3:13 a.m.
Hi,
I would like to summary information about How to add Admin User - chapter
3.2.1.
My questions are:
1.) From which version (including) is new concept, that there is no built
in user?
2a.) What is exact command via add-user script (add-user.sh) for create
admin user ?
2b.) Same question like in 2a, but in keycloak-overlay (add-user-keycloak.sh
)?
Thanks and Best Regards,
Andrej.
3:38 a.m.
Hi Andrej, answers inline
On Wed, Mar 2, 2016 at 6:13 AM Andrej Prievalsky <ado.boj.83(a)gmail.com>
wrote:
Hi,
I would like to summary information about How to add Admin User - chapter
3.2.1.
My questions are:
1.) From which version (including) is new concept, that there is no built
in user?
1.8.0 See:
http://keycloak.github.io/docs/userguide/keycloak-server/html/Migration_f...
2a.) What is exact command via add-user script (add-user.sh) for
create
admin user ?
See:
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
2b.) Same question like in 2a, but in keycloak-overlay (
add-user-keycloak.sh)?
You are correct. Maybe this is an inconsistency to be fixed.
Thanks and Best Regards,
Andrej.
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
4:03 a.m.
Hi Bruno,
thanks for answer.
But from
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
and section: *...you can use the add-user script from the command-line.*
is my question is how exactly should looks like command with add-user
script?
Because in past we used this command: add-user.sh –container -u admin -p
admin
Andrej.
On Wed, Mar 2, 2016 at 10:38 AM, Bruno Oliveira <bruno(a)abstractj.org> wrote:
Hi Andrej, answers inline
On Wed, Mar 2, 2016 at 6:13 AM Andrej Prievalsky <ado.boj.83(a)gmail.com>
wrote:
> Hi,
>
> I would like to summary information about How to add Admin User - chapter
> 3.2.1.
>
> My questions are:
> 1.) From which version (including) is new concept, that there is no built
> in user?
>
1.8.0 See:
http://keycloak.github.io/docs/userguide/keycloak-server/html/Migration_f...
> 2a.) What is exact command via add-user script (add-user.sh) for create
> admin user ?
>
See:
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
> 2b.) Same question like in 2a, but in keycloak-overlay (
> add-user-keycloak.sh)?
>
You are correct. Maybe this is an inconsistency to be fixed.
>
> Thanks and Best Regards,
> Andrej.
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
4:10 a.m.
I'm not sure if I follow your question but './add-user.sh -u admin -p
admin' or './add-user.sh -u admin' should work.
On Wed, Mar 2, 2016 at 7:03 AM Andrej Prievalsky <ado.boj.83(a)gmail.com>
wrote:
Hi Bruno,
thanks for answer.
But from
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
and section: *...you can use the add-user script from the command-line.*
is my question is how exactly should looks like command with add-user
script?
Because in past we used this command: add-user.sh –container -u admin -p
admin
Andrej.
On Wed, Mar 2, 2016 at 10:38 AM, Bruno Oliveira <bruno(a)abstractj.org>
wrote:
> Hi Andrej, answers inline
>
> On Wed, Mar 2, 2016 at 6:13 AM Andrej Prievalsky <ado.boj.83(a)gmail.com>
> wrote:
>
>> Hi,
>>
>> I would like to summary information about How to add Admin User -
>> chapter 3.2.1.
>>
>> My questions are:
>> 1.) From which version (including) is new concept, that there is no
>> built in user?
>>
>
> 1.8.0 See:
>
http://keycloak.github.io/docs/userguide/keycloak-server/html/Migration_f...
>
>
>> 2a.) What is exact command via add-user script (add-user.sh) for create
>> admin user ?
>>
>
> See:
>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>
>
>> 2b.) Same question like in 2a, but in keycloak-overlay (
>> add-user-keycloak.sh)?
>>
>
> You are correct. Maybe this is an inconsistency to be fixed.
>
>>
>> Thanks and Best Regards,
>> Andrej.
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user(a)lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
6:02 a.m.
In overlay the script should be add-user-keycloak. The overlay adds
Keycloak server to an existing WildFly installation so we don't want to
overwrite any existing files. I appreciate this may be confusing and
inconsistent, but at the same time if we did overwrite people would
probably complain about us overwriting the existing script.
In the server dist this doesn't apply as the server is purely a Keycloak
server, not a WildFly server.
On 2 March 2016 at 11:10, Bruno Oliveira <bruno(a)abstractj.org> wrote:
I'm not sure if I follow your question but './add-user.sh -u
admin -p
admin' or './add-user.sh -u admin' should work.
On Wed, Mar 2, 2016 at 7:03 AM Andrej Prievalsky <ado.boj.83(a)gmail.com>
wrote:
> Hi Bruno,
>
> thanks for answer.
