[keycloak-user] Managing Mysql relational database setup

Deepa Gaddigoudar deepag at aissel.com
Tue Oct 16 05:45:37 EDT 2018 

Hello again!,


What i have done so far is:

 1. Set up a keycloak 4.5.0 on localhost.
 2. Created realm and 3 clients within it (PHP codeigniter framework),
    configured using PHP Adapter
    [https://github.com/stevenmaguire/oauth2-keycloak].
 3. Relational Database setup: I have configured keycloak with *Mysql
    database *called keycloak(I m self grasping purpose of table).
 4.  From previous reply, i gotto know credentials, user_entity, are
    table for storing user credentials.

What i want is:

 1. I have existing users which are encrypted using *simpleloginsecure
    *library(I just know that this library uses md5).
 2. I either want to convert stored Md5 password to decrypt with help of
    PasswordHashProvider and store in original form.
 3. OR store them as is, and tell keycloak to continue to use
    *simpleloginsecure *library to secure password. (How to add custom
    library)?
 4. Which PasswordHashProvider do i need to use and how?(Please explain
    step by step).
 5. As i have 3 clients, i need to have a unique ID to identify the user
    belongs to which client. So can i alter any of the table user_entity
    or credentials?

Regards,

Deepa M G


On Monday 15 October 2018 04:47 PM, Deepa Gaddigoudar wrote:
> Dmitry,
>
> Below is my user table, password is hashed with md5 algorithm i.e
> (simpleloginsecure library) . Please suggest the steps to resolve.
> my user data table structure
>
> Regards,
>
> On Monday 15 October 2018 04:14 PM, Dmitry Telegin wrote:
>> Deepa,
>>
>> The importing process itself should be trivial, but before that you need to sort out the hash algorithm issue.
>>
>> Could you please show us some sample records from your MySQL user table? (provided that there's no sensitive info there; you can create a test user for that)
>>
>> Dmitry
>>
>> On Mon, 2018-10-15 at 16:00 +0530, Deepa Gaddigoudar wrote:
>>> Hello Dmitry,
>>>
>>> Can you please provide link of any source that i could refer for importing user credentials from existing mysql user table to keycloak "credentials" table!
>>>
>>> Regards,
>>> Deepa M G
>>>
>>> On Monday 15 October 2018 03:42 PM, Dmitry Telegin wrote:
>>>> Hello Deepa,
>>>>
>>>> On Mon, 2018-10-15 at 15:14 +0530, Deepa Gaddigoudar wrote:
>>>>> Hello All,
>>>>>
>>>>>
>>>>> I have configured keycloak DB from H2 to Mysql. My applications are
>>>>> working fine too. What i want is,
>>>>>
>>>>>    1. Can i manage the user credentials? (Because i want to import
>>>>>       existing users credentials generated before integrating application
>>>>>       with keycloak, as we dont want to create new user credentials and
>>>>>       make it difficult for end users).
>>>> The answer is "yes" provided that the hash algorithm is known.
>>>>
>>>> There are three hash algorithms supported out of the box, namely PBKDF2-{SHA1,SHA256,SHA512}
>>>> If your legacy hash format/algorithm is different from that, you'll need to implement a PasswordHashProvider.
>>>> Here's the example of how this was done for BCrypt: https://github.com/leroyguillaume/keycloak-bcrypt
>>>>
>>>>>    2. If i could import a existing credentials(username and password) to
>>>>>       keycloak mysql , then to which table?(Because i am not finding the
>>>>>       passwords) anywhere in table.
>>>> The table is called "credential".
>>>>
>>>> Good luck!
>>>> Dmitry Telegin
>>>> CTO, Acutus s.r.o.
>>>> Keycloak Consulting and Training
>>>>
>>>> Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
>>>> +42 (022) 888-30-71
>>>> E-mail: info at acutus.pro
>>>>
>>>>> Thanks you
>>>    
>>> -- 
>>> Deepa M Gaddigoudar | Software Developer
>>> Aissel Technologies Pvt. Ltd.
>>> A Block, Floor 2, IT Park, Hubli – 580029. India
>>> Ph (Ind) : +91 836-235-1011 l Ph: +1 347-966-8181
>>> Cell: +91 8951519616
>>> E-Mail: deepag at aissel.com

-- 
------------------------------------------------------------------------
*Deepa M Gaddigoudar | Software Developer*
Aissel Technologies Pvt. Ltd.
A Block, Floor 2, IT Park, Hubli – 580029. India
Ph (Ind) : +91 836-235-1011 l Ph: +1 347-966-8181
Cell: +91 8951519616
E-Mail: deepag at aissel.com

More information about the keycloak-user mailing list