Modern authentication in Sling with OpenID Connect and Keycloak

Speaking of modern authentication for the Web, we usually assume features like single sign-on, social login, strong multifactor auth, protection from brute-force attacks and automated registrations & many more.

Unfortunately, Sling offers only very basic authentication and identity management out of the box. Our proposal is not to reinvent all of the above within Sling, but rather to delegate authentication and IDM to mature, open-source and standards-compliant external service.

In this session, we'll discuss and demonstrate implementation of this approach with Keycloak, open-source identity solution by Red Hat. Combining Apache Sling with Keycloak can also help companies implement ISO/IEC 27000 standards compliant security measures and GDPR (General Data Protection Regulation) compliant processes much more easily; find out how we do that in a production project by attending this talk.

Online-Version of the presentation