> But from
>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
> and section: *...you can use the add-user script from the command-line.*
> is my question is how exactly should looks like command with add-user
> script?
> Because in past we used this command: add-user.sh –container -u admin -p
> admin
>
> Andrej.
>
>
> On Wed, Mar 2, 2016 at 10:38 AM, Bruno Oliveira <bruno(a)abstractj.org>
> wrote:
>
>> Hi Andrej, answers inline
>>
>> On Wed, Mar 2, 2016 at 6:13 AM Andrej Prievalsky <ado.boj.83(a)gmail.com>
>> wrote:
>>
>>> Hi,
>>>
>>> I would like to summary information about How to add Admin User -
>>> chapter 3.2.1.
>>>
>>> My questions are:
>>> 1.) From which version (including) is new concept, that there is no
>>> built in user?
>>>
>>
>> 1.8.0 See:
>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/Migration_f...
>>
>>
>>> 2a.) What is exact command via add-user script (add-user.sh) for
>>> create admin user ?
>>>
>>
>> See:
>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>
>>
>>> 2b.) Same question like in 2a, but in keycloak-overlay (
>>> add-user-keycloak.sh)?
>>>
>>
>> You are correct. Maybe this is an inconsistency to be fixed.
>>
>>>
>>> Thanks and Best Regards,
>>> Andrej.
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user(a)lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>>
>
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
7:12 a.m.
On 3/2/2016 7:02 AM, Stian Thorgersen wrote:
In overlay the script should be add-user-keycloak. The overlay adds
Keycloak server to an existing WildFly installation so we don't want
to overwrite any existing files. I appreciate this may be confusing
and inconsistent, but at the same time if we did overwrite people
would probably complain about us overwriting the existing script.
In the server dist this doesn't apply as the server is purely a
Keycloak server, not a WildFly server.
I guess the solution would be to make server
dist consistent with
overlay, so both are add-user-keycloak. Not sure how I feel about that.
On 2 March 2016 at 11:10, Bruno Oliveira <bruno(a)abstractj.org
<mailto:bruno@abstractj.org>> wrote:
I'm not sure if I follow your question but './add-user.sh -u admin
-p admin' or './add-user.sh -u admin' should work.
On Wed, Mar 2, 2016 at 7:03 AM Andrej Prievalsky
<ado.boj.83(a)gmail.com <mailto:ado.boj.83@gmail.com>> wrote:
Hi Bruno,
thanks for answer.
But from
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
and section: *...you can use the add-user script from the
command-line.*
is my question is how exactly should looks like command with
add-user script?
Because in past we used this command: add-user.sh --container
-u admin -p admin
Andrej.
On Wed, Mar 2, 2016 at 10:38 AM, Bruno Oliveira
<bruno(a)abstractj.org <mailto:bruno@abstractj.org>> wrote:
Hi Andrej, answers inline
On Wed, Mar 2, 2016 at 6:13 AM Andrej Prievalsky
<ado.boj.83(a)gmail.com <mailto:ado.boj.83@gmail.com>> wrote:
Hi,
I would like to summary information about How to add
Admin User - chapter 3.2.1.
My questions are:
1.) From which version (including) is new concept,
that there is no built in user?
1.8.0 See:
http://keycloak.github.io/docs/userguide/keycloak-server/html/Migration_f...
2a.) What is exact command via add-user script
(add-user.sh) for create admin user ?
See:
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
2b.) Same question like in 2a, but in keycloak-overlay
(add-user-keycloak.sh)?
You are correct. Maybe this is an inconsistency to be fixed.
Thanks and Best Regards,
Andrej.
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
<mailto:keycloak-user@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org <mailto:keycloak-user@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
12:50 p.m.
Not a chance. In server dist we want to hide WildFly's add-user script.
On 2 March 2016 at 14:12, Stan Silvert <ssilvert(a)redhat.com> wrote:
On 3/2/2016 7:02 AM, Stian Thorgersen wrote:
In overlay the script should be add-user-keycloak. The overlay adds
Keycloak server to an existing WildFly installation so we don't want to
overwrite any existing files. I appreciate this may be confusing and
inconsistent, but at the same time if we did overwrite people would
probably complain about us overwriting the existing script.
In the server dist this doesn't apply as the server is purely a Keycloak
server, not a WildFly server.
I guess the solution would be to make server dist consistent with overlay,
so both are add-user-keycloak. Not sure how I feel about that.
On 2 March 2016 at 11:10, Bruno Oliveira <bruno(a)abstractj.org> wrote:
> I'm not sure if I follow your question but './add-user.sh -u admin -p
> admin' or './add-user.sh -u admin' should work.
>
> On Wed, Mar 2, 2016 at 7:03 AM Andrej Prievalsky <ado.boj.83(a)gmail.com>
> wrote:
>
>> Hi Bruno,
>>
>> thanks for answer.
