i try to solve another customer requirement (with keycloak). We have to deal with general business terms as part of the registration.
When a user accepts the general business terms during registration we have to send these general business terms text as part of the verification email as a link or as an attched pdf.
What i have seen in the code might be extendible to attach a link or a pdf (not yet decided).
1) Link - if we simply would have this link as part of the template texts we need to redeploy these when the general business terms change. I would prefer to call an external service to resolve the correct url.
2) PDF - The service mentioned above can answer with a pdf. The pdf can then be attached/given to the mail process.
Any comments are welcome...
LuisenForum, Kirchgasse 6
Tel. +49 6122 70 70 7 -234
Fax. +49 6122 70 70 7 -199
Pflichtangaben laut Handelsgesetz §37a / Aktiengesetz §35a
USt-ID Nr.: DE250247455
Handelsregister: Wiesbaden B
Handelsregister Nr.: 22567
Geschäftsführer: Kian Toyouri Gould
Diese E-Mail Nachricht enthält vertrauliche und/oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail.
This e-mail message may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail.
Right now, if there is a timeout between actions when logging in, we
show an error page. I think I'd rather we just reset the ClientSession
and start over from the beginning. Might be a bit more user friendly.
JBoss, a division of Red Hat
Hitting the cancel button works. Hitting the cancel button sends you
back to the app, which sends you back to keycloak and starts a new
client session. So that would work fine.
What doesn't work is refreshing the page. Kerberos won't be attempted
again. Would it be ok that any browser page refresh might completely
reset the authentication flow and the user has to re login? If so, I
think I have a solution to the problem, but it would take quite a bit of
refactoring of the auth spi...Not another two months of work :) But
probably another few days or a week.
JBoss, a division of Red Hat
Maintaining and updating the realm model is a PITA. There's multiple implementations each with their own adapters and entities. We also have migration to deal with.
All in all we spend a significant amount of time updating the model, creating migrations and testing/fixing.
How about everything for a realm is just stored as a single blob (RealmRepresentation) and everything for a client the same (ClientRepresentation)?
We could have a single realm model provider that used the json representation classes. It would delegate storing to a much simpler realm store.
The realm store would just be a key to value store. The value would just be the serialized json. Implementing this and maintaining it would be much simpler.
Comments? Is this worth looking at?
I would like to ask if it is possible to secure a WebSocket endpoint
(which is deployed on Wildfly/EAP) using Keycloak?
The client part is written in Angular JS, so I would be also interested
in Angular JS WebSocket integration.