sssd and otp
by Ionut Culda
Hello,
Can anybody tells me if keycloak supports sssd user federation with otp?
I configured this but when i try to configure first time otp i get the following error:
ERROR [org.keycloak.services.error.KeycloakErrorHandler] (default task-28) Uncaught server error: java.lang.IllegalStateException: You can't update your password as your account is read only.
Thank You
6 years, 11 months
Re: [keycloak-user] How to create a realm through Admin CLI
by Marko Strukelj
See documentation:
http://www.keycloak.org/docs/latest/server_admin/index.html#the-admin-cli
No route to host means you have a networking issue or are using a wrong IP
for the server.
On Feb 13, 2018 09:13, "Subodh Joshi" <subodhcjoshi82(a)gmail.com> wrote:
Hi All
I am trying to create realm through admin CLI and tried below command
./kcadm.sh config credentials --server http://<IP ADDRESS>:8665/auth/
create realms -s realm=demorealmAdminCLI -s enabled=true
But i am getting
Required option not specified: --realm
What i am doing wrong ?
When i tried following command
[root@suredevbana1 bin]# ./kcadm.sh config credentials --server http://<IP
ADDRESS>:8665/auth/ --realm master --user admin --password admin
Then i am getting below message
Logging into http://<IP ADDRESS>:8665/auth/ as user admin of realm master
Feb 13, 2018 1:23:35 PM org.apache.http.impl.execchain.RetryExec execute
INFO: I/O exception (java.net.NoRouteToHostException) caught when
processing request to {}->http:// <IP ADDRESS> :8665: No route to host
Feb 13, 2018 1:23:35 PM org.apache.http.impl.execchain.RetryExec execute
INFO: Retrying request to {}->http:// <IP ADDRESS> :8665
Feb 13, 2018 1:23:35 PM org.apache.http.impl.execchain.RetryExec execute
INFO: I/O exception (java.net.NoRouteToHostException) caught when
processing request to {}->http:// <IP ADDRESS> :8665: No route to host
Feb 13, 2018 1:23:35 PM org.apache.http.impl.execchain.RetryExec execute
INFO: Retrying request to {}->http:// <IP ADDRESS> :8665
Feb 13, 2018 1:23:35 PM org.apache.http.impl.execchain.RetryExec execute
INFO: I/O exception (java.net.NoRouteToHostException) caught when
processing request to {}->http:// <IP ADDRESS> :8665: No route to host
Feb 13, 2018 1:23:35 PM org.apache.http.impl.execchain.RetryExec execute
INFO: Retrying request to {}->http:// <IP ADDRESS> :8665
Failed to send request - No route to host
Subodh Chandra Joshi
subodh1_joshi82(a)yahoo.co.in
http://www.questioninmind.com
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
6 years, 11 months
How to create a realm through Admin CLI
by Subodh Joshi
Hi All
I am trying to create realm through admin CLI and tried below command
./kcadm.sh config credentials --server http://<IP ADDRESS>:8665/auth/
create realms -s realm=demorealmAdminCLI -s enabled=true
But i am getting
Required option not specified: --realm
What i am doing wrong ?
When i tried following command
[root@suredevbana1 bin]# ./kcadm.sh config credentials --server http://<IP
ADDRESS>:8665/auth/ --realm master --user admin --password admin
Then i am getting below message
Logging into http://<IP ADDRESS>:8665/auth/ as user admin of realm master
Feb 13, 2018 1:23:35 PM org.apache.http.impl.execchain.RetryExec execute
INFO: I/O exception (java.net.NoRouteToHostException) caught when
processing request to {}->http:// <IP ADDRESS> :8665: No route to host
Feb 13, 2018 1:23:35 PM org.apache.http.impl.execchain.RetryExec execute
INFO: Retrying request to {}->http:// <IP ADDRESS> :8665
Feb 13, 2018 1:23:35 PM org.apache.http.impl.execchain.RetryExec execute
INFO: I/O exception (java.net.NoRouteToHostException) caught when
processing request to {}->http:// <IP ADDRESS> :8665: No route to host
Feb 13, 2018 1:23:35 PM org.apache.http.impl.execchain.RetryExec execute
INFO: Retrying request to {}->http:// <IP ADDRESS> :8665
Feb 13, 2018 1:23:35 PM org.apache.http.impl.execchain.RetryExec execute
INFO: I/O exception (java.net.NoRouteToHostException) caught when
processing request to {}->http:// <IP ADDRESS> :8665: No route to host
Feb 13, 2018 1:23:35 PM org.apache.http.impl.execchain.RetryExec execute
INFO: Retrying request to {}->http:// <IP ADDRESS> :8665
Failed to send request - No route to host
Subodh Chandra Joshi
subodh1_joshi82(a)yahoo.co.in
http://www.questioninmind.com
6 years, 11 months
Support for X509Data as SAML Signature Key Name
by Michael Liebe
Hi,
We got a requirement to include the X509 certificate (X509Data/X509Certificate element) within the KeyInfo element when sending SAML authentication requests to external identity providers. Keycloak currently supports KEY_ID and CERT_SUBJECT as SAML signature key names. Are there any plans to support also X509Certificate in future releases?
