Johannes Kastl<p>Currently reading "Keycloak - Identity and Access management for modern applications" by Stian Thorgerson and Pedro Igor Silva.</p><p><a href="https://digitalcourage.social/tags/Keycloak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Keycloak</span></a> <a href="https://digitalcourage.social/tags/IAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IAM</span></a> <a href="https://digitalcourage.social/tags/AccessManagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AccessManagement</span></a> <a href="https://digitalcourage.social/tags/identityManagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>identityManagement</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
fosstodon.org is one of the many independent Mastodon servers you can use to participate in the fediverse.
Fosstodon is an invite only Mastodon instance that is open to those who are interested in technology; particularly free & open source software.
If you wish to join, contact us for an invite.
Administered by:
Server stats:
9.9Kactive users
fosstodon.org: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.7
#keycloak
6 posts · 6 participants · 1 post today
Rad Web Hosting<p>How to Deploy <a href="https://mastodon.social/tags/Keycloak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Keycloak</span></a> on <a href="https://mastodon.social/tags/Ubuntu" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Ubuntu</span></a> <a href="https://mastodon.social/tags/VPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VPS</span></a> Here’s a clear and detailed how-to guide for how to deploy Keycloak on Ubuntu VPS. This guide uses Keycloak in standalone mode with PostgreSQL as the database and NGINX as a reverse proxy with SSL.<br>What is Keycloak?<br>Keycloak is an open-source identity and access management (IAM) solution developed by Red Hat. It provides authentication, authorization, and user management features for modern applications and ...<br>Continued 👉 <a href="https://blog.radwebhosting.com/how-to-deploy-keycloak-on-ubuntu-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=ReviveOldPost" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.radwebhosting.com/how-to-</span><span class="invisible">deploy-keycloak-on-ubuntu-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=ReviveOldPost</span></a></p>
LavX News<p>Exposed AWS S3 Bucket: A Wake-Up Call for Cybersecurity in Cloud Infrastructure</p><p>An unclaimed AWS S3 bucket posed a severe risk to GJC Corp, a major Brazilian media group, by allowing potential attackers to execute malicious JavaScript on their authentication portals. This inciden...</p><p><a href="https://news.lavx.hu/article/exposed-aws-s3-bucket-a-wake-up-call-for-cybersecurity-in-cloud-infrastructure" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://</span><span class="ellipsis">news.lavx.hu/article/exposed-a</span><span class="invisible">ws-s3-bucket-a-wake-up-call-for-cybersecurity-in-cloud-infrastructure</span></a></p><p><a href="https://mastodon.cloud/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>news</span></a> <a href="https://mastodon.cloud/tags/tech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>tech</span></a> <a href="https://mastodon.cloud/tags/AWS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AWS</span></a> <a href="https://mastodon.cloud/tags/CloudSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CloudSecurity</span></a> <a href="https://mastodon.cloud/tags/Keycloak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Keycloak</span></a></p>
Alexander Dunkel<p>Just published a small tool we use in our non-profit to export user data from <a href="https://himself.alexanderdunkel.com/tags/Keycloak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Keycloak</span></a> into Excel or LibreCalc ODS format. It pulls standard and custom fields like IBAN, birthdate, phone, etc., using the Keycloak Admin API. You can run it through a SOCKS proxy if access is restricted. We need this to unite online (Keycloak) and offline accounts (<a href="https://himself.alexanderdunkel.com/tags/JVerein" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>JVerein</span></a>).