>> But from
>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>> and section: *...you can use the add-user script from the command-line.*
>> is my question is how exactly should looks like command with add-user
>> script?
>> Because in past we used this command: add-user.sh –container -u admin
>> -p admin
>>
>> Andrej.
>>
>>
>> On Wed, Mar 2, 2016 at 10:38 AM, Bruno Oliveira <bruno(a)abstractj.org>
>> wrote:
>>
>>> Hi Andrej, answers inline
>>>
>>> On Wed, Mar 2, 2016 at 6:13 AM Andrej Prievalsky
<ado.boj.83(a)gmail.com>
>>> wrote:
>>>
>>>> Hi,
>>>>
>>>> I would like to summary information about How to add Admin User -
>>>> chapter 3.2.1.
>>>>
>>>> My questions are:
>>>> 1.) From which version (including) is new concept, that there is no
>>>> built in user?
>>>>
>>>
>>> 1.8.0 See:
>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/Migration_f...
>>>
>>>
>>>> 2a.) What is exact command via add-user script (add-user.sh) for
>>>> create admin user ?
>>>>
>>>
>>> See:
>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>
>>>
>>>> 2b.) Same question like in 2a, but in keycloak-overlay (
>>>> add-user-keycloak.sh)?
>>>>
>>>
>>> You are correct. Maybe this is an inconsistency to be fixed.
>>>
>>>>
>>>> Thanks and Best Regards,
>>>> Andrej.
>>>> _______________________________________________
>>>> keycloak-user mailing list
>>>> keycloak-user(a)lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>>
>>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
_______________________________________________
keycloak-user mailing
listkeycloak-user@lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
1 p.m.
On 3/2/2016 1:50 PM, Stian Thorgersen wrote:
Not a chance. In server dist we want to hide WildFly's add-user
script.
I could guess, but I have to ask, why?
On 2 March 2016 at 14:12, Stan Silvert <ssilvert(a)redhat.com
<mailto:ssilvert@redhat.com>> wrote:
On 3/2/2016 7:02 AM, Stian Thorgersen wrote:
> In overlay the script should be add-user-keycloak. The overlay
> adds Keycloak server to an existing WildFly installation so we
> don't want to overwrite any existing files. I appreciate this may
> be confusing and inconsistent, but at the same time if we did
> overwrite people would probably complain about us overwriting the
> existing script.
>
> In the server dist this doesn't apply as the server is purely a
> Keycloak server, not a WildFly server.
I guess the solution would be to make server dist consistent with
overlay, so both are add-user-keycloak. Not sure how I feel about
that.
>
> On 2 March 2016 at 11:10, Bruno Oliveira <bruno(a)abstractj.org
> <mailto:bruno@abstractj.org>> wrote:
>
> I'm not sure if I follow your question but './add-user.sh -u
> admin -p admin' or './add-user.sh -u admin' should work.
>
> On Wed, Mar 2, 2016 at 7:03 AM Andrej Prievalsky
> <ado.boj.83(a)gmail.com <mailto:ado.boj.83@gmail.com>> wrote:
>
> Hi Bruno,
>
> thanks for answer.
> But from
>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
> and section: *...you can use the add-user script from the
> command-line.*
> is my question is how exactly should looks like command
> with add-user script?
> Because in past we used this command: add-user.sh
> –container -u admin -p admin
>
> Andrej.
>
>
> On Wed, Mar 2, 2016 at 10:38 AM, Bruno Oliveira
> <bruno(a)abstractj.org <mailto:bruno@abstractj.org>> wrote:
>
> Hi Andrej, answers inline
>
> On Wed, Mar 2, 2016 at 6:13 AM Andrej Prievalsky
> <ado.boj.83(a)gmail.com <mailto:ado.boj.83@gmail.com>>
> wrote:
>
> Hi,
>
> I would like to summary information about How to
> add Admin User - chapter 3.2.1.
>
> My questions are:
> 1.) From which version (including) is new
> concept, that there is no built in user?
>
>
> 1.8.0 See:
>
http://keycloak.github.io/docs/userguide/keycloak-server/html/Migration_f...
>
> 2a.) What is exact command via add-user script
> (add-user.sh) for create admin user ?
>
>
> See:
>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>
> 2b.) Same question like in 2a, but in
> keycloak-overlay (add-user-keycloak.sh)?
>
>
> You are correct. Maybe this is an inconsistency to be
> fixed.
>
>
> Thanks and Best Regards,
> Andrej.
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> <mailto:keycloak-user@lists.jboss.org>
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> <mailto:keycloak-user@lists.jboss.org>
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org <mailto:keycloak-user@lists.jboss.org>
> https://lists.jboss.org/mailman/listinfo/keycloak-user
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org <mailto:keycloak-user@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user
11:09 p.m.
The standard add-user script adds WildFly users, we want the standard
script to add Keycloak users. It's a Keycloak server after all.