Best regards,
Michael
6 years, 11 months
How to logout a specific offline session
by Scott Finlay
Hi,
We have the case that there can be multiple offline sessions for a
particular user. Is there a way to logout or invalid one particular offline
session/token? Using the OAuth endpoints we can easily logout the
normal session, but the offline tokens are still there. I can see that it is
possible to invalidate ALL offline tokens for a particular user, but is there
any way to invalidate just one particular one?
I saw this issue which was discussed a bit and reopened and then closed,
but it doesn't look like something was done: https://issues.jboss.org/browse/KEYCLOAK-3375
Regards,
Scott
6 years, 11 months
Passing client_secret when sending request to Token url
by Miguel Vilhena
Hi,
I am trying to use a custom Identity Provider in keycloak, and haven't been
able to configure it a way that it doesn't send the client_secret in the
POST request.
Am i assuming incorrectly that if the client, in this case "Account", is
marked as Public, then the client_secret should not be included in the
request?
Thank you.
Miguel
6 years, 11 months
Login failed due to missing user attributes
by trmadhu@tafe.com
Dear All
We are trying to configure SSO with Keycloak as IDP and Shibboleth SP for .Net application. The user authentication is handled by Keycloak IDP and in the Shibboleth, we are the getting the error message
Login failed due to missing user attributes
Attribute
Value
SHIB_displayName
SHIB_givenName
SHIB_cn
SHIB_sn
SHIB_eduPersonPrincipalName
SHIB_schacHomeOrganization
SHIB_schacHomeOrganizationType
Can you help in solving this issues or suggest any alternative for .Net application (for keycloak).
Regards
[All]
Above email is subject to 'Disclaimer' as per <a href="http://tafe.co.in/email-disclaimer.htm">http://tafe.co.in/email-disclaimer.htm</a>
6 years, 11 months
Re: [keycloak-user] [keycloak-dev] Trojan in Keycloak Javascript Adapter?
by Ariel Carrera
Thanks Ramunas, I will check My Windows defender’s definition version to
compare with you. I have Windows 10 (64 bit) updated on December 2017.
El El mié, 3 ene. 2018 a las 17:45, Rumanas <ramunask(a)gmail.com> escribió:
> * just downloaded keycloak-js-adapter-dist-3.4.2.Final.zip file
> * extracted and scanned "keycloak-js-adapter-dist-3.4.2.Final" folder with
> Windows Defender on Windows 10 - no issues found
> * checked for Windows updates. New update "Definition Update for Windows
> Defender Antivirus - KB2267602 (Definition 1.259.1141.0)" was found and
> installed.
> * scanned again. No issues found.
>
> Ramūnas
>
--
Ariel Carrera
6 years, 11 months
InfinispanUserSessionProviderFactory specify the return type of `create` method
by Logan HAUSPIE
Hi there,
I'm trying to build my own UserSessionProviderFactory by extending the
existing InfinispanUserSessionProviderFactory.
I noticed that this Infinispan implementation is returning (in the
signature) InfinispanUserSessionProvider instead of returning
UserSessionProvider.
Are you sure is that what you wanted?
Have a nice day.
*---*
*Logan HAUSPIE*
E-Mail : logan.hauspie.pro(a)gmail.com
6 years, 11 months