</p><p>Config is done via a `.env` file, and the output is a clean Excel/ODS file you can use for reporting or integration. Repo here [1] — feel free to use or adapt it! </p><p><a href="https://himself.alexanderdunkel.com/tags/keycloak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>keycloak</span></a> <a href="https://himself.alexanderdunkel.com/tags/python" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>python</span></a> <a href="https://himself.alexanderdunkel.com/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>opensource</span></a> <a href="https://himself.alexanderdunkel.com/tags/nonprofit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nonprofit</span></a> <a href="https://himself.alexanderdunkel.com/tags/automation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>automation</span></a> <br><a href="https://himself.alexanderdunkel.com/tags/excel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>excel</span></a> <a href="https://himself.alexanderdunkel.com/tags/adminapi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>adminapi</span></a> <a href="https://himself.alexanderdunkel.com/tags/ods" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ods</span></a> <a href="https://himself.alexanderdunkel.com/tags/jverein" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>jverein</span></a> </p><p>[1]: <a href="https://framagit.org/lausitzer-surfer-eV/management/pull_user_keycloak" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">framagit.org/lausitzer-surfer-</span><span class="invisible">eV/management/pull_user_keycloak</span></a></p>
Max Maass :donor:<p>Long shot, but: As my project for <a href="https://infosec.exchange/tags/eh22" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>eh22</span></a> I was thinking about extending our <a href="https://infosec.exchange/tags/Keycloak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Keycloak</span></a> configuration auditor with some checks for <a href="https://infosec.exchange/tags/SAML" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SAML</span></a>-based authentication. However, I know next to nothing about SAML and am a bit lost, to be honest. If anyone is at <a href="https://infosec.exchange/tags/eh22" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>eh22</span></a> who has some knowledge about SAML security and common misconfigurations (on the server or client side), and wants to collaborate to create some checks for <a href="https://infosec.exchange/tags/kcwarden" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>kcwarden</span></a> (<a href="https://github.com/iteratec/kcwarden" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/iteratec/kcwarden</span><span class="invisible"></span></a>), hit me up.</p>
Alexander Schwartz<p>Our <a href="https://fosstodon.org/tags/Keycloak" class="mention hashtag" rel="tag">#<span>Keycloak</span></a> highlights from <a href="https://fosstodon.org/tags/Kubecon" class="mention hashtag" rel="tag">#<span>Kubecon</span></a> EU London! Watch the recoded talk about <a href="https://fosstodon.org/tags/OpenIDConnect" class="mention hashtag" rel="tag">#<span>OpenIDConnect</span></a> and <a href="https://fosstodon.org/tags/Observability" class="mention hashtag" rel="tag">#<span>Observability</span></a>, and join our survey at <a href="https://www.keycloak.org/2025/04/keycloak-kubecon25-eu-recap" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://www.</span><span class="ellipsis">keycloak.org/2025/04/keycloak-</span><span class="invisible">kubecon25-eu-recap</span></a></p>
Steffo :steffo:<p>So... I switched from Keycloak to authentik. And this is how it went!</p><p><a href="https://steffo.blog/i-switched-from-keycloak-to-authentik/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">steffo.blog/i-switched-from-ke</span><span class="invisible">ycloak-to-authentik/</span></a></p><p>Sure, it's not the best blog post, but it's better than nothing, I guess.</p><p><a href="https://fellies.social/tags/blog" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blog</span></a> <a href="https://fellies.social/tags/authentik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authentik</span></a> <a href="https://fellies.social/tags/keycloak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>keycloak</span></a> <a href="https://fellies.social/tags/selfhost" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>selfhost</span></a></p>
lazy cat ☮️<p>I whined lately 🙄 about how complex <a class="hashtag" href="https://apeiron.aire.ml/tag/matrix" rel="nofollow noopener noreferrer" target="_blank">#Matrix</a> infrastructure became after migration to separate <a class="hashtag" href="https://apeiron.aire.ml/tag/matrixauthenticationservice" rel="nofollow noopener noreferrer" target="_blank">#MatrixAuthenticationService</a> and <a class="hashtag" href="https://apeiron.aire.ml/tag/elementcall" rel="nofollow noopener noreferrer" target="_blank">#ElementCall</a>. well… now I have it all: I've configured <a class="hashtag" href="https://apeiron.aire.ml/tag/mas" rel="nofollow noopener noreferrer" target="_blank">#MAS</a> with upstream <a class="hashtag" href="https://apeiron.aire.ml/tag/keycloak" rel="nofollow noopener