[keycloak-user] Passwords for keycloak

Dmitry Telegin dt at acutus.pro
Sun Jul 22 20:48:19 EDT 2018 

Hi Matt,

Seems like you've already figured out everything yourself :)

After you have your CredentialStoreSpi implemented, you should be able
to use "--credential-reference={store=my_store, alias=database-pw}"
instead of "--password" while configuring datasource via jboss-cli.sh.

How is it going with the implementation? BTW is it HashiCorp Vault
you're trying to integrate with?

Cheers,
Dmitry Telegin
CTO, Acutus s.r.o.
Keycloak Consulting and Training

Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
+42 (022) 888-30-71
E-mail: info at acutus.pro

On Wed, 2018-07-18 at 22:08 -0700, Matt Evans wrote:
> Doing a bit of further googling about jboss/wildfly, should I be
> looking at implementing the CredentialStoreSpi as detailed in section
> 4.1.8 of this article?
> 
> https://access.redhat.com/documentation/en-us/red_hat_jboss_enterpris
> e_application_platform/7.1/html/how_to_configure_server_security/secu
> rely_storing_credentials
> 
> Could I then use that credential store to configure the data source?
> 
> Thanks
> 
> Matt
> 
> -----Original Message-----
> From: Matt Evans 
> Sent: Thursday, 19 July 2018 2:42 PM
> To: keycloak-user at lists.jboss.org
> Subject: [keycloak-user] Passwords for keycloak
> 
> Is it possible to extend keycloak to read its settings, specifically
> passwords, from a secure configuration store? For example, how would
> I go about having keycloak read the password for the database
> connection from a secure store, so it's not stored in the config
> files on the machine, or passed as command line parameters?
> 
>  
> 
> Thanks
> 
>  
> 
> Matt
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.jboss.org_
> mailman_listinfo_keycloak-
> 2Duser&d=DwICAg&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=8v1OA
> q8sCvoGRIPd-
> IGvCVHI6L8Cwvp2ANtoqmsCBYY&m=gHuodr78XcGcZlTriPKgtawh7WUFIrGFf3RLC2eQ
> aBs&s=me9vViYHTZl_8XeCzceLxIAAY8M7Jq0VIjmPU4NEEuc&e=
> 
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

More information about the keycloak-user mailing list