On 2 March 2016 at 20:00, Stan Silvert <ssilvert(a)redhat.com> wrote:
On 3/2/2016 1:50 PM, Stian Thorgersen wrote:
Not a chance. In server dist we want to hide WildFly's add-user script.
I could guess, but I have to ask, why?
On 2 March 2016 at 14:12, Stan Silvert <ssilvert(a)redhat.com> wrote:
> On 3/2/2016 7:02 AM, Stian Thorgersen wrote:
>
> In overlay the script should be add-user-keycloak. The overlay adds
> Keycloak server to an existing WildFly installation so we don't want to
> overwrite any existing files. I appreciate this may be confusing and
> inconsistent, but at the same time if we did overwrite people would
> probably complain about us overwriting the existing script.
>
> In the server dist this doesn't apply as the server is purely a Keycloak
> server, not a WildFly server.
>
> I guess the solution would be to make server dist consistent with
> overlay, so both are add-user-keycloak. Not sure how I feel about that.
>
>
>
>
> On 2 March 2016 at 11:10, Bruno Oliveira <bruno(a)abstractj.org> wrote:
>
>> I'm not sure if I follow your question but './add-user.sh -u admin -p
>> admin' or './add-user.sh -u admin' should work.
>>
>> On Wed, Mar 2, 2016 at 7:03 AM Andrej Prievalsky <ado.boj.83(a)gmail.com>
>> wrote:
>>
>>> Hi Bruno,
>>>
>>> thanks for answer.
>>> But from
>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>> and section: *...you can use the add-user script from the
>>> command-line.*
>>> is my question is how exactly should looks like command with add-user
>>> script?
>>> Because in past we used this command: add-user.sh –container -u admin
>>> -p admin
>>>
>>> Andrej.
>>>
>>>
>>> On Wed, Mar 2, 2016 at 10:38 AM, Bruno Oliveira <bruno(a)abstractj.org>
>>> wrote:
>>>
>>>> Hi Andrej, answers inline
>>>>
>>>> On Wed, Mar 2, 2016 at 6:13 AM Andrej Prievalsky
<ado.boj.83(a)gmail.com>
>>>> wrote:
>>>>
>>>>> Hi,
>>>>>
>>>>> I would like to summary information about How to add Admin User -
>>>>> chapter 3.2.1.
>>>>>
>>>>> My questions are:
>>>>> 1.) From which version (including) is new concept, that there is no
>>>>> built in user?
>>>>>
>>>>
>>>> 1.8.0 See:
>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/Migration_f...
>>>>
>>>>
>>>>> 2a.) What is exact command via add-user script (add-user.sh) for
>>>>> create admin user ?
>>>>>
>>>>
>>>> See:
>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>
>>>>
>>>>> 2b.) Same question like in 2a, but in keycloak-overlay (
>>>>> add-user-keycloak.sh)?
>>>>>
>>>>
>>>> You are correct. Maybe this is an inconsistency to be fixed.
>>>>
>>>>>
>>>>> Thanks and Best Regards,
>>>>> Andrej.
>>>>> _______________________________________________
>>>>> keycloak-user mailing list
>>>>> keycloak-user(a)lists.jboss.org
>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>
>>>>
>>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user(a)lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>
>
> _______________________________________________
> keycloak-user mailing
listkeycloak-user@lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
6:48 a.m.
On 3/3/2016 12:09 AM, Stian Thorgersen wrote:
The standard add-user script adds WildFly users, we want the standard
script to add Keycloak users. It's a Keycloak server after all.
You still need
WildFly users if you want to use CLI (remotely) or web
console. As far as I know, we can't secure those things with Keycloak yet.
There are workarounds, but I'm just saying, WildFly add-user.sh is a
useful tool that we might want to still ship in some form until such
time that CLI and web console is fully integrated with Keycloak.
On 2 March 2016 at 20:00, Stan Silvert <ssilvert(a)redhat.com
<mailto:ssilvert@redhat.com>> wrote:
On 3/2/2016 1:50 PM, Stian Thorgersen wrote:
> Not a chance. In server dist we want to hide WildFly's add-user
> script.
I could guess, but I have to ask, why?
>
> On 2 March 2016 at 14:12, Stan Silvert <ssilvert(a)redhat.com
> <mailto:ssilvert@redhat.com>> wrote:
>
> On 3/2/2016 7:02 AM, Stian Thorgersen wrote:
>> In overlay the script should be add-user-keycloak. The
>> overlay adds Keycloak server to an existing WildFly
>> installation so we don't want to overwrite any existing
>> files. I appreciate this may be confusing and inconsistent,
>> but at the same time if we did overwrite people would
>> probably complain about us overwriting the existing script.
>>
>> In the server dist this doesn't apply as the server is
>> purely a Keycloak server, not a WildFly server.
