Logo do repositório
 
A carregar...
Miniatura
Publicação

Autenticação Federada com Keycloak e Active Directory

Utilize este identificador para referenciar este registo.
Nome:Descrição:Tamanho:Formato: 
TM_Joao_Teta.pdf3.65 MBAdobe PDF Ver/Abrir

Orientador(es)

Resumo(s)

This dissertation is set in the context of the Informatics Department (DI) of the Faculty of Sciences, University of Lisbon, whose current infrastructure — based on an on-premises Active Directory (AD) — presents limitations in terms of resilience, interoperability, and support for modern authentication protocols. In a scenario of growing cloud adoption and the need for federated access to external applications, it becomes essential to modernize the Identity and Access Management (IAM) system and ensure the continuity of critical services. To address these challenges, a federated authentication solution was designed, integrating the existing AD with Keycloak, an open-source IAM platform, within a hybrid architecture. Two architectural hypotheses were implemented and evaluated: (i) Keycloak instances sharing a PostgreSQL database managed by Patroni, ensuring consistency and automatic failover; and (ii) independent Keycloak instances, each with its own database, federating the same AD. Experimental load tests revealed average response times between 0.48 s and 1.1s, error rates below 0.5%, and throughput up to 90 requests per second — values consistent with a smooth and responsive user experience. Results show that both approaches are feasible: the first excels in robustness and data consistency, while the second stands out for its operational simplicity and lower complexity. This comparative analysis provides valuable insights for adopting hybrid IAM solutions in institutional contexts, combining security, scalability, and interoperability across on-premises and cloud environments.

Descrição

Tese de mestrado, Engenharia Informática, 2025, Universidade de Lisboa, Faculdade de Ciências

Palavras-chave

Federated Authentication Keycloak Active Directory IAM Hybrid Infrastructure

Contexto Educativo

Citação

Projetos de investigação

Unidades organizacionais

Fascículo