partner Please-Open.It we strongly advocate the use of authentication proxy pattern. As we mentioned in our authentication proxy article, this architectural approach is one of the most efficient ways to...
par Loïc Mercier Des Rochettes | Juin 5, 2025 | Communauté, Gestion des Identités, SSO
Keycloak User Agent Filter Authenticator: our main partner, Please Open It, created an authenticator that filters the user-agent header for Keycloak to exclude embedded webviews, ensuring compliance with specification requirements. The component reduces the attack...
par Loïc Mercier Des Rochettes | Oct 3, 2024 | Communauté, Gestion des Identités, LDAP, Open Source, SSO
Get rid of your old Active directory/LDAP with keycloak and a small piece of custom software : just a POC for a LDAP bind proxy to log to KeyCloak with LDAP. TL;DR How to spawn a simple bind LDAP proxy for keycloak OIDC password grant in a nutshell. Disclaimer and...
par Mathieu PASSENAUD | Oct 10, 2023 | Communauté, Gestion des Identités, Sécurité
As is, Keycloak has a default configuration which can introduce security flaws despite your manual testing, that why our partner Please Open It developed this Keycloak Config Checker to help you enforce your security practices. Default configurations As is, Keycloak...
par Loïc Mercier Des Rochettes | Sep 5, 2022 | Gestion des Identités, Open Source, Sécurité, SSO
In this article we will discuss about Postgres OAuth2 Authentication and why do we need an oauth2 on postgres. Common SSO advantages SSO (in our case with Keycloak) represents many advantages : More than a unique password, a unique login (advantages over an ldap/pg...
par janua | Nov 3, 2017 | Conférence, Gestion des Identités, Sécurité, SSO
This présentation to share knowledge about OpenAM 13.5 Core Token Services ( aka CTS). We will talk about: CTS Presensation CTS architectural presentation CTS setup Managing CTS tokens CTS monitoring Transcript : – – – OPENAM 13.5 – CTS by Olivier Rivat –...
par janua | Nov 3, 2017 | Gestion des Identités, Sécurité, SSO
This article describes how to investigate Oauth2 Authorization code Request. As a reminder, the principal of Oauth2 Authorization code Request is two-steps: User Authentication Consent acceptance Get an authorization code , in response of the POST exchange this...
par janua | Avr 12, 2017 | Communauté, Gestion des Identités, Sécurité, SSO
Tuning OpenAm maximum session number could be very important for performance issues, not well documented, so we will intend to share with you in this article how we manage it. 1) OpenAM Maximum session Number OpenAM maximum session Number is described by the attribute...
par janua | Avr 12, 2017 | Communauté, Gestion des Identités, SSO
This article intend to share with you about a complex subject, OpenAM caching mechanism and persistent search. 1) OpenAM Caches OpenAM comes with 2 caches: IDRepo Cache Service Management Cache By default, those both active are active, when nothing else has been...
par janua | Avr 3, 2017 | Communauté, Gestion des Identités
This article describes how to install UI environment on remote linux ubuntu server. It could be very usefull when using remote cloud servers for test purposes. 1) On your your remote server: 1.1) Download X packages sudo apt-get install xserver-xorg-core 1.2) add to...
par janua | Nov 25, 2016 | Communauté, Sécurité, SSO
In this Oauth2 and OpenID Connect presentation we will talk about : ● OIDC concepts ● OIDC flows ● Using OIDC with refresh token ● OIDC OpenAM use case example Oauth2 and OpenID Connect
par janua | Oct 17, 2016 | Presse, Sécurité
Communiqué de presse : SemanticExperts rejoint Janua. Bien connu des sophipolitains, SemanticExperts (plus connue sous son nom de marque READOR), originaire d’un projet de recherche INRIA , a été fondée par Christophe Desclaux en 2013 et incubée à l’IPE...
par janua | Sep 14, 2016 | Gestion des Identités, Sécurité, SSO
This article describes how to install an Apache web policy agent for OpenAM. The components used are: Apache 2.4 OpenAM 12 OpenAM Web policy agent 4.01 Below are described all the different steps to be achieve this. 1) Installation of an apache 2.4 server source...
par janua | Sep 12, 2016 | Gestion des Identités, Sécurité, SSO
Why using Oauth2-openID Connect for mobile apps ? Quite often mobile applications tend to store the user credentials to connect to the application on the mobile device itself. What if your mobile get lost or stolen ? It means that one that anybody could access...
par janua | Sep 9, 2016 | Communauté, Gestion des Identités, Sécurité, SSO
This article describes how to use authorization code grant type with OpenAM. Authorization code is the most secured grant when providing Oauth2 connection, as the access token is not stored within your browser. On openam the authorization code has been made 1H to...
