[keycloak-dev] Realm users

Marek Posolda mposolda at redhat.com
Wed Sep 4 18:58:09 EDT 2013 

On 4.9.2013 17:53, Gabriel Cardoso wrote:
>> How about be consistent and use just FirstName/LastName combination 
>> in all places? FullName is especially bad during registration as 
>> underlying model (class UserModel) is using combination of 
>> FirstName/LastName, which means that after registration, we must 
>> programatically parse fullName and try to obtain firstName/lastName 
>> from it (note that this is really not good as some languages are 
>> using 3 names, some others are using lastName before firstName etc...)
> Yes, that was my fault. I agree with the combination 
> FirstName/LastName in all places. For good english, shouldn't we write 
> "First Name" / "Last Name"?
yes, sure. We should use "First Name" / "Last Name" . I just combined UI 
labels with names of variables in source code, that's why I ended with 
"FirstName/LastName":-)
>
>>> Realm advanced search of users: 
>>> https://gatein.mybalsamiq.com/projects/keycloak/Realm%20users%20search
>> Not sure what is difference between "search" and "advanced search" ? 
>> Is it that for "search" you can specify just one field and for 
>> "advanced search" you can specify more fields? I am asking because in 
>> the picture the "Bubble" is around "Search" but there is form for 
>> filling all fields, so it seems that it's more related to advanced 
>> search?
> The search is the initial field where you can type in whatever you 
> want (first name, last name, user name, email). By clicking advanced 
> search, the bubble appears. I was inspired by the Gmail search, where 
> it keeps the "search" input at the top. But since the "search" field 
> won't be used at that time, it is probably better to put the bubble 
> above it.
>
Thanks for the clarification Gabriel
>
>>> Realm new user / edit user: 
>>> https://gatein.mybalsamiq.com/projects/keycloak/Realm%20new%20user
>> I am not sure if I understand correctly 'By clicking it, the fields 
>> "Current password" and "New password" appear'. Does that mean that to 
>> change password administrator needs to know old password of user? I 
>> don't think that it is possible as in underlying backend model 
>> (Picketlink) are passwords saved hashed and salted, so administrator 
>> couldn't know the original password of user.
> So for admins we should only display the "New password" field, correct?
> Should we display "Current password" whenever the user is trying to 
> update his own password?
hmm... not sure if it's necessary as user would have possibility to 
change his password in Keycloak UI, but he needs to authenticate to 
Keycloak before he can go there, which means that he already provided 
his password during Keycloak authentication. It may be also possible 
that some user wants to setup his password even if he doesn't have any 
"current password" (For example if he register to Keycloak through 
social network)

Marek
>
>> How about other credential types like TOTP?
> Probably better to ask Bill/Stian/Bolek since I don't even know what 
> TOTP is ;)
>
> Good comments, Marek!
>
> Gabriel
>
> --
> Gabriel Cardoso
> GateIn Portal | User Experience Designer
>
>
>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20130905/986e6d2c/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 45636 bytes
Desc: not available
Url : http://lists.jboss.org/pipermail/keycloak-dev/attachments/20130905/986e6d2c/attachment-0001.png

More information about the keycloak-dev mailing list