From: "Bill Burke" <bburke(a)redhat.com>
Sent: Wednesday, 28 May, 2014 2:27:06 PM
Subject: Re: [keycloak-dev] Default admin password
While we're on the topic of making things easier. It would be cool if I
could package up a theme in a jar (like web fragments) and not have to
do any coding like I had to do to add a theme to the aerogear example.
On 5/28/2014 4:47 AM, Stian Thorgersen wrote:
> It would be nice to extract the ApplianceBootstrap into a
> keycloak-boostrapping.json file. That would let AeroGear and LiveOak
> modify this file instead of having to extend the KeycloakApplication. It
> would be nice if AeroGear and LiveOak had to maintain less redundancy in
> the future. At the moment they both have to build their own custom WAR,
> maintaining all dependencies, web.xml, persistence.xml, extending
> KeycloakApplication, etc. I think we could make this simpler by adding the
> WAR to Maven, then have Maven remove whatever dependencies AeroGear
> doesn't use, replace the keycloak-boostrapping.json, and that's it.
> The initial password is only used on first boot, so the server config file
> isn't suitable.
> ----- Original Message -----
>> From: "Marek Posolda" <mposolda(a)redhat.com>
>> To: keycloak-dev(a)lists.jboss.org
>> Sent: Wednesday, 28 May, 2014 9:27:04 AM
>> Subject: [keycloak-dev] Default admin password
>> Currently there are many things for initialization of master realm
>> hardcoded in ApplianceBootstrap including the initial password of admin
>> user. Maybe it's not so big issue as user is required to change admin
>> password after first login, but still it's not ideal IMO because if
>> someone access admin console faster than you, he can change admin
>> password and gain full admin access.
>> I wonder if we can improve this? At least adding initial admin password
>> into keycloak-server.json may help a bit as people can change default
>> value from "admin" to something else. wdyt?
>> keycloak-dev mailing list
> keycloak-dev mailing list
JBoss, a division of Red Hat
keycloak-dev mailing list