bundle an SMTP server?
by Bill Burke
Along the lines of wanting to run out of the box, is there any reason we
shouldn't bundle an SMTP server (i.e. James) and have it preconfigured?
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
10 years, 8 months
default roles changes
by Bill Burke
I'm trying to resolve merge conflicts and came across the new default
roles changes.
Why are you adding default roles to tokens? This is just not correct
and not the way we should be doing things. Instead, default roles
should be used to populate user role mappings when a user is created.
I'm removing the token population code you ahve.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
10 years, 8 months
JPA model committed
by Bill Burke
* I may have fucked up something as I had like 6 files in conflict when
merging.
* Relational model needs some fine tuning. Relied a lot on JPA defaults
for schema creation
* I remove any Picketlink dependencies in our codebase where
appropriate. This involved creating a tiny SPI for our model backends:
ModelProvider. I also had to fork these Picketlink classes:
- Base32
- SHAPasswordEncoder
- TimeBasedOTP
* In the future, the testsuite directory should be made to run with
multiple backends
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
10 years, 8 months
Loading feedbacks
by Gabriel Cardoso
Hi guys,
I was talking to Alex and we agree that the "Loading…" feedback is important to the user. We identified three situations where it happens in Keycloak:
1. When accessing the console right after logging in
2. When browsing to another page
3. When clicking on a button in a form, like "Save".
For the situations 1 and 2, we could display a loading spinner in the middle of the page, like this: http://ejsclient-cardosogabriel.rhcloud.com/loading.html . I'm considering that right after clicking a link, the content area gets empty, so this loading would be easily visible. Is that correct?
For the situation 3, we could just replace the text of the button by "Loading…" wile the request is processed.
Do you guys see other situations where a loading feedback is necessary? Do you think this solution cover our demand?
Thanks,
Gabriel
--
Gabriel Cardoso
GateIn Portal | User Experience Designer
10 years, 8 months
Default roles for self-registered users
by Stian Thorgersen
It has to be possible to define roles assigned to self-registered users, including roles for the realm, and for individual applications. Without this self-registering users is a useless feature.
There are different options to providing this feature:
1. List of default roles associated with a realm and with applications. This is clearly the simplest solution, we already have it for realms, but can't config it through the admin console
2. Composite roles. This is slightly more complex as we need to support composite roles, but then after that you probably need to be able to list default roles (including composites) for realms/applications as well, so it would require option 1
3. Groups. Similar work required to implement as composite roles, but harder to integrate nicely with oauth scopes
My plan was to go with option 2, but with the store being ripped out that makes it harder to do that now. It would have to wait until the store is completed, which I don't know how long will take. Option 1 is a lot simpler to implement, and wouldn't be replaced by option 2 it would be in addition, so unless there's objections I'll start work on option 1.
10 years, 8 months
Keycloak M1 distribution
by Stian Thorgersen
What will the distribution of Keycloak be for M1? Just keycloak-server.war? Should this be deployable to AS 7.1.1.Final and WildFly?
OpenShift QuickStart
--------------------
For OpenShift I thought a QuickStart using the AS 7.1.1.Final cartridge would be the simplest option. The QuickStart basically is a github repo that contains a starting point to get Keycloak installed. It would update the Resteasy version + install keycloak-server.war. To start a Keycloak instance using rhc you'd use:
# rhc app-create keycloak jbossas-7 --from-code https://github.com/keycloak/keycloak-openshift-quickstart.git
We could also make the QuickStart automatically configure Keycloak to use PostgreSQL if available. For example if creating a Keycloak instance with the following it would use PostgreSQL instead of H2:
# rhc app-create keycloak jbossas-7 postgresql-9.2 --from-code https://github.com/keycloak/keycloak-openshift-quickstart.git
WildFly
-------
I've tried to run Keycloak on WildFly and ran into a PicketLink/Hibernate issue (see https://issues.jboss.org/browse/KEYCLOAK-135 for details). PicketLink guys have merged fix, but that would require upgrading to 2.5.3.Final when it's released.
I've also tried to upgrade to PicketLink 2.5.2.Final, but am having some issues with the ApplicationData/Entity. When loading the Application from the database, PicketLink tries to set a RealmData on ApplicationData.resourceUser which you may imagine throws an exception. I've added it to https://github.com/stianst/keycloak/tree/pl-2.5. It's either a bug in PicketLink, or a mistake in ApplicationData/Entity, I'm not sure which though.
10 years, 9 months
