Themes per client
by Jorge M.
Is there any chance to configure login themes per client, instead of per
realm?
Basically I need to set a different login page for a mobile app client. The
app client is not directly related with the other clients of my realm
(different branding, name, logo, colors, etc), but it shares the user
accounts.
Thank you.
8 years, 4 months
scope and client templates
by Bill Burke
So, what to do about scope and client templates? Client templates could
have "full scope allowed" or define a scope. A client would either
click "full scope allowed" or it can add additional scoped roles.
Sound ok?
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
8 years, 4 months
Need Help
by Bheemanagouda A
Hi All,
I would like to contribute to the keycloack project, can someone please
guide me.
--
Regards,
Bheeman
8 years, 4 months
client templates and default mappers
by Bill Burke
What to do with default mappers and clients and client templates?
When you create a client, it automatically adds default mappers for each
protocol. Now with client teampltes, if you create a client and specify
a client template when you create it, it will not add default mappers to
the client. Sound like right behavior?
When creating a client template, should efault mappers be added to the
temaplte automatically? Or should the user have to manually add them?
The mappers tab of a client will have a link "view template mappers"
which will bring you to the template's mapper page. You will be able to
add additional mappers to your client, but you will not be able to
override a template's mappers.
Sound cool enough?
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
8 years, 4 months
Tables in our Admin UI
by Stan Silvert
I'd like to get feedback on our tables. For partial import, I have a
summary table of what was imported and I need things like sorting,
pagination, and maybe filtering.
I looked at PatternFly's Table View[1], which would ideally be the way
to go.
The problem here is that it's based on jQuery/dataTable[2] and it's a
bit problematic to get it working with Angular. It can be done, but I'm
not seeing a good consensus on the best way to go about it. From what
I've found so far, mixing jQuery/dataTable with Angular just doesn't
look clean to me.
I'm sure some of you have give a lot of thought to our tables already.
Any ideas?
[1] https://www.patternfly.org/patterns/table/
[2] http://datatables.net/
8 years, 4 months
Using Cassandra as storage backend, fully customize admin console
by chanras.sun@jcamst.com
Dear Keycloak Team,
Since my architecture is designed to be based on Cassandra for primary
storage backend and ElasticSearch for search functionality.
Where should I start, if I need to change code base of keycloak to use
Cassandra and customize field required for login and registration.
For example. I don't want to have "username" field in my registration page.
We need only "firstName","lastName","email", "password", and
"confirmPassword".
I want to custome "keycloak-server.war" to fit with my application.
Where can I get start to customize "keycloak-server.war".
PS:Using Themes and SPI provide by keycloak is not enough to customize to
fit my implementation.
Best Regards,
Sun Chanras
8 years, 4 months
Use Cassandra as storage instead of MySQL and MongoDB
by chanras.sun@jcamst.com
Hi,
My core backend system use Cassandra and Elasticsearch, running on Wildfly
9.
I need to change keycloak data store implementation to use Cassandra instead
of MySQL and MongdoDB. I need also change login, sign up to fit with my web
app.
What is the best way to change as I mentioned above?
Best Regards,
Sun Chanras
8 years, 4 months
Re: [keycloak-dev] Add custom REST paths? New SPI?
by Erik Mulder
Pedro's change (see below) is kindof what I was looking for, but for my case and for general flexibility I think it's good to also have a more basic point to hook into the REST API's.
I implemented and tested my own suggestion of having an SPI to be able to add a REST resource at the root level. Combined with the (coming) ability to freely extend the JPA entities and DB schema, I think this creates a really powerful extensibility to Keycloak. When we finish these changes, I can write a blog post about what we did, why and how as a showcase for custom extensions to Keycloak.
So are the Keycloak dev's open to a PR with a new SPI that enables you to add custom REST paths?