noreferrer" target="_blank">#Keycloak</a> backed with <a class="hashtag" href="https://apeiron.aire.ml/tag/ldap" rel="nofollow noopener noreferrer" target="_blank">#LDAP</a> db, and deployed <a class="hashtag" href="https://apeiron.aire.ml/tag/livekit" rel="nofollow noopener noreferrer" target="_blank">#LiveKit</a> (coupled with its JWT auth service). as a result I have now 6 subdomains more than a week ago, which serviced by 5 additional <a class="hashtag" href="https://apeiron.aire.ml/tag/containers" rel="nofollow noopener noreferrer" target="_blank">#containers</a>. not so much, though… 🤷 but it was a week of work, and it was real pain in the neck to configure all those services. I mean, think of all inter-services links, all those domains, SSL certificates, config files, containers and grains of information (not always actual or accurate) spread sparsely over all the Internet. and note, folks, I'm an IT professional with years of experience in system administration and <a class="hashtag" href="https://apeiron.aire.ml/tag/devops" rel="nofollow noopener noreferrer" target="_blank">#DevOps</a>. 🧐</p><p>but nevertheless, it's a win in the end. I guess, it is. all works as intended, I've got enterprize-level services for my personal entertainment and tons of experience and knowledge for my career. but since I <em>know</em> how and why it works, I'm shuddering with horror, 'cos I understand, how fragile it is. 🤪</p>
Alexander Schwartz<p>🚢 <a href="https://fosstodon.org/tags/Keycloak" class="mention hashtag" rel="tag">#<span>Keycloak</span></a> shipped release 26.2 today (Friday afternoon)! 🚢</p><p>Pimp your <a href="https://fosstodon.org/tags/SingleSignOn" class="mention hashtag" rel="tag">#<span>SingleSignOn</span></a> with a lot of new features. And it became even simpler to host it yourself! </p><p>* Least-privileged delegated access without service desk tickets.<br />* Enhanced token-exchange for accurate and narrowly scoped tokens for <a href="https://fosstodon.org/tags/zerotrust" class="mention hashtag" rel="tag">#<span>zerotrust</span></a> architectures.<br />* Pre-defined <a href="https://fosstodon.org/tags/Grafana" class="mention hashtag" rel="tag">#<span>Grafana</span></a> dashboard to monitor service level indicators.<br />* Simplified update and configuration to increase availability.</p><p><a href="https://www.keycloak.org/2025/04/keycloak-2620-released" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://www.</span><span class="ellipsis">keycloak.org/2025/04/keycloak-</span><span class="invisible">2620-released</span></a></p>
Rad Web Hosting<p>How to Deploy <a href="https://mastodon.social/tags/Keycloak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Keycloak</span></a> on <a href="https://mastodon.social/tags/Ubuntu" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Ubuntu</span></a> <a href="https://mastodon.social/tags/VPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VPS</span></a> Here’s a clear and detailed how-to guide for how to deploy Keycloak on Ubuntu VPS. This guide uses Keycloak in standalone mode with PostgreSQL as the database and NGINX as a reverse proxy with SSL.<br>🔧 Prerequisites</p><p> Ubuntu VPS (20.04 or later)<br> Root or sudo access<br> Domain name (e.g., auth.example.com)<br> PostgreSQL installed or access to a PostgreSQL server<br> Open ports: 80, 443</p><p>How to Deploy ...<br>Continued 👉 <a href="https://blog.radwebhosting.com/how-to-deploy-keycloak-on-ubuntu-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=ReviveOldPost" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.radwebhosting.com/how-to-</span><span class="invisible">deploy-keycloak-on-ubuntu-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=ReviveOldPost</span></a></p>
Alexander Schwartz<p>Translating <a href="https://fosstodon.org/tags/Keycloak" class="mention hashtag" rel="tag">#<span>Keycloak</span></a> with <span class="h-card" translate="no"><a href="https://fosstodon.org/@weblate" class="u-url mention">@<span>weblate</span></a></span>! Keycloak runs in a lot of regions and countries.<br />For translations, Keycloak now integrates with Weblate to simplify the process.<br />Join us in the upcoming episode of Keycloak Hour of Code on Apr 14/15 to see it live and in action, and to ask your questions. <br /><a href="https://www.keycloak.org/2025/04/weblate-announce" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://www.</span><span class="ellipsis">keycloak.org/2025/04/weblate-a</span><span class="invisible">nnounce</span></a></p>
Andrii Mishkovskyi 🇺🇦<p>Hold up, SLO must be defined over large time window, not 5 minutes my dude. <a href="https://hachyderm.io/tags/kubecon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>kubecon</span></a> <a href="https://hachyderm.io/tags/keycloak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>keycloak</span></a></p>
