3:11 a.m.
Yes, 'role-ldap-mapper created & those roles appeared in Keyclock client
set in mapper. But these roles were not assigned to users. For that need to
open user from admin cosole & select client abd set client roles. I am
checking how to automate this.
On Fri, May 18, 2018 at 1:34 PM, Raphaël HOAREAU <raphoa(a)worteks.com> wrote:
Can't you just create 'role-ldap-mapper' in your ldap
user federation so
it reflects your ldap roles to keycloak realm or client roles ?
Assuming that roles in your local LDAP are the same (name) than the one
you use in keycloak.
Le 18/05/2018 à 08:32, valsaraj pv a écrit :
> Got this sample:
> https://gist.github.com/thomasdarimont/c4e739c5a319cf78a4cff3b87173a84b
>
> On Fri, May 18, 2018 at 10:39 AM, Subodh Joshi <subodhcjoshi82(a)gmail.com
>
> wrote:
>
>> You have to write script to run admin-cli commands
>> https://www.keycloak.org/docs/3.3/server_admin/topics/admin-cli.html
>>
>> On Fri, May 18, 2018 at 8:50 AM valsaraj pv <valsarajpv(a)gmail.com>
wrote:
>>
>>> Do you have any links that will be helpful?
>>>
>>> On Fri 18 May, 2018, 7:17 AM Subodh Joshi, <subodhcjoshi82(a)gmail.com>
>>> wrote:
>>>
>>>> I think admin-cli will help you regarding this but issue is
documetation
>>>> is not that good.
>>>>
>>>> On Thu, 17 May 2018, 22:43 valsaraj pv, <valsarajpv(a)gmail.com>
wrote:
>>>>
>>>>> Hi,
>>>>>
>>>>> Here is the scenario:
>>>>> Java web application client registers users to local LDAP/DB and
sets
>>>>> roles.
>>>>> These users are periodically synced to Keycloak. Roles are also
synced
>>>>> once
>>>>> as it not changed more often.
>>>>> So when a user registered in local LDAP via application, they are
also
>>>>> reflected in Keycloak but they can't access web application
after
login
>>>>> via
>>>>> Keycloak.
>>>>> The new users can access only after setting client roles manually.
>>>>> What is the best option to automate this. Is there is any API to
set
>>>>> client
>>>>> roles?
>>>>> If available, we can't write code to set role in registration
method
>>>>> since
>>>>> the users will be synced to Keycloak only on next sync. Then option
is a
>>>>> delayed call which first ensures that the user reached Keycloak DB
and
>>>>> then
>>>>> set role.
>>>>> Please share your thoughts!
>>>>>
>>>>> Thanks!
>>>>> _______________________________________________
>>>>> keycloak-user mailing list
>>>>> keycloak-user(a)lists.jboss.org
>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>
>> --
>> Subodh Chandra Joshi
>> subodh1_joshi82(a)yahoo.co.in
>> http://www.trendsinnews.com
>>
>
>
--
Raphaël HOAREAU | Support & Hosting Solutions Manager
raphael.hoareau(a)worteks.com
+33 7 72 37 59 82
Worteks | https://www.worteks.com
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
--
Life is like this: "Just when we get all the answers of life.... God
changes the question paper....
Valsaraj Viswanathan