For example, you could create something like:
http://localhost:8080/auth/myPath/myResource
-----Oorspronkelijk bericht-----
Van: Pedro Igor Silva [mailto:psilva@redhat.com]
Verzonden: maandag 7 december 2015 22:18
Aan: Erik Mulder <erik.mulder(a)docdatapayments.com>
Onderwerp: Re: [keycloak-dev] Add custom REST paths? New SPI?
It is part of a working in progress around fine-grained authorization [1].
The new SPI changes [2] specific to Keycloak are located in a specific branch [3] in my Keycloak fork.
I need to discuss these changes with Bill and see what he thinks about it. Depending on his feedback, I can prepare a PR and send these changes to upstream.
[1] https://github.com/pedroigor/keycloak-authz
[2] https://github.com/pedroigor/keycloak/commit/5e99614aacb70f7840a5ae25cfea...
[3] https://github.com/pedroigor/keycloak/tree/keycloak-authz-modified
Regards.
----- Original Message -----
From: "Erik Mulder" <erik.mulder(a)docdatapayments.com>
To: "Pedro Igor Silva" <psilva(a)redhat.com>
Sent: Monday, December 7, 2015 5:51:26 PM
Subject: RE: [keycloak-dev] Add custom REST paths? New SPI?
Great, that's probably all we need!
I'd like to try it out, but I cannot find any reference to what you mention on Github. Is it (going to be) a pull request? Is it going to be part of a future release?
Can you point me to / provide me with these changes so I can give it a spin? Thanks!
________________________________________
Van: Pedro Igor Silva [psilva(a)redhat.com]
Verzonden: maandag 7 december 2015 16:03
Aan: Erik Mulder
CC: keycloak-dev(a)lists.jboss.org
Onderwerp: Re: [keycloak-dev] Add custom REST paths? New SPI?
I've done something at this regard, where you can use a SPI in order to plug additional APIs for:
* Realm Admin RESTFul API (eg.: used by admin console)
* Realm RESFTFul API (eg.: to plug additional endpoints for realms)
The two Provider interfaces are very simple and just provide a single method:
Object getResource(String pathName);
Where pathName is the path that must be resolved to your custom JAX-RS resource.
The factories are also very simple and allows you to build those resources for the current Realm and KeycloakSession. Eg.:
RealmResourceProvider create(RealmModel realm, KeycloakSession keycloakSession);
Do you need something other than that ?
Regards.
Pedro Igor
----- Original Message -----
From: "Erik Mulder" <erik.mulder(a)docdatapayments.com>
To: keycloak-dev(a)lists.jboss.org
Sent: Monday, December 7, 2015 12:46:39 PM
Subject: [keycloak-dev] Add custom REST paths? New SPI?
As some of you might know, our team is busy adding data to the keycloak system to incorporate some custom authorization information in the access token.
So far we've successfully extended the JPA entities, Liquibase table definitions and added a custom mapper to put that data in the access token. All of this without custom modifications to the original keycloak sources. This is working great, thanks for the support so far!
I know I've promised some PR's for this and they will come, but first we'd like to get everything fully working, so we know it's a well functioning whole.
The last piece of the puzzle is extending the REST services to include CRUD actions for our custom resources. I've been looking into the way RESTEasy/JAX-RS works and it seems to me that in the current implementation there is no way to add extra paths. As I see it now, the KeycloakApplication class will register some singletons in it's constructor and that's that. No way to extend or to 'interfere' there.
So my question is: is there any 'official' way to add extra REST paths to Keycloak?
If not, is it an idea to add this as a new SPI? The current code for adding root paths in the KeycloakApplication constructor lists:
singletons.add(new ServerVersionResource());
singletons.add(new RealmsResource());
singletons.add(new AdminRoot());
So just plain contructor calls. That seems like an easy target for 'SPI-ing' :-).
Or just leave the current ones 'hardcoded' and add an SPI for custom extensions.
Your thoughts on this please.
As before, I'm happy to implement this myself, but I'd like to discuss it first, so a future PR will be honored.
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev
8 years, 4 months