Alexander Schwartz<p>"Authenticate and authorize users your way" - Thanks for having my talk at Voxxed Days Zurich <a href="https://fosstodon.org/tags/VDZ25" class="mention hashtag" rel="tag">#<span>VDZ25</span></a> presenting <a href="https://fosstodon.org/tags/OpenIDConnect" class="mention hashtag" rel="tag">#<span>OpenIDConnect</span></a> and <a href="https://fosstodon.org/tags/Keycloak" class="mention hashtag" rel="tag">#<span>Keycloak</span></a>.</p><p><a href="https://youtu.be/SR59HPXyQSE?si=WdN64fczv-ErWxW3" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="ellipsis">youtu.be/SR59HPXyQSE?si=WdN64f</span><span class="invisible">czv-ErWxW3</span></a></p><p>Slides: <a href="https://speakerdeck.com/ahus1/delegating-the-chores-of-authenticating-users" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="ellipsis">speakerdeck.com/ahus1/delegati</span><span class="invisible">ng-the-chores-of-authenticating-users</span></a></p>
Matv1<p>Ik zoek contact met personen of bedrijven die evaring hebben met <a href="https://mastodon.social/tags/keycloak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>keycloak</span></a> <a href="https://mastodon.social/tags/idm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>idm</span></a> <a href="https://mastodon.social/tags/iam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iam</span></a> in organisaties van omvang in nederland. En liefst ruimer dan alleen voor <a href="https://mastodon.social/tags/sso" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>sso</span></a> en <a href="https://mastodon.social/tags/Authenticatie" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Authenticatie</span></a> <br>Ken je implementaties, migraties vanuit andere systemen?<br>Ken je implementatiepartners die dit doen, of mensen die Keycloak binnen hun eigen organisatie (bij voorkeur non-profit, liefst <a href="https://mastodon.social/tags/onderwijs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>onderwijs</span></a> ) die beheren, aarzel niet om me te pingen. Mag ook n dm.</p><p>Boost waardeer ik!</p><p><a href="https://mastodon.social/tags/identitymanagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>identitymanagement</span></a> <a href="https://mastodon.social/tags/accessmanagent" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>accessmanagent</span></a> <a href="https://mastodon.social/tags/surf" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>surf</span></a></p>
Rainer "friendica" Sokoll<p>Für alle Fans von <a href="https://friendica.sokoll.com/search?tag=nextcloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nextcloud</span></a> und/oder <a href="https://friendica.sokoll.com/search?tag=owncloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>owncloud</span></a>:</p><p>Das kann man im Privatumfeld verwenden, sicherlich auch in kleinen Firmen. Unperformant wird es dann, wenn man ein paar hundert Nutzer hat. Die will man nämlich nicht lokal haben, die will man in einem Directory haben (LDAP). Ja, das geht. Und es ist schmerzhaft. Probierts aus! Und wir reden noch gar nicht von Gruppen, das geht nämlich nicht, jedenfalls nicht in der freien Nextcloud-Version (korrigiert mich, wenn ich falsch liege)</p><p>Und damit zu <a href="https://friendica.sokoll.com/search?tag=Azure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Azure</span></a>: Dessen Stärke ist gar nicht so sehr das Teilen von Dateien, wie es NC und Dropbox und… können, nein, dessen Stärke ist <a href="https://friendica.sokoll.com/search?tag=entra" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>entra</span></a>, also das Identity Management.<br>Du kannst halt andere Organisationen, die auch bei Azure sind, schnell (aber nicht unbedingt unkompliziert) zum Beispiel an Dein <a href="https://friendica.sokoll.com/search?tag=Jenkins" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Jenkins</span></a> anbinden.<br>Ja, geht auch mit <a href="https://friendica.sokoll.com/search?tag=keycloak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>keycloak</span></a>. Wenn Du eine IT-Abteilung hast, die das pflegt.</p><p>TL;DR: Es gibt auf Jahre oder Jahrzehnte im geschäftlichen Bereich keine Alternative zu Azure.</p><p>Und nun haut mich 😀</p>
