<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On 17 February 2016 at 17:09, Aikeaguinea <span dir="ltr"><<a href="mailto:aikeaguinea@xsmail.com" target="_blank">aikeaguinea@xsmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">It seems the add-user.sh script for changing the admin password only<br>
accepts the password as a -p command-line parameter. This would expose<br>
the password in the command history, so I'd prefer not to use the<br>
command in its current form.<br></blockquote><div><br></div><div>That's a mistake we'll fix that. If not specified it should prompt for it. Added <a href="https://issues.jboss.org/browse/KEYCLOAK-2501">https://issues.jboss.org/browse/KEYCLOAK-2501</a></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<br>
Is there another way to do this?<br>
<br>
The situation is even more complicated with Docker, since running the<br>
script to change the Wildfly admin password requires restarting the<br>
server, which shuts down the container. If you have an autoscaling<br>
group, the container that gets brought up is not the container where you<br>
changed the password, but instead the original container. This seems to<br>
mean that the only way to have Keycloak run in Dockers in an autoscaling<br>
group is to bake the admin passwords into the Docker image beforehand.<br>
This isn't ideal; less so if the only way to add those passwords during<br>
build time is to run the shell script that exposes the password on the<br>
command line.<br></blockquote><div><br></div><div>You need to set the password once for your database. This can be done prior to accessing the admin console the first time. Take a look at <a href="https://github.com/jboss-dockerfiles/keycloak/blob/master/server/README.md">https://github.com/jboss-dockerfiles/keycloak/blob/master/server/README.md</a>, you can use docker exec to do this.</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<span class=""><font color="#888888"><br>
--<br>
<a href="http://www.fastmail.com" rel="noreferrer" target="_blank">http://www.fastmail.com</a> - Access your email from home and the web<br>
<br>
_______________________________________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br>
</font></span></blockquote></div><br></div></div>