Keycloak

Keycloak is an open source Identity and Access Management solution that can be used to authenticate RapidMiner Go users.

To find out more about Keycloak, visit:https://www.keycloak。org/

When using Keycloak, the RMID component of Go is not needed.

配置

Edit the.envfile to add the URL of your Keycloak installation:KEYCLOAK_URL=https://keycloak.mydomain.com

The KEYCLOAK_URL cannot belocalhostbecause it needs to be accessible from inside the AM docker container.

You can create the sampleGorealm by importing the realm file atkeycloak/realm-export.json

This realm contains two OIDC clients -go-frontendandgo-backend. It also has 2 predefined roles:

go:user- the default user role
am:admin- admin role needed to access the automodeler Admin UI at/am/admin

Docker-compose configuration

You can find a sample docker-compose configuration indocker-compose-services-keycloak.yml.

To enable Keycloak authentication in Go addkeycloakto Spring active profiles for the Automodeler service:

rapidminer-automodeler: image: rapidminer/rapidminer-automodeler:${IMAGE_TAG_AM} mem_limit: ${MEMORY_AM} environment: SPRING_PROFILES_ACTIVE: on-prem,db-postgresql,branding,keycloak

Here are some of the variables you might need to set:

KEYCLOAK_REALM: Go KEYCLOAK_AUTH_SERVER_URL: ${KEYCLOAK_URL}/auth/ KEYCLOAK_RESOURCE: go-backend FRONTEND_KEYCLOAK_CLIENT_ID: go-frontend

Categories

Versions

Keycloak

配置

Docker-compose configuration