August 2017 - keycloak-user - Jboss List Archives

Test

by Kristiaan Jansen

Test if my mail arrives at keycloak user group.

7 years, 4 months

1
0
0 / 0

Master Realm Disabled

by Ionut Culda

Hello, I have disabled master realm of keycloak and i didn’t fine any way to re enable it. Is there any possibility to re-enable it? Thank you

7 years, 4 months

2
1
0 / 0

May need to drop OpenShift v2 cartridge

by Stian Thorgersen

Our OpenShift v2 cartridge [1] is based on the WildFly cartridge [2]. We have a problem now as Keycloak 3.3 will be based on WildFly 11, while the WildFly cartridge hasn't been updated (and probably won't be) to WildFly 11. So we may need to drop OpenShift v2 support unless someone is willing to work on it. [1] https://github.com/keycloak/openshift-keycloak-cartridge [2] https://github.com/openshift-cartridges/openshift-wildfly-cartridge

7 years, 4 months

1
0
0 / 0

Email verification redirect URL

by Krishna Kuntala

I am using Rest APIs to communicate with Keycloak for sending verification email (/send-verify-email?client_id=xxx&redirect_uri=application-url). This flow is working fine when user clicks on verfication link, "Back to application" link redirects me to intended "application-url". However with alternative flow, if the user does not click on this link and tries to login with his credentials, the user will be redirected to Account verification page. This sends one more email to the user with the link embedded in it. This link does not have provided/intended redirect_uri i.e. application-url. Instead it has redirect_uri to the default realm. I want to embed the same URI even in case another email is sent to the user for verification which is not happening in this case. Thanks and Regards, KK

7 years, 4 months

3
3
0 / 0

js-Adapter, SPA and Browser History

by Leuthold, Michael

Hello, we using keycloak-js 3.0.0 to provide SSO over a couple of SPAs written in Angular using onLoad: 'login-required'. This basically works, however everytime when switching between applications, we see a history entries for the initial request which makes the browser back-button essentially useless when trying to navigate back. To simply reproduce this: when accessing an application from a blank page with no history will leaves us with one history entry to that very same application. Can anybody confirm this or report the opposite? Thanks, Michael PROSOZ Herten Softwareentwicklungs- und Beratungsgesellschaft für Gemeinden, Städte und Kreise mbH * Geschäftsführer: Horst Stoffner, Petra Hertel * Vorsitzender des Aufsichtsrates: Wolfgang Kumpf * Sitz der Gesellschaft: Herten * Registergericht: AG Recklinghausen, Registernummer HRB 3307 Diese E-Mail enthält vertrauliche Informationen und ist ausschließlich für den Adressaten bestimmt. Sollten Sie diese E-Mail irrtümlich erhalten haben, informieren Sie uns hierüber bitte unter info(a)prosoz.de oder unter der o. a. Telefonnummer, und löschen Sie diese E-Mail aus Ihrem System. Bitte beachten Sie, dass die Weitergabe, Kopie und sonstige unautorisierte Nutzung der E-Mail verboten sind.