> I guess the solution would be to make server dist consistent
> with overlay, so both are add-user-keycloak. Not sure how I
> feel about that.
>
>
>
>>
>> On 2 March 2016 at 11:10, Bruno Oliveira
>> <bruno(a)abstractj.org <mailto:bruno@abstractj.org>> wrote:
>>
>> I'm not sure if I follow your question but
>> './add-user.sh -u admin -p admin' or './add-user.sh -u
>> admin' should work.
>>
>> On Wed, Mar 2, 2016 at 7:03 AM Andrej Prievalsky
>> <ado.boj.83(a)gmail.com <mailto:ado.boj.83@gmail.com>>
wrote:
>>
>> Hi Bruno,
>>
>> thanks for answer.
>> But from
>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>> and section: *...you can use the add-user script
>> from the command-line.*
>> is my question is how exactly should looks like
>> command with add-user script?
>> Because in past we used this command: add-user.sh
>> –container -u admin -p admin
>>
>> Andrej.
>>
>>
>> On Wed, Mar 2, 2016 at 10:38 AM, Bruno Oliveira
>> <bruno(a)abstractj.org <mailto:bruno@abstractj.org>>
>> wrote:
>>
>> Hi Andrej, answers inline
>>
>> On Wed, Mar 2, 2016 at 6:13 AM Andrej Prievalsky
>> <ado.boj.83(a)gmail.com
>> <mailto:ado.boj.83@gmail.com>> wrote:
>>
>> Hi,
>>
>> I would like to summary information about
>> How to add Admin User - chapter 3.2.1.
>>
>> My questions are:
>> 1.) From which version (including) is new
>> concept, that there is no built in user?
>>
>>
>> 1.8.0 See:
>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/Migration_f...
>>
>> 2a.) What is exact command via add-user
>> script (add-user.sh) for create admin user ?
>>
>>
>> See:
>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>
>> 2b.) Same question like in 2a, but in
>> keycloak-overlay (add-user-keycloak.sh)?
>>
>>
>> You are correct. Maybe this is an inconsistency
>> to be fixed.
>>
>>
>> Thanks and Best Regards,
>> Andrej.
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user(a)lists.jboss.org
>> <mailto:keycloak-user@lists.jboss.org>
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>>
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user(a)lists.jboss.org
>> <mailto:keycloak-user@lists.jboss.org>
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>>
>>
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user(a)lists.jboss.org
<mailto:keycloak-user@lists.jboss.org>
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> <mailto:keycloak-user@lists.jboss.org>
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
6:50 a.m.
On 3 March 2016 at 13:48, Stan Silvert <ssilvert(a)redhat.com> wrote:
On 3/3/2016 12:09 AM, Stian Thorgersen wrote:
The standard add-user script adds WildFly users, we want the standard
script to add Keycloak users. It's a Keycloak server after all.
You still need WildFly users if you want to use CLI (remotely) or web
console. As far as I know, we can't secure those things with Keycloak yet.
In the future we will secure it with Keycloak, in the mean time the
add-user has a '--container' option.
There are workarounds, but I'm just saying, WildFly add-user.sh is a
useful tool that we might want to still ship in some form until such time
that CLI and web console is fully integrated with Keycloak.
On 2 March 2016 at 20:00, Stan Silvert <ssilvert(a)redhat.com> wrote:
> On 3/2/2016 1:50 PM, Stian Thorgersen wrote:
>
> Not a chance. In server dist we want to hide WildFly's add-user script.
>
> I could guess, but I have to ask, why?
>
>
>
> On 2 March 2016 at 14:12, Stan Silvert <ssilvert(a)redhat.com> wrote:
>
>> On 3/2/2016 7:02 AM, Stian Thorgersen wrote:
>>
>> In overlay the script should be add-user-keycloak. The overlay adds
>> Keycloak server to an existing WildFly installation so we don't want to
>> overwrite any existing files. I appreciate this may be confusing and
>> inconsistent, but at the same time if we did overwrite people would
>> probably complain about us overwriting the existing script.
>>
>> In the server dist this doesn't apply as the server is purely a Keycloak
>> server, not a WildFly server.
>>
>> I guess the solution would be to make server dist consistent with
>> overlay, so both are add-user-keycloak. Not sure how I feel about that.
>>
>>
>>
>>
>> On 2 March 2016 at 11:10, Bruno Oliveira <bruno(a)abstractj.org> wrote:
>>
>>> I'm not sure if I follow your question but './add-user.sh -u admin
-p
>>> admin' or './add-user.sh -u admin' should work.
>>>
>>> On Wed, Mar 2, 2016 at 7:03 AM Andrej Prievalsky
<ado.boj.83(a)gmail.com>
>>> wrote:
>>>
>>>> Hi Bruno,
>>>>
>>>> thanks for answer.
