Armin Friedl has been with the Semantic Web Company for over 1.5 years now. He is a Software Engineer for the backend working primarily with Java, and also heads the department for Software Engineering and PoolParty Product Development. As part of the PoolParty 2022 release, Armin worked extensively on the authentication and user authorization features.
Hear about his experience by clicking on the questions and viewing the transcript.
Tell us how you got started with this release.
By the time I joined, it was already clear that we would integrate Keycloak so I started working on the implementation of it – meaning how it would look, how it could work, the planning, all that.
Before the release, you have to imagine that this whole user management and authentication was done in PoolParty so we did have a login process and users maintained on our side. But now we had to cut this out of PoolParty and move this all over to an external service. It’s complicated work but the payoff is great.
Can you elaborate a bit on what the development process looks like in the team?
In the “old days” of development, people tried to do big upfront design to think of all eventualities and a clear picture of what the development should look like. As it turns out, this barely ever works because when you begin implementing it you realize that some things may interfere with the plan and there may be issues and then you have to react. So it’s very important that a software engineering team remain agile with the programming and optimistic towards the features.
We plan our best, but you can’t think of everything upfront. And it’s not just about reacting either, there’s also innovative thinking because as you work on something, you come across things or ideas that you could improve or add.
It’s a dynamic and organic process. You’re implementing features but also improving code.
Which features did you work on the most in this release?
Authorization, authentication, and user management were of course the biggest part of PoolParty 2022 so the team all had a hand in these features – Keycloak was something that all the PoolParty developers worked on.
We had to move out all the user data and authentication information out of the triple store that we use into Keycloak. Now instead of doing the authorization ourselves, PoolParty can ask Keycloak, “Hey, what are your rules about who can access which projects” and Keycloak tells us “this person can open this project.” The roles and permissions are stored in Keycloak now so the decision is made there.
I was also heavily involved in third party identity providers: so things like SAML, OAuth2, etc. We don’t have to implement this anymore, this comes with Keycloak which is very important for enterprise applications because many companies have centralized user management and want to use these additional protocols.
With the Keycloak integration, we are putting user security in the hands of experts who live and breathe security every day. PoolParty users can feel more secure in the application.
Keycloak is the feature that you and your team members reiterate the most. Can you speak to the advantages of Keycloak a bit more?
The big this is we don’t have to handle security only on our side anymore. This third party component developed by people who specialize in security and do nothing else all day long – is checked and verified there so this is an important part.
And with SAML, before PoolParty 2022, we would try to enable these ourselves, but now we more or less delegate this to Keycloak which has the capabilities already. The people at Keycloak take care that all these protocols are supported properly and provide a lot of integration options. It’s more seamless now.
From your perspective, which feature do you think users can be most excited about?
From the authentication side, it’s especially important for customers to know that their security is being handled by a service run by people who do nothing else all day long. It’s well tested, it’s used by many other companies and software providers, it’s very mature. So the security benefits just by the mere fact that it’s no longer managed in house but by the experts.
Our expertise is semantic web – we have experience and background in security but it’s not our expertise the way it is for Keycloak. Our security practices are being supported by the people who know it best.
And maybe this isn’t so obvious but it goes hand-in-hand with integration. So the high-level benefit for customers is that now it’s even easier to integrate their third party services and applications within this umbrella.
The high-level benefit for customers is that now it’s even easier to integrate their third party services and applications within this [security] umbrella.
Interested in learning more about the PoolParty 2022 release? Head over to our release hub for all the content and more developer interviews.
