Diagram: Difference between revisions
Jump to navigation
Jump to search
| Line 91: | Line 91: | ||
PG --> EC2B | PG --> EC2B | ||
PG --> EC2C | PG --> EC2C | ||
@enduml | |||
</kroki> | |||
==Keycloak » SSO » LDAP== | |||
<kroki lang="plantuml"> | |||
@startuml | |||
skinparam actorStyle awesome | |||
autonumber | |||
actor "User" as user | |||
participant "App (Jira/Wiki)" as app | |||
participant "Keycloak (OIDC)" as keycloak | |||
participant "LDAP (shahed.biz)" as ldap | |||
participant "Database (PostgreSQL)" as db | |||
== Management Flow (Admin) == | |||
note over keycloak, ldap: Admin creates user in Keycloak UI | |||
keycloak -> ldap: LDAP ADD (uid=jdoe, ou=Jira, dc=shahed, dc=biz) | |||
ldap --> keycloak: Success | |||
== Authentication Flow (OIDC Web App) == | |||
user -> app: Access Jira | |||
app -> user: Redirect to Keycloak Login | |||
user -> keycloak: Enter Credentials | |||
keycloak -> ldap: BIND (uid=jdoe) / Verify Credentials | |||
ldap --> keycloak: Success (OK) | |||
keycloak -> user: Issue OIDC Token (JWT) | |||
user -> app: Provide Token | |||
app -> app: Validate Token & Roles | |||
app --> user: Access Granted | |||
== Authentication Flow (Legacy/Database) == | |||
user -> db: psql -h db.shahed.biz -U jdoe | |||
db -> ldap: LDAP BIND (uid=jdoe, ou=DBA, dc=shahed, dc=biz) | |||
ldap --> db: Success (OK) | |||
db --> user: Connection Established | |||
@enduml | @enduml | ||
</kroki> | </kroki> | ||
Revision as of 08:28, 13 January 2026
Example
Cloudflare » BlockDiagram
Cloudflare » PlantUML
Keycloak » SSO » LDAP
Encrypt » E2E » JWE
References
|
References | ||
|---|---|---|