>>>> But from
>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>> and section: *...you can use the add-user script from the
>>>> command-line.*
>>>> is my question is how exactly should looks like command with add-user
>>>> script?
>>>> Because in past we used this command: add-user.sh –container -u admin
>>>> -p admin
>>>>
>>>> Andrej.
>>>>
>>>>
>>>> On Wed, Mar 2, 2016 at 10:38 AM, Bruno Oliveira
<bruno(a)abstractj.org>
>>>> wrote:
>>>>
>>>>> Hi Andrej, answers inline
>>>>>
>>>>> On Wed, Mar 2, 2016 at 6:13 AM Andrej Prievalsky <
>>>>> ado.boj.83(a)gmail.com> wrote:
>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> I would like to summary information about How to add Admin User
-
>>>>>> chapter 3.2.1.
>>>>>>
>>>>>> My questions are:
>>>>>> 1.) From which version (including) is new concept, that there is
no
>>>>>> built in user?
>>>>>>
>>>>>
>>>>> 1.8.0 See:
>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/Migration_f...
>>>>>
>>>>>
>>>>>> 2a.) What is exact command via add-user script (add-user.sh) for
>>>>>> create admin user ?
>>>>>>
>>>>>
>>>>> See:
>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>
>>>>>
>>>>>> 2b.) Same question like in 2a, but in keycloak-overlay (
>>>>>> add-user-keycloak.sh)?
>>>>>>
>>>>>
>>>>> You are correct. Maybe this is an inconsistency to be fixed.
>>>>>
>>>>>>
>>>>>> Thanks and Best Regards,
>>>>>> Andrej.
>>>>>> _______________________________________________
>>>>>> keycloak-user mailing list
>>>>>> keycloak-user(a)lists.jboss.org
>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>
>>>>>
>>>>
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user(a)lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>
>>
>>
>> _______________________________________________
>> keycloak-user mailing
listkeycloak-user@lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>>
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user(a)lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>
>
9:24 a.m.
Hi all,
1.) meantime I tried on keycloak-overlay-1.7.0.Final via
add-user-keycloak.sh script in wildfly domain mode create Admin user and I
got:
[root@keycloakoverlay /opt/wildfly/bin]$ ./add-user-keycloak.sh -u admin -p
admin
Added 'admin' to '
*/opt/wildfly/standalone/configuration/keycloak-add-user.json*', restart
server to load user
Is it correct, that user is created in standalone path?
----------------------------------------------------------------------------
2.) can I in version 1.7.0.Final create or replace Admin user for Master
realm with permanent password, which could be created automatically via
command line and not needed change password manually after first login?
Thanks,
Andrej.
On Thu, Mar 3, 2016 at 1:50 PM, Stian Thorgersen <sthorger(a)redhat.com>
wrote:
On 3 March 2016 at 13:48, Stan Silvert <ssilvert(a)redhat.com> wrote:
> On 3/3/2016 12:09 AM, Stian Thorgersen wrote:
>
> The standard add-user script adds WildFly users, we want the standard
> script to add Keycloak users. It's a Keycloak server after all.
>
> You still need WildFly users if you want to use CLI (remotely) or web
> console. As far as I know, we can't secure those things with Keycloak yet.
>
In the future we will secure it with Keycloak, in the mean time the
add-user has a '--container' option.
>
> There are workarounds, but I'm just saying, WildFly add-user.sh is a
> useful tool that we might want to still ship in some form until such time
> that CLI and web console is fully integrated with Keycloak.
>
>
> On 2 March 2016 at 20:00, Stan Silvert <ssilvert(a)redhat.com> wrote:
>
>> On 3/2/2016 1:50 PM, Stian Thorgersen wrote:
>>
>> Not a chance. In server dist we want to hide WildFly's add-user script.
>>
>> I could guess, but I have to ask, why?
>>
>>
>>
>> On 2 March 2016 at 14:12, Stan Silvert <ssilvert(a)redhat.com> wrote:
>>
>>> On 3/2/2016 7:02 AM, Stian Thorgersen wrote:
>>>
>>> In overlay the script should be add-user-keycloak. The overlay adds
>>> Keycloak server to an existing WildFly installation so we don't want to
>>> overwrite any existing files. I appreciate this may be confusing and
>>> inconsistent, but at the same time if we did overwrite people would
>>> probably complain about us overwriting the existing script.
>>>
>>> In the server dist this doesn't apply as the server is purely a
>>> Keycloak server, not a WildFly server.
>>>
>>> I guess the solution would be to make server dist consistent with
>>> overlay, so both are add-user-keycloak. Not sure how I feel about that.
>>>
>>>
>>>
>>>
>>> On 2 March 2016 at 11:10, Bruno Oliveira <bruno(a)abstractj.org> wrote:
>>>
>>>> I'm not sure if I follow your question but './add-user.sh -u
admin -p
>>>> admin' or './add-user.sh -u admin' should work.
