Traefik includes a forward-auth middleware, but there is also an OIDC-specific middleware in Traefik Enterprise Edition https://traefik.io/glossary/openid-connect-everything-you-need-to-know/
Is it possible to achieve OIDC auth with just the free forward-auth middleware in Traefik proxy? I want to secure an example service using Keycloak on Rancher Kubernetes. The forward-auth documentation isn't clear as to what the auth server can be.
Also, this GitHub project seemingly supports OIDC, https://github.com/thomseddon/traefik-forward-auth but I am a little confused with the similar names. Is it the same or different from Traefik's forward-auth? Can I use this in a production setup?
yes, it's possible to achieve the OIDC auth with the forward-auth middleware but you need also an external service like https://github.com/thomseddon/traefik-forward-auth.
I'm still working on it to create a production ready service, i found this interesting project that do the work https://oauth2-proxy.github.io/oauth2-proxy/ instead of thomseddon container.
I suggest this example project, made on top of docker, it explain well the behavior of the system https://github.com/BlackBeltTechnology/traefik-keycloak-sso-reverse-proxy
There is also this well documented site https://geek-cookbook.funkypenguin.co.nz/docker-swarm/traefik-forward-auth/keycloak/