Reputation: 11
Can we integrate keycloak to add security to a asp.net web application?
As part of a project we have integrated keycloak with our .net core application, but we have a legacy system which is a asp.net web application, It have its own login screen whenever a user logs in it should fetch the username and password and validate against Keycloak.
The approach we are trying to do is.
1.Fetch all users from Keycloak on a specific realm
2.Parse the json and find whether the specifc username and password exist in that json array.
Is this way of giving authentication is correct?
Need some suggestion!!!
Upvotes: 0
Views: 2204
Answers (1)
Reputation: 2764
Take a look at their basic authentication example...
https://github.com/keycloak/keycloak/tree/master/examples/basic-auth
As stated in the comments. Returning JSON with all of the username and passwords is NOT secure, hashed/salted/or not, it doesn't matter.
Upvotes: 0
Related Questions
- Keycloak .net 5 api service
- Keycloak client for ASP.NET Core
- keycloak integration with Azure AD for webapp authentication
- How to use keycloak in .net core 5.0 with AspNet Core Identity?
- Using Keycloak as a Single Sign On solution for ASP.Net applications
- keycloak doesn't work with asp.net MVC5 web app (C#)
- How to achieve Single Sign-Out in Keycloak/Spring based applications?
- .NET Core 2 programmatically authentcation on Keycloak example
- Keycloak secure user registration
- Session Management using keycloak