7 years, 4 months

1
0
0 / 0

Re: [keycloak-user] user panel everywhere - no automatic redirect

by Michal Keda

Both Principal userPrincipal = httpServletRequest.getUserPrincipal(); RefreshableKeycloakSecurityContext context = (RefreshableKeycloakSecurityContext) httpServletRequest.getAttribute(KeycloakSecurityContext.class.getName()); are null when visiting unprotected homepage, even if user is logged (directly in keycloak) until I visit my protected page. Is this configuration error? Dne 15.8.2017 v 8:57 Stian Thorgersen napsal(a): > Wouldn't > http://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletRequest... > <http://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletRequest...> > do the trick? > > On 14 August 2017 at 17:22, Michal Keda <michal.keda(a)studentagency.cz > <mailto:michal.keda@studentagency.cz>> wrote: > > Hello, > I want to implement simple panel showing information about user logged > into sso. The catch is that I need this panel even on pages that > should > not redirect to KC server when no user is logged in. > > This seems like basic behaviour for any homepage (show if user is > logged > in, but do not force immidiate redirect if isn't), but > RefreshableKeycloakSecurityContext starts to pop up in my > HttpServletRequest only after I access some protected page > (specified in > web.xml). > > So my question is (I guess..) if it is possible to get currently > logged > user, on page that is not protected by KC. > > I am using tomcat 7, java 8 (+wicket) > > Best regards, > > Michal Keda > -- > > Bc. Michal Keda > programátor > > telefon: +420 539 000 711 <tel:%2B420%20539%20000%20711> > > StudentAgency logo <https://www.studentagency.cz/> > AUTOBUSY | <https://jizdenky.studentagency.cz/ > <https://jizdenky.studentagency.cz/>> VLAKY | > <https://www.regiojet.cz/> DOVOLENÁ | <https://www.dovolena.cz/> > LETENKY > | <https://www.studentagency.cz/letenky/index.html > <https://www.studentagency.cz/letenky/index.html>> JAZYKOVÉ POBYTY | > <https://www.jazykovepobyty.cz/ <https://www.jazykovepobyty.cz/>> > PRACOVNÍ A AU PAIR POBYTY > <https://www.pracovnipobyty.cz/ <https://www.pracovnipobyty.cz/>> > STUDENT AGENCY k.s. > Dům pánů z Lipé nám. Svobody 17 > 602 00 Brno infolinka: 800 100 300 > fax: +420 539 000 540 <tel:%2B420%20539%20000%20540> > *www.studentagency.cz <http://www.studentagency.cz>* > <https://www.studentagency.cz> > STUDENT AGENCY cestování pro každého v každém věku. > > > _______________________________________________ > keycloak-user mailing list > keycloak-user(a)lists.jboss.org <mailto:keycloak-user@lists.jboss.org> > https://lists.jboss.org/mailman/listinfo/keycloak-user > <https://lists.jboss.org/mailman/listinfo/keycloak-user> > >

7 years, 4 months

2
1
0 / 0

Both the access token and the refresh token have expired

by Stephan Grieger

I followed the example given at https://github.com/dylanplecki/KeycloakOwinAuthentication/wiki/ASP.NET-MV... and it works up until the part where you press the login button. I can navigate to the About page and I am taken to the login page. I enter the login name and password and press the login button and I get the error "Both the access token and the refresh token have expired". Does anyone know why this is and what the solution is? Thank you.

7 years, 4 months

2
1
0 / 0

User federation email verification

by Adam Keily

Hi all, Using rhsso7.1. I've configured a realm to federate users from LDAP (several thousand existing corporate accounts) and allow registration of external users to the realm. The realm is configured to verify email. I only want users who register using a form or social IdP to have to verify their email though. With the realm setting 'Verify Email=On', it is prompting my LDAP users to verify their corporate email the first time they login. Is there a simple way to prevent LDAP federated users from having to verify their email address whilst still enforcing verification for registered accounts. With social IdP's I can set them to trust email but is there a way to do something similar with ldap federation users? Or would I need to build a custom user federation spi? Thanks Adam -- Adam Keily Identity and Access Management Specialist Security and Architecture The University of Adelaide Phone: +61883139112 Mobile: +61438898513 adam.keily(a)adelaide.edu.au<mailto:adam.keily@adelaide.edu.au> CRICOS Provider Number 00123M ----------------------------------------------------------- IMPORTANT: This message may contain confidential or legally privileged information. If you think it was sent to you by mistake, please delete all copies and advise the sender. For the purposes of the SPAM Act 2003, this email is authorised by The University of Adelaide.

7 years, 4 months

2
1
0 / 0

Keycloak evaluation

by Krishna Kuntala

Hi, We are evaluating Keycloak product for our Identity management solution. Need to understand whether Keycloak supports below features: 1. Send "magic link" with verification email to let the user silently login. 2. An API which is capable of sending communication emails to the users. Thanks and Regards, KK

7 years, 4 months

3
2
0 / 0

Re: [keycloak-user] Keycloak HA issue

by Abhinav Dwivedi

Hi Could you help me to fix one issue I have use 2 container of key cloak HA and one container of mysql and when I try to create RELAM in one server its not reflect to the another server until I restart the service of second one could you help me please asap. Regards Abhinav

7 years, 4 months

1
0
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

keycloak-user August 2017