Seth Grover<p><u>This has been a busy month for Malcolm! I pushed hard to get <a href="https://github.com/cisagov/Malcolm/releases/tag/v25.03.0" rel="nofollow noopener noreferrer" target="_blank">v25.03.0</a> out earlier this month, as it contained pretty much just the Keycloak integration one of our partners (and major funding sources) was waiting for. Rather than wait until April for the other stuff that would have gone into the regular end-of-the-month release, I decided to pull those items into this smaller release just a week and a half after the last one.</u></p><p><a href="https://github.com/cisagov/Malcolm/releases/tag/v25.03.0" rel="nofollow noopener noreferrer" target="_blank">Malcolm v25.03.1</a> contains a few enhancements, bug fixes, and several component version updates, including one that addresses a CVE that may affect Hedgehog Linux Kiosk mode and Malcolm's API container.</p><p><strong>NOTE:</strong> If you have not already upgraded to v25.03.0, read the notes for <a href="https://github.com/cisagov/Malcolm/releases/tag/v25.02.0" rel="nofollow noopener noreferrer" target="_blank">v25.02.0</a> and <a href="https://github.com/cisagov/Malcolm/releases/tag/v25.03.0" rel="nofollow noopener noreferrer" target="_blank">v25.03.0</a> and follow the <strong>Read Before Upgrading</strong> instructions on those releases.</p><p><a href="https://github.com/cisagov/Malcolm/compare/v25.03.0...v25.03.1" rel="nofollow noopener noreferrer" target="_blank">Changes in this release</a></p><ul><li>✨ Features and enhancements<ul><li>Incorporate new S7comm device identification log, <code>s7comm_known_devices.log</code> (<a href="https://github.com/cisagov/malcolm/issues/622" rel="nofollow noopener noreferrer" target="_blank">#622</a>)</li><li>Display current PCAP, Zeek, and Suricata capture results in Hedgehog Linux <a href="https://malcolm.fyi/docs/hedgehog-boot.html#HedgehogKioskMode" rel="nofollow noopener noreferrer" target="_blank">Kiosk mode</a> (<a href="https://github.com/cisagov/malcolm/issues/566" rel="nofollow noopener noreferrer" target="_blank">#566</a>)</li><li>Keycloak authentication: configurable group or role membership restrictions for login (<a href="https://github.com/cisagov/malcolm/issues/633" rel="nofollow noopener noreferrer" target="_blank">#633</a>) (see <a href="https://malcolm.fyi/docs/authsetup.html#AuthKeycloakGroupsAndRoles" rel="nofollow noopener noreferrer" target="_blank"><strong>Requiring user groups and realm roles</strong></a>)</li><li>Mark newly-discovered and uninventoried devices in logs during NetBox enrichment (<a href="https://github.com/cisagov/malcolm/issues/573" rel="nofollow noopener noreferrer" target="_blank">#573</a>)</li><li>Added "Apply recommended system tweaks automatically without asking for confirmation?" question to <code>install.py</code> to allow the user to accept changes to <code>sysctl.conf</code>, grub kernel parameters, etc., without having to answer "yes" to each one.</li></ul></li><li>✅ Component version updates<ul><li>Arkime to <a href="https://github.com/arkime/arkime/blob/8c014b0e4e5c9a4dca05780b172def120a50bf30/CHANGELOG#L37-L52" rel="nofollow noopener noreferrer" target="_blank">v5.6.2</a></li><li>evtx to <a href="https://github.com/omerbenamram/evtx/releases/tag/v0.9.0" rel="nofollow noopener noreferrer" target="_blank">v0.9.0</a></li><li>Fluent Bit to <a href="https://github.com/fluent/fluent-bit/releases/tag/v3.2.10" rel="nofollow noopener noreferrer" target="_blank">v3.2.10</a></li><li>gunicorn to <a href="https://github.com/benoitc/gunicorn/releases/tag/23.0.0" rel="nofollow noopener noreferrer" target="_blank">v23.0.0</a> to address <a href="https://github.com/advisories/GHSA-hc5x-x2vx-497g" rel="nofollow noopener noreferrer" target="_blank">CVE-2024-6827</a>, "Gunicorn HTTP Request/Response Smuggling vulnerability"</li><li>Zeek to <a href="https://github.com/zeek/zeek/releases/tag/v7.1.1" rel="nofollow noopener noreferrer" target="_blank">v7.1.1</a></li></ul></li><li>🐛 Bug fixes<ul><li>Fix <code>install.py</code> error when answering yes to "Pull Malcolm images?" with podman (<a href="https://github.com/cisagov/malcolm/issues/604" rel="nofollow noopener noreferrer" target="_blank">#604</a>)</li><li>Order of user-provided tags from PCAP upload interface not preserved (<a href="https://github.com/cisagov/malcolm/issues/624" rel="nofollow noopener noreferrer" target="_blank">#624</a>)</li></ul></li><li>📄 Configuration changes (in <a href="https://malcolm.fyi/docs/malcolm-config.html#MalcolmConfigEnvVars" rel="nofollow noopener noreferrer" target="_blank">environment variables</a> in <a href="https://github.com/cisagov/Malcolm/blob/main/config" rel="nofollow noopener noreferrer" target="_blank"><code>./config/</code></a>) for Malcolm and in <a href="https://github.com/cisagov/Malcolm/blob/main/hedgehog-iso/interface/sensor_ctl/control_vars.conf" rel="nofollow noopener noreferrer" target="_blank"><code>control_vars.conf</code></a> for Hedgehog Linux<ul><li>added <code>NGINX_REQUIRE_GROUP</code> and <code>NGINX_REQUIRE_ROLE</code> to <a href="https://github.com/cisagov/Malcolm/blob/main/config/auth-common.env.example" rel="nofollow noopener noreferrer" target="_blank"><code>auth-common.env</code></a> to support <a href="https://malcolm.fyi/docs/authsetup.html#AuthKeycloakGroupsAndRoles" rel="nofollow noopener noreferrer" target="_blank"><strong>Requiring user groups and realm roles</strong></a> for Keycloak authentication</li></ul></li><li>🧹 Code and project maintenance<ul><li>Ensure Malcolm's NetBox configuration Python scripts are baked into the image in addition to bind-mounting them in <code>docker-compose.yml</code> at runtime.