>>>>
>>>> On Wed, Mar 2, 2016 at 7:03 AM Andrej Prievalsky
<ado.boj.83(a)gmail.com>
>>>> wrote:
>>>>
>>>>> Hi Bruno,
>>>>>
>>>>> thanks for answer.
>>>>> But from
>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>> and section: *...you can use the add-user script from the
>>>>> command-line.*
>>>>> is my question is how exactly should looks like command with
add-user
>>>>> script?
>>>>> Because in past we used this command: add-user.sh –container -u
>>>>> admin -p admin
>>>>>
>>>>> Andrej.
>>>>>
>>>>>
>>>>> On Wed, Mar 2, 2016 at 10:38 AM, Bruno Oliveira
<bruno(a)abstractj.org>
>>>>> wrote:
>>>>>
>>>>>> Hi Andrej, answers inline
>>>>>>
>>>>>> On Wed, Mar 2, 2016 at 6:13 AM Andrej Prievalsky <
>>>>>> ado.boj.83(a)gmail.com> wrote:
>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> I would like to summary information about How to add Admin
User -
>>>>>>> chapter 3.2.1.
>>>>>>>
>>>>>>> My questions are:
>>>>>>> 1.) From which version (including) is new concept, that there
is no
>>>>>>> built in user?
>>>>>>>
>>>>>>
>>>>>> 1.8.0 See:
>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/Migration_f...
>>>>>>
>>>>>>
>>>>>>> 2a.) What is exact command via add-user script (add-user.sh)
for
>>>>>>> create admin user ?
>>>>>>>
>>>>>>
>>>>>> See:
>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>
>>>>>>
>>>>>>> 2b.) Same question like in 2a, but in keycloak-overlay (
>>>>>>> add-user-keycloak.sh)?
>>>>>>>
>>>>>>
>>>>>> You are correct. Maybe this is an inconsistency to be fixed.
>>>>>>
>>>>>>>
>>>>>>> Thanks and Best Regards,
>>>>>>> Andrej.
>>>>>>> _______________________________________________
>>>>>>> keycloak-user mailing list
>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>
>>>>>>
>>>>>
>>>> _______________________________________________
>>>> keycloak-user mailing list
>>>> keycloak-user(a)lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> keycloak-user mailing
listkeycloak-user@lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>>
>>>
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user(a)lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>
>>
>>
>
>
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
12:18 p.m.
Please read the documentation it explains it all
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
On 3 March 2016 at 16:24, Andrej Prievalsky <ado.boj.83(a)gmail.com> wrote:
Hi all,
1.) meantime I tried on keycloak-overlay-1.7.0.Final via
add-user-keycloak.sh script in wildfly domain mode create Admin user and I
got:
[root@keycloakoverlay /opt/wildfly/bin]$ ./add-user-keycloak.sh -u admin
-p admin
Added 'admin' to '
*/opt/wildfly/standalone/configuration/keycloak-add-user.json*', restart
server to load user
Is it correct, that user is created in standalone path?
----------------------------------------------------------------------------
2.) can I in version 1.7.0.Final create or replace Admin user for Master
realm with permanent password, which could be created automatically via
command line and not needed change password manually after first login?
Thanks,
Andrej.
On Thu, Mar 3, 2016 at 1:50 PM, Stian Thorgersen <sthorger(a)redhat.com>
wrote:
>
>
> On 3 March 2016 at 13:48, Stan Silvert <ssilvert(a)redhat.com> wrote:
>
>> On 3/3/2016 12:09 AM, Stian Thorgersen wrote:
>>
>> The standard add-user script adds WildFly users, we want the standard
>> script to add Keycloak users. It's a Keycloak server after all.
>>
>> You still need WildFly users if you want to use CLI (remotely) or web
>> console. As far as I know, we can't secure those things with Keycloak yet.
>>
>
> In the future we will secure it with Keycloak, in the mean time the
> add-user has a '--container' option.
>
>
>>
>> There are workarounds, but I'm just saying, WildFly add-user.sh is a
>> useful tool that we might want to still ship in some form until such time
>> that CLI and web console is fully integrated with Keycloak.
>>
>>
>> On 2 March 2016 at 20:00, Stan Silvert <ssilvert(a)redhat.com> wrote:
>>
>>> On 3/2/2016 1:50 PM, Stian Thorgersen wrote:
>>>
>>> Not a chance. In server dist we want to hide WildFly's add-user script.
>>>
>>> I could guess, but I have to ask, why?
