SimpleSAMLphp and Kopano Konnect Deprecated – Keycloak Will Be the Only IDP in UCS 5.2

Header: Keycloak Identity Provider
As announced, we will introduce Keycloak as the default identity provider (IDP) with UCS 5.2. That raises the question of how long the previous IDP based on SimpleSAMLphp will be supported in UCS. In this article, I explain why we have decided to link the maintenance period of SimpleSAMLphp with that of UCS Release 5.0 and what steps are necessary for existing UCS installations.

Univention and MariaDB Offer Support for the Fail-Safe Operation of Keycloak in UCS

Since last year, the single sign-on solution Keycloak has been a central component of our identity and access management strategy. With Keycloak, third-party applications can log on to the system using standard protocols such as SAML and OpenID Connect. This means that users only have to log on once centrally and can then access all enabled services.

Outlook on the Upcoming Role Design in UCS and UCS@school

Since our last blog article on the future role model, we have made significant progress in transforming the UCS role and rights model. The custom role design, currently under development, is taking shape. In this article, we would like to focus on introducing two promising new components: One of them allows you to evaluate the permissions of a role, while the other is a web module that allows you to create your own roles. Let’s see what else awaits us until the end of the year.

New Features for Keycloak as Upcoming Standard Identity Provider of UCS

With UCS 5.2 Keycloak will become the standard IDP for SAML and OpenID Connect authentication and will replace the current SimpleSAMLPHP and Kopano Connect apps. Read more about the big picture in our blog article Migration of the Identity Provider in UCS – Keycloak App now Part of the Support Scope. The first step we made was the release of Keycloak as a supported Univention app at the end of 2022. Since then, a lot of work has been done to make the Keycloak app a worthy replacement for the SimpleSAMLphp integration.

So, we are making steady progress on our mission to reach feature parity with our SimpleSAMLphp integration. And since the initial release of the Keycloak app, we have also released several app updates each adding new features in terms of a smooth integration into UCS and more configurability.

In this article, we would like to showcase some of the work that has been done over the last few months.

Cool Solution: Single-Sign-On-Integration of Moodle into UCS@school

From pandemics to corporate training, new technologies have transformed the landscape of learning dramatically in recent years. It is especially true in the area of learning platforms. Whether used for self-study or to coordinate homework, learning platforms have become an integral part of almost all educational institutions. Many UCS@school users rely on the well-known Open Source solution Moodle, which can be adapted to individual needs in terms of content and presentation. By integrating Moodle into UCS@school, which we offer as so-called “cool solutions“, teachers and students can easily log in to their courses and classes with their familiar user data.