[keycloak-user] Brute Force Detection breaks Social login

Thomas Raehalme thomas.raehalme at aitiofinland.com
Wed Jul 6 05:57:33 EDT 2016 

Hi!

I was told just last week by our local RedHat distributor that RH SSO 7.0
is part of the JBoss Core Services and that JBoss Core Services
subscriptions are included at no additional charge with subscriptions for
JBoss EAP, JBoss Data Grid, JBoss Fuse, JBoss A-MQ, JBoss Data
Virtualization, JBoss BRMS and JBoss BPM Suite. Subscribers to these
products receive full entitlement to all the components within JBoss Core
Services Collection.

Best regards,
Thomas


On Wed, Jul 6, 2016 at 12:18 PM, Valerij Timofeev <
valerij.timofeev at gmail.com> wrote:

> Hi Stian,
>
> https://access.redhat.com/products/red-hat-single-sign-on
>
> http://blog.keycloak.org/2016/06/productized-keycloak-now-available-from.html
>
> We are able to download RH SSO 7.0.0 via our RH EAP account.
> But there is no information whether RH SSO is included in the EAP licence.
> We've contacted sales of the RH Partner in Germany, where we purchased the
> EAP licence: they said that they will be able to give clear answer
> approximately in 1-2 months.
>
> As already mentioned in this thread we would like to migrate our
> production setup from Keycloak 1.9.4 to RH SSO 7.0.x
> But I won't get OK for migration from my boss as long as the situation
> with the licence is not clear.
>
> Could you please clarify this point?
>
> Kind regards
> Valerij
>
>
> 2016-07-05 19:22 GMT+02:00 Stian Thorgersen <sthorger at redhat.com>:
>
>> Thanks Bruno.
>>
>> I've added an RH-SSO issue and scheduled it to be included in RH-SSO
>> 7.0.1.
>>
>> On 5 July 2016 at 16:59, Bruno Oliveira <bruno at abstractj.org> wrote:
>>
>>> I just completely tried in a fresh new browser profile and managed to
>>> reproduce your issue. It happens with 1.9.x and Facebook accounts.
>>>
>>> I've create da Jira for this:
>>> https://issues.jboss.org/browse/KEYCLOAK-3267
>>>
>>>
>>> On 2016-07-05, Bruno Oliveira wrote:
>>> > I've just downloaded and tried with 1.9.8 too, it works. Is this
>>> happening with
>>> > all users? Have you considered to setup an isolated environment from
>>> > scratch?
>>> >
>>> > On 2016-07-05, Valerij Timofeev wrote:
>>> > > Hi Bruno,
>>> > >
>>> > > thank you for the check.
>>> > > We are going to migrate our production setup from Keycloak 1.9.4 to
>>> Red Hat
>>> > > SSO 7.0, which is based on Keycloak 1.9.8.
>>> > > Direct migration to 2.0.0.Final would be for us too risky, but still
>>> an
>>> > > option somewhen later.
>>> > >
>>> > > @All,
>>> > > any ideas for Keycloak 1.9.x? May be there is some setting we miss
>>> allowing
>>> > > us to use both "peacefully".
>>> > >
>>> > > Kind regards
>>> > > Valerij
>>> > >
>>> > > 2016-07-05 15:59 GMT+02:00 Bruno Oliveira <bruno at abstractj.org>:
>>> > >
>>> > > > Hi Valerij,
>>> > > >
>>> > > > I've tested against 2.0.0.Final right now and I couldn't reproduce
>>> your
>>> > > > issue.
>>> > > >
>>> > > > I have brute force enabled by default here and Facebook configured
>>> > > > exactly like described at the docs.
>>> > > >
>>> > > > Not sure how to reproduce your issue :/ Maybe, give 2.0.0.Final a
>>> try?
>>> > > >
>>> > > > On 2016-07-05, Valerij Timofeev wrote:
>>> > > > > Hi all,
>>> > > > >
>>> > > > > it looks like the Brute Force Detection breaks Social login.
>>> > > > >
>>> > > > > I've:
>>> > > > > 1) downloaded keycloak-demo-1.9.8.Final
>>> > > > > 2) setup Facebook Identity provider
>>> > > > > 3) successfully tested Facebook login
>>> > > > > 4) activated Brute Force Detection with default values
>>> > > > > 5) tested Facebook login: it fails with the error message:
>>> "Account is
>>> > > > > disabled, contact admin."
>>> > > > >
>>> > > > > I wonder whether somebody has ever tested this combination.
>>> > > > >
>>> > > > >
>>> > > > > Kind regards
>>> > > > > Valerij Timofeev
>>> > > >
>>> > > > > _______________________________________________
>>> > > > > keycloak-user mailing list
>>> > > > > keycloak-user at lists.jboss.org
>>> > > > > https://lists.jboss.org/mailman/listinfo/keycloak-user
>>> > > >
>>> > > >
>>> > > > --
>>> > > >
>>> > > > abstractj
>>> > > > PGP: 0x84DC9914
>>> > > >
>>> >
>>> > --
>>> >
>>> > abstractj
>>> > PGP: 0x84DC9914
>>>
>>> --
>>>
>>> abstractj
>>> PGP: 0x84DC9914
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>
>>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160706/368e3d36/attachment-0001.html

More information about the keycloak-user mailing list