Existing User Model

Keycloak is an open source Identity and Access Management solution aimed at modern applications and services. It is a Java application supplied in a bundled WildFly appplication server component. The keycloak model is that Users authenticate with Keycloak rather than individual applications. This means that our applications don’t have to deal with login forms, authenticating users, and managing users. Once logged-in to Keycloak, users don’t have to login again to access a different application.

The principle of abstracting user authentication and authorisation from application code is, of course, nothing new and products such as WebSeal and Policy Director have been around since the turn of the century. In practice, of course, nothing is ever that simple and whilst coarse grained authentication and permissions can be abstracted, fine grained controls almosty always "bleed" back into the application.