We are proud to announce general availability of Red Hat Single Sign-On 7.1 (RH-SSO). RH-SSO is a standards-based, out-of-the-box authentication, web single sign-on, and authorization service, which mediates between your enterprise user directory or third-party identity provider for identity information and your applications via standards-based tokens.

Documentation and downloads are available in the Customer Portal. RPM packages are available for Red Hat Enterprise Linux 6 and 7 systems through Red Hat Subscription Management.

Features and Highlights

OPENID CONNECT CERTIFICATION

The Keycloak version included in Red Hat Single Sign-On (RH-SSO) 7.1 conforms to the 5 OpenID Connect profiles: Basic, Implicit, Hybrid, Config, and Dynamic. Certification was achieved in Keycloak v2.3 (http://openid.net/certification/). Future RH-SSO versions will remain compatible with these profiles, unless documented otherwise.

 

CLIENT ADAPTER FOR RED HAT FUSE

RH-SSO 7.1 features a new client adapter for Red Hat Fuse, which enables securing web application archives (WARs), servlets, Apache routes and Apache CXF endpoints deployed on Red Hat Fuse, in both Apache Karaf and Red Hat JBoss Enterprise Application Platform (JBoss EAP).

 

NODE.JS CLIENT ADAPTER

RH-SSO 7.1 includes a new Node.js client adapter, which enables use of RH-SSO 7.1 Server for authentication and web single sign-on for Node.js applications.

 

EXTERNALIZED AUTHORIZATION SERVICE

RH-SSO 7.1 introduces a new authorization service feature-set, based on the User Managed Access specification. This enables RH-SSO 7.1 Server to act as a policy administration point, policy decision point, or policy information point, separating the authorization logic from the application.

 

USER STORAGE SPI

RH-SSO 7.1 features a new user storage SPI that you can use to implement your own custom user storage federation provider, such as a relational or NoSQL database, to enable federation of users from any user store.

 

SSSD INTEGRATION

RH-SSO 7.1 adds an integration with System Security Services Daemon (SSSD) in Red Hat Enterprise Linux (RHEL) 7.3. This enables use of SSSD as a user federation provider in front of a Microsoft Active Directory forest.

 

CLIENT REGISTRATION CLI

RH SSO 7.1 introduces a command-line interface (CLI) for developers to register client applications on RH-SSO Server.