admin ui up on openshift
by Bill Burke
http://keycloak-p1b.rhcloud.com/auth-server/rest/saas/login
Register and create your realms. Working pages:
* Realm create
* Broke up realm detail page into multiple parts
* User creation/query
* User Role mappings. Ugly, but functional. Needs some Gabriel love.
And suggestions
* Application view/creation
Next, going to work on scope mappings, oauth client configs, and filling
in missing details and missing configurations switches in existing forms.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
11 years, 2 months
Testsuite now executes during normal build
by Stian Thorgersen
I've removed Arquillian from the testsuite, and it now starts Keycloak directly using Undertow (same as AbstractKeycloakServerTest). By default the HtmlUnit WebDriver is used to make the tests run quickly (and without an annoying browser window popping up), but Chrome (-Dbrowser=chrome) or Firefox (-Dbrowser=firefox) are also supported.
Let me know if anyone is having problems building and I'll sort it out ASAP.
11 years, 2 months
Hangout today
by Stian Thorgersen
Bill,
Are we having a hangout today? If so I'm available after 15 UTC (1h 30min from now).
Bolek would probably want to join as well.
11 years, 2 months
Problems with Filter session management
by Bill Burke
There's a problem using servlet filters to manage KeycloakSession objects.
1) We may not be in a servlet environment. It seems that MBaaS may want
to avoid having a servlet container
2) Not all exceptions are propagated to Servlet Filter, thus, no
automatic rollbacks. i.e. WebApplicationException and all its varients
like NotFoundException
3) You may think, "Well, we can write an ExceptionMapper to rollback",
but you'd be wrong. Stupid idiotic JAX-RS spec will not run an
ExceptionMapper for a WebApplicationException that has an entity.
There's two ways we could fix this problem:
1) Bring back the Transaction class
2) Write a JAX-RS ContainerRequestFilter that starts the session. Write
a JAX-RS ContainerResponseFilter that will check the response code to
see if it is a) successful, or b) a redirect and commit, otherwise rollback.
Thoughts?
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
11 years, 2 months
Remove Arquillian from testsuite
by Stian Thorgersen
I'm thinking about removing Arquillian from the testsuite and use AbstractKeycloakServerTest instead. This removes the requirement of having JBoss AS available to run the tests, and will make it simpler to have the testsuite run as part of a regular build.
I've already removed Arquillian Drone and Graphene, as they didn't really provide that much value-add.
Any objections?
11 years, 2 months
Role mapping page
by Bill Burke
The role-mapping sub-page looks awesome, but I don't think we can use
it. While most apps are only going to have a few roles, we could be
dealing with hundreds of roles depending on the deployment. The current
UI, IMO can't handle this scenario.
Another issue that will come up later is Role Groups. Role groups will
be able to have both realm and application roles within them. In a role
mapping list for the user, you should be able to see the role that was
assigned from a role group, but not remove it, and maybe also a way to
identify which group the role was inherited from.
I'm going to put a crude UI together with backend to flush things out a
little then will need some input and work done by Gabriel or Viliam to
put their artistic stamp on it.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
11 years, 2 months
What is everybody working on?
by Bill Burke
This may change depending on what we decide for M1, but I'm working
right now on:
* Getting Gabriel's new screens incorporated as best as possible into
existing admin UI
* I've designed on paper the core screens for admin UI. I'll be
implementing based on Gabriel's existing styles. I'll need to have a
feedback iteration loop with Gabrield to move forward. It has to be
give and take. Meaning, I need to be allowed to improve Gabriel's
screens and vice-versa. It's seemed more one-way so far...
* Reorganizing Javascript so we can work in parallel together
I'll have something to show by next Tuesday. I'll be committing early
and often before then if you want to see what's going on.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
11 years, 2 months
Re: [keycloak-dev] Verify email / Configure TOTP screens
by Stian Thorgersen
Exactly what we need. There seems to be some CSS issues on my computer with the TOTP screen though. The darker box is not in same location as on the login screen + "3 Enter the one-time-password" is on the right of everything else. I've attached a screenshot
----- Original Message -----
> From: "Stian Thorgersen" <stian(a)redhat.com>
> To: "Gabriel Cardoso" <gcardoso(a)redhat.com>
> Cc: keycloak-dev(a)lists.jboss.org
> Sent: Saturday, 21 September, 2013 9:11:40 AM
> Subject: Re: [keycloak-dev] Verify email / Configure TOTP screens
>
> Exactly what we need. There seems to be some CSS issues on my computer with
> the TOTP screen though. The darker box is not in same location as on the
> login screen + "3 Enter the one-time-password" is on the right of everything
> else. I've attached a screenshot
>
> ----- Original Message -----
> > From: "Gabriel Cardoso" <gcardoso(a)redhat.com>
> > To: keycloak-dev(a)lists.jboss.org
> > Sent: Friday, 20 September, 2013 9:54:00 PM
> > Subject: [keycloak-dev] Verify email / Configure TOTP screens
> >
> > Stian,
> >
> > I've just implemented more screens related to the user actions:
> >
> > - Google Authenticator Setup:
> > http://ejsclient-cardosogabriel.rhcloud.com/saas-totp-setup.html
> >
> > - Email Verification:
> > http://ejsclient-cardosogabriel.rhcloud.com/saas-email-verification.html
> > I created this page based on the User Actions document . Does this work?
> >
> > Gabriel
> >
> > --
> > Gabriel Cardoso
> > GateIn Portal | User Experience Designer
> >
> >
> >
> > _______________________________________________
> > keycloak-dev mailing list
> > keycloak-dev(a)lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-dev
> >
11 years, 2 months