Keycloak Premium Support
by Bhavana Motwani
Hi all,
I'm new to this community!
I had a query around paid support for Keycloak. The archives had some posts
around 2016, but I could not find any latest update, so please excuse me if
this is common knowledge.
We are trying to use Keycloak for SSO auth of our customers.
We were looking to buy Support for the same.
We have not currently bought any other product like RH-SSO or JBoss
Middleware.
1. Does buying
https://www.redhat.com/en/store/red-hat-jboss-enterprise-application-plat...
give
me Support for Keycloak?
2. Is anything else also needed to be purchased?
3. Will this Support help with technical questions like configuring
IdP-initiated workflows? We were able to make the SP-initiated workflows
work, but getting stuck with IdP-initiated flow.
Thank you
6 years
Client in VERIFY_EMAIL event is "account" when doing in different browser
by Libor Krzyzanek
Hi,
I just realised that when user do verification email in restarted browser (or incognito mode or on different device) then the client is always “account”.
I expect that client in this event would be always the client during which user has been asked to verify e-mail and received the verification e-mail.
It works in this way only if user do email verification on same device and same browser.
Is my expectation correct?
I’m using Keycloak 3.4.3.Final
Should I fire a ticket?
Thanks,
Libor Krzyžanek
Principal Software Engineer
Middleware Engineering Services
6 years
Update password user experience
by Guilhem Lucas
Hello,
Currently, a user choosing a password that violates password policies is
notified for the first failing policy only. The user needs several attempts
to find a valid password by discovering password policies one by one.
I think that this is a bad user experience that could be enhanced by one of
the following improvements.
1 - Display password policies in update password form
Account and login Freemarker template provider could be modified to add a
"policies" attribute in template context. This could be done by completing
the RealmBean object with a passwordPolicies property that contains the
list of enabled password policies.
This new property could then be used in templates to display password
requirements.
For example:
Your password must:
- contain at least one symbol
- contain at least one lower case character
- have 8 characters minimum
- not be equal of any of last 3 passwords
2- Report all failing policies
Templates are already designed to display a list of errors. Instead of stop
password validation on first policy error, it could be possible to continue
validating other policies and return a list of errors. This list can be
added to the template using the existing LoginFormsProvider#setErrors()
method.
Do you plan to add such improvement in a future release?
Thank you.
Guilhem Lucas
6 years
Custom UserStorageProvider for a different database
by Steffen Kreutz
Hey guys,
I am trying to create a custom UserStorageProvider for an external Postgres database. I don’t wnat to manage the users in Keycloak, so I think it should be enough to implement UserStorageProvider and UserLookupProvider. Now I am wondering how I can configure and retrieve the datasource for my provider. I thought about adding another datasource to Wildfly. We run Keycloak in Kubernetes and I think setting up the datasource could be scripted using the jboss-cli. Do you think this is a good approach or do you have better advices?
Best,
Steffen
6 years
Keycloak testsuite artifacts on maven, for module testing
by Doswald Alistair
Hello,
Are the keycloak testsuite artifacts pushed to a public repository? Or if not, would it be possible to publish them alongside the other keycloak artifacts?
We are currently updating the cloudtrust keycloak modules to the latest version of keycloak, and as a part of that we are moving the tests from mocks to arquillian. Since there's a lot of great work already done, we reuse the keycloak testsuite artifacts for this. For our purposes this is fine (we have them cached in our local repository), but for anybody who wishes to build our modules from github it's a bit more cumbersome. On a more general level, it would probably also help other module developers who wish to unit test with arquillian.
Best regards,
Alistair
6 years
