Re: [new] net/keycloak-20.0.3 - Identity and Access Management solution

Mon, 23 Jan 2023 11:12:54 -0800 

Aisha, thank you for your efforts!

Please find the attached updated version to consider if my changes are
relevant and make sense.

1. +CATEGORIES =   security
   Keycloak's purpose is authentication/authorization so I think it
   better fits better to security category
2. +MODJAVA_VER =  17
   Keycloak works fine with jdk-17, I don't see any reason for
   downgrading jdk dependnecy
3. Added patches for other shell scripts, they don't work, but at least
   we can see the reason why they don't work
4. All other changes are related to paths:
     * It's a matter of taste, but paths like
        ${PREFIX}/share/java/keycloak/bin look a bit weird,
        I consider Keycloak a standalone app like Elasticsearch or
        Logstash and I think it deserves it's own folder under
        /usr/local similar to /opt/keycloak placement used in Linux
     * Configuration files definitely should go to /etc/keycloak/
     * State files, particularly DB files should go to /var/db/keycloak
5. rc script: I don't see any purpose for /var/run/keycloak dir, and
   /var/log/keycloak can be created via PLIST

Finally, since it's quite a complex piece of software, it would be great
to have package's README which at least shows what goes where under
OpenBSD and how to start it, not a big deal, but would be nice in a
perfect world :)

On 01/15, aisha wrote:
> Hi,
>   I've attached a port of keycloak - https://www.keycloak.org/ - 
> https://github.com/keycloak/keycloak - an identity and access management 
> solution from redhat.
> Copying the DESCR:
> 
> > Keycloak is an open source Identity and Access Management solution
> > aimed at modern applications and services. It makes it easy to
> > secure applications and services with little to no code, providing
> > the following features:
> > - SAML, OAuth 2.0 and OpenID Connect
> > - Single Sign On
> > - Admin Console
> > - Account Management Console
> > - User Federation with LDAP and Active Directory
> > - Identity Brokering and Social Login
> 
> 
> It has been working fine for a while now. The command line programs 'kcadm' 
> and 'kcreg' don't work as openbsd is not a recognized platform but I have 
> opened PRs upstream to fix this and hopefully it should just work (tm) once 
> they get merged.
> 
> tests and OKs welcome.
> 
> Cheers,
> Aisha



-- 
With best regards,
Pavel Korovin

Attachment: keycloak.tar.gz
Description: Binary data

Reply via email to