</li></ul></li></ul><p><a href="https://malcolm.fyi/" rel="nofollow noopener noreferrer" target="_blank">Malcolm</a> is a powerful, easily deployable network 🖧 traffic analysis tool suite for network security monitoring 🕵🏻♀️.</p><p>Malcolm operates as a cluster of containers 📦, isolated sandboxes which each serve a dedicated function of the system. This makes Malcolm deployable with frameworks like Docker 🐋, <a href="https://malcolm.fyi/docs/quickstart.html#DockerVPodman" rel="nofollow noopener noreferrer" target="_blank">Podman</a> 🦭, and <a href="https://malcolm.fyi/docs/kubernetes.html#Kubernetes" rel="nofollow noopener noreferrer" target="_blank">Kubernetes</a> ⎈. Check out the <a href="https://malcolm.fyi/docs/quickstart.html" rel="nofollow noopener noreferrer" target="_blank">Quick Start</a> guide for examples on how to get up and running.</p><p>Alternatively, dedicated official <a href="https://malcolm.fyi/docs/malcolm-hedgehog-e2e-iso-install.html#InstallationExample" rel="nofollow noopener noreferrer" target="_blank">ISO installer images</a> 💿 for Malcolm and Hedgehog Linux 🦔 can be downloaded from Malcolm's <a href="https://github.com/cisagov/Malcolm/releases" rel="nofollow noopener noreferrer" target="_blank">releases page</a> on GitHub. Due to limits on individual files in GitHub releases, these ISO files have been split 🪓 into 2GB chunks and can be reassembled with scripts provided for both Bash 🐧 (<a href="https://github.com/cisagov/Malcolm/blob/main/scripts/release_cleaver.sh" rel="nofollow noopener noreferrer" target="_blank"><code>release_cleaver.sh</code></a>) and PowerShell 🪟 (<a href="https://github.com/cisagov/Malcolm/blob/main/scripts/release_cleaver.ps1" rel="nofollow noopener noreferrer" target="_blank"><code>release_cleaver.ps1</code></a>). See <a href="https://malcolm.fyi/docs/download.html#DownloadISOs" rel="nofollow noopener noreferrer" target="_blank"><strong>Downloading Malcolm - Installer ISOs</strong></a> for instructions.</p><p>As always, join us on the <a href="https://github.com/cisagov/Malcolm/discussions" rel="nofollow noopener noreferrer" target="_blank">Malcolm discussions board</a> 💬 to engage with the community, or pop some corn 🍿 and <a href="https://www.youtube.com/@malcolmnetworktrafficanalysis/playlists" rel="nofollow noopener noreferrer" target="_blank">watch a video</a> 📼.</p><p><a href="https://infosec.exchange/tags/Malcolm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malcolm</span></a> <a href="https://infosec.exchange/tags/HedgehogLinux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HedgehogLinux</span></a> <a href="https://infosec.exchange/tags/Zeek" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Zeek</span></a> <a href="https://infosec.exchange/tags/Arkime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Arkime</span></a> <a href="https://infosec.exchange/tags/NetBox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NetBox</span></a> <a href="https://infosec.exchange/tags/OpenSearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSearch</span></a> <a href="https://infosec.exchange/tags/Elasticsearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Elasticsearch</span></a> <a href="https://infosec.exchange/tags/Suricata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Suricata</span></a> <a href="https://infosec.exchange/tags/SSO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SSO</span></a> <a href="https://infosec.exchange/tags/OIDC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OIDC</span></a> <a href="https://infosec.exchange/tags/Keycloak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Keycloak</span></a> <a href="https://infosec.exchange/tags/PCAP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PCAP</span></a> <a href="https://infosec.exchange/tags/NetworkTrafficAnalysis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NetworkTrafficAnalysis</span></a> <a href="https://infosec.exchange/tags/networksecuritymonitoring" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>networksecuritymonitoring</span></a> <a