Keycloak user session time out
by Ashutosh Kanthi
Hi,
We want to implement one functionality with regard to session timeout in keycloak i.e. if session timeout is reaching near, then user should be notified of the same.
Does anyone know whether it is possible to do this in Keycloak? And if is possible then how to do this?
Thanks & regards,
Ashutosh Kanthi
8 years
User Federation (OpenLDAP) - User's Group Membership empty
by Indira Chandrabhatta
I have a fresh successful installation of keycloak (version Keycloak 4.0.0.Beta1)in a docker environment.
I was able to sync with OpenLDAP server. I can login as an LDAP user without any issues.
I created an LDAP Mapper - (Mapper type group-ldap-mapper). The groups get imported with out any issues. I can see the members of the group when I click on the Groups-->testgroup---> edit --> members.
But I have an issue with the user group membership. When I click on Users --> Groups, Group Membership is empty. I don't see the LDAP groups automatically assigned to the user even though the user is already a member of a couple of groups in OpenLDAP.
I looked every where possible but could not find a solution.
Any help is greatly appreciated.
Best Regards
Indira
8 years
How to access custom attribute/Client Mapper in Login Page?
by Subodh Joshi
Hi ,
We have created our own theme for keycloak and we are able to access
realm-name/client-name via this code
> <div id="parent">
>
> <div id="pro-fam-name">
>
> ${msg("loginTitleHtml",(realm.displayNameHtml!''))?no_esc}
>
> </div>
>
> <div id="pro-des"> ${client.name!''} </div>
>
> <div id="version"> ${client.description!''} </div>
>
> </div>
>
Now we will want to access some custom attribute or client mapper into same
login page before user login.
As i know Keycloak wont support to add attribute in realm level any other
way to do this?
Is this possible to achieve this in keycloak version 3.4.1.Final ? We want
to achieve this in our JS application so according to realm/tenant-name we
have diffrent-2 login page.
--
Subodh Chandra Joshi
subodh1_joshi82(a)yahoo.co.in
http://www.trendsinnews.com
8 years
Fwd: User Attributes not added in token
by Sandeep Rai
Hi Community,
Also does this depend on the database rights ? As I only have read rights
to the db. But getAttributes should just add whatever we provide as
attribute into the token ?
Regards
---------- Forwarded message ---------
From: Sandeep Rai <raisandeepkmr(a)gmail.com>
Date: Wed, 23 May 2018, 02:46
Subject: User Attributes not added in token
To: <keycloak-user(a)lists.jboss.org>
Hi Community,
I'm new to keycloak. And trying to federate login via external database.
While federating username and password validation trough JPA I'm trying to
add user attribute to the token.
To achieve that all I'm doing is adding the attribute in getAtrributes
method. As I'm expecting it then adds to the token. But after successful
validation the token I get does not have the 'phone' attribute
Is there something I'm missing ?
Do I have to add this attribute any other way ?
@Override
public Map<String, List<String>> getAttributes() {
Map<String, List<String>> attrs = super.getAttributes();
MultivaluedHashMap<String, String> all = new MultivaluedHashMap<>();
all.putAll(attrs);
all.add("phone", userEntity.getMOBILE_NO());
return all;
}
Kind Regards
8 years
Additional attributes for an authorization request
by Scott Elliott
Would therebe any way to pass additional attributes (say, something from a
REST API call's headers or body) to an authorization request, and access it
in a Javascript or rules based policy? I see that what is available in the
Evaluation API currently is pretty limited.
8 years
group management
by Pierre Nowak
Hello,
I am struggling with setting up fine grained group management.
I would like to give access a specific user to the following actions on a
specific group:
- view only users in a specific group (don't see the whole list of users)
- manage subgroups of a specific group (can add and delete subgroups). Do
not see all the group list !
- add users to my subgroups
When I try to set this up this gives me the view of all the groups.
Pierre
8 years
Keycloak user session time out
by Ashutosh Kanthi
Hi,
We want to implement one functionality with regard to session timeout in keycloak i.e. if session timeout is reaching near, then user should be notified of the same.
Does anyone know whether it is possible to do this in Keycloak? And if is possible the how to do this?
Thanks & regards,
Ashutosh Kanthi
8 years
java.lang.NoClassDefFoundError: org/keycloak/representations/AccessTokenResponse
by valsaraj pv
Hi,
I am getting following exception when calling admin API:
> java.lang.NoClassDefFoundError:
>> org/keycloak/representations/AccessTokenResponse
>
> at java.lang.Class.getDeclaredMethods0(Native Method)
>
> at java.lang.Class.privateGetDeclaredMethods(Class.java:2701)
>
> at java.lang.Class.privateGetPublicMethods(Class.java:2902)
>
> at java.lang.Class.getMethods(Class.java:1615)
>
> at org.jboss.resteasy.client.jaxrs.ProxyBuilder.proxy(ProxyBuilder.java:48)
>
> at
>> org.jboss.resteasy.client.jaxrs.ProxyBuilder.build(ProxyBuilder.java:131)
>
> at
>> org.jboss.resteasy.client.jaxrs.internal.ClientWebTarget.proxy(ClientWebTarget.java:74)
>
> at
>> org.keycloak.admin.client.token.TokenManager.<init>(TokenManager.java:55)
>
> at org.keycloak.admin.client.Keycloak.<init>(Keycloak.java:60)
>
> at org.keycloak.admin.client.Keycloak.getInstance(Keycloak.java:106)
>
>
I have added keycloak-admin-client-3.4.3.Final.jar in ear lib & set
dependency to following modules:
> <module name="org.keycloak.keycloak-adapter-spi"/>
<module name="org.keycloak.keycloak-adapter-core"/>
<module name="org.keycloak.keycloak-common"/>
<module name="org.keycloak.keycloak-core"/>
Thanks!
8 years
