How to use keycloak for zoneminder?

Does anybody know how to use keycloak for a web app that just uses basic HTTP authentication?

I want to use SSO for zoneminder but it only handles users by using an “Authentication:” HTTP header.


Ack I guess this is a new thing nowadays. What I want to do is exactly what this guy is talking about but for zoneminder:

I just can’t find any sample configurations for nginx or apache though!!! I guess what I’m really looking for is more about how to configure nginx and/or apache.

Check this out and see if this helps your further

I’m not exactly sure what that example is doing but it appears to be using wildfly as web server and using “direct access grants” to pass the credentials or something.

When zoneminder is in “remote” auth mode, it only pays attention to the username in the basic authentication header.

getting closer, for future google searching (by me):

Hi. We use mod_auth_openidc with Apache and Keycloak Gatekeeper with Nginx, but Gatekeeper requires multiple Nginx vhosts if you would like to talk to FCGI applications (nginx -> gatekeeper -> nginx -> fcgi)

Do you happen to have any sample configs that work? I still haven’t managed to set anything up.

The lua-resty-openidc plugin looks promising but man it is a pain to set up. The only howto I could find was for centos. I’ve tried getting it to work on ubuntu 18.04 but there is all kinds of dependency problems.

Little did I know, setting up a reverse proxy for OIDC to http basic authentication is NOT trivial