href="https://infosec.exchange/tags/OT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OT</span></a> <a href="https://infosec.exchange/tags/ICS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ICS</span></a> <a href="https://infosec.exchange/tags/icssecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>icssecurity</span></a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/Cyber" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cyber</span></a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/INL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>INL</span></a> <a href="https://infosec.exchange/tags/DHS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DHS</span></a> <a href="https://infosec.exchange/tags/CISA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CISA</span></a> <a href="https://infosec.exchange/tags/CISAgov" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CISAgov</span></a></p>
Silke Meyer<p>Der Mitschnitt und die Folien von meinem Vortrag "Keycloak - FAQ zu Ausfallsicherheit und Absicherung" bei den <a href="https://univention.social/tags/clt2025" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>clt2025</span></a> sind jetzt online: <a href="https://chemnitzer.linux-tage.de/2025/de/programm/beitrag/185" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">chemnitzer.linux-tage.de/2025/</span><span class="invisible">de/programm/beitrag/185</span></a></p><p><a href="https://univention.social/tags/Keycloak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Keycloak</span></a> <a href="https://univention.social/tags/singlesignon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>singlesignon</span></a> <a href="https://univention.social/tags/mfa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mfa</span></a> <a href="https://univention.social/tags/2fa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2fa</span></a> <a href="https://univention.social/tags/freesoftware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>freesoftware</span></a> <a href="https://univention.social/tags/freiesoftware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>freiesoftware</span></a></p>
Habr<p>[Перевод] SAML2 ещё жив?! Как интегрировать Keycloak со Spring Boot в 2025 году</p><p>Команда Spring АйО перевела статью совместном использовании Spring Boot, SAML2 и Keycloak при запуске приложений. Здесь также приводятся некоторые кастомизированные решения, позволяющие более гибко работать с упомянутым набором технологий.</p><p><a href="https://habr.com/ru/companies/spring_aio/articles/895022/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">habr.com/ru/companies/spring_a</span><span class="invisible">io/articles/895022/</span></a></p><p><a href="https://zhub.link/tags/SAML2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SAML2</span></a> <a href="https://zhub.link/tags/Keycloak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Keycloak</span></a> <a href="https://zhub.link/tags/Spring_Boot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Spring_Boot</span></a> <a href="https://zhub.link/tags/IdP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IdP</span></a> <a href="https://zhub.link/tags/REST" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>REST</span></a></p>
Alexander Schwartz<p>This year is the first time there is a <a href="https://fosstodon.org/tags/KubeCon" class="mention hashtag" rel="tag">#<span>KubeCon</span></a> in Japan, and the <a href="https://fosstodon.org/tags/Keycloak" class="mention hashtag" rel="tag">#<span>Keycloak</span></a> project is excited to be part of it! Register today to join us on June 16-17 2025 in Tokyo, Japan for this exciting event.</p><p><a href="https://www.keycloak.org/2025/03/keycloak-kubecon25-japan-announce" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://www.</span><span class="ellipsis">keycloak.org/2025/03/keycloak-</span><span class="invisible">kubecon25-japan-announce</span></a></p>
Alexander Schwartz<p>Arrived at <a href="https://fosstodon.org/tags/VoxxedDays" class="mention hashtag" rel="tag">#<span>VoxxedDays</span></a> Zurich <a href="https://fosstodon.org/tags/vdz25" class="mention hashtag" rel="tag">#<span>vdz25</span></a> to talk about <a href="https://fosstodon.org/tags/authentication" class="mention hashtag" rel="tag">#<span>authentication</span></a>, <a href="https://fosstodon.org/tags/oidc" class="mention hashtag" rel="tag">#<span>oidc</span></a> and <a href="https://fosstodon.org/tags/keycloak" class="mention hashtag" rel="tag">#<span>keycloak</span></a>. Looking forward to see you at my talk at 15:55 in room 7!</p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
LoginDrag & drop to upload