>>>
>>>
>>>
>>> On 2 March 2016 at 14:12, Stan Silvert <ssilvert(a)redhat.com> wrote:
>>>
>>>> On 3/2/2016 7:02 AM, Stian Thorgersen wrote:
>>>>
>>>> In overlay the script should be add-user-keycloak. The overlay adds
>>>> Keycloak server to an existing WildFly installation so we don't want
to
>>>> overwrite any existing files. I appreciate this may be confusing and
>>>> inconsistent, but at the same time if we did overwrite people would
>>>> probably complain about us overwriting the existing script.
>>>>
>>>> In the server dist this doesn't apply as the server is purely a
>>>> Keycloak server, not a WildFly server.
>>>>
>>>> I guess the solution would be to make server dist consistent with
>>>> overlay, so both are add-user-keycloak. Not sure how I feel about that.
>>>>
>>>>
>>>>
>>>>
>>>> On 2 March 2016 at 11:10, Bruno Oliveira <bruno(a)abstractj.org>
wrote:
>>>>
>>>>> I'm not sure if I follow your question but './add-user.sh -u
admin -p
>>>>> admin' or './add-user.sh -u admin' should work.
>>>>>
>>>>> On Wed, Mar 2, 2016 at 7:03 AM Andrej Prievalsky <
>>>>> ado.boj.83(a)gmail.com> wrote:
>>>>>
>>>>>> Hi Bruno,
>>>>>>
>>>>>> thanks for answer.
>>>>>> But from
>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>> and section: *...you can use the add-user script from the
>>>>>> command-line.*
>>>>>> is my question is how exactly should looks like command with
>>>>>> add-user script?
>>>>>> Because in past we used this command: add-user.sh –container -u
>>>>>> admin -p admin
>>>>>>
>>>>>> Andrej.
>>>>>>
>>>>>>
>>>>>> On Wed, Mar 2, 2016 at 10:38 AM, Bruno Oliveira
<bruno(a)abstractj.org
>>>>>> > wrote:
>>>>>>
>>>>>>> Hi Andrej, answers inline
>>>>>>>
>>>>>>> On Wed, Mar 2, 2016 at 6:13 AM Andrej Prievalsky <
>>>>>>> ado.boj.83(a)gmail.com> wrote:
>>>>>>>
>>>>>>>> Hi,
>>>>>>>>
>>>>>>>> I would like to summary information about How to add
Admin User -
>>>>>>>> chapter 3.2.1.
>>>>>>>>
>>>>>>>> My questions are:
>>>>>>>> 1.) From which version (including) is new concept, that
there is
>>>>>>>> no built in user?
>>>>>>>>
>>>>>>>
>>>>>>> 1.8.0 See:
>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/Migration_f...
>>>>>>>
>>>>>>>
>>>>>>>> 2a.) What is exact command via add-user script
(add-user.sh) for
>>>>>>>> create admin user ?
>>>>>>>>
>>>>>>>
>>>>>>> See:
>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>>
>>>>>>>
>>>>>>>> 2b.) Same question like in 2a, but in keycloak-overlay (
>>>>>>>> add-user-keycloak.sh)?
>>>>>>>>
>>>>>>>
>>>>>>> You are correct. Maybe this is an inconsistency to be fixed.
>>>>>>>
>>>>>>>>
>>>>>>>> Thanks and Best Regards,
>>>>>>>> Andrej.
>>>>>>>> _______________________________________________
>>>>>>>> keycloak-user mailing list
>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>
>>>>>>>
>>>>>>
>>>>> _______________________________________________
>>>>> keycloak-user mailing list
>>>>> keycloak-user(a)lists.jboss.org
>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> keycloak-user mailing
listkeycloak-user@lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> keycloak-user mailing list
>>>> keycloak-user(a)lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>
>>>
>>>
>>>
>>
>>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
7:43 a.m.
Hi All,
in setup Wildfly-10 in domain mode + keycloak-overlay-1.9.2.Final I tried
to create Admin User in two ways like in guide:
1.) via bin/add-user.[sh|bat] -r master -u <username> -p <password>
I got this ERROR:
*[sab@idm69 wildfly]$ ./bin/add-user.sh -r master -u admin -p tmo46713*
** Error **
*WFLYDM0065: The user supplied realm name 'master' does not match the realm
name discovered from the property file(s) 'ManagementRealm'.*
*Exception in thread "main"
org.jboss.as.domain.management.security.adduser.AddUserFailedException:
WFLYDM0065: The user supplied realm name 'master' does not match the realm
name discovered from the property file(s) 'ManagementRealm'.*
* at
org.jboss.as.domain.management.security.adduser.ErrorState.execute(ErrorState.java:72)*
* at
org.jboss.as.domain.management.security.adduser.AddUser.run(AddUser.java:130)*
* at
org.jboss.as.domain.management.security.adduser.AddUser.main(AddUser.java:223)*
* at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)*
* at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)*
* at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)*
* at java.lang.reflect.Method.invoke(Method.java:497)*
* at org.jboss.modules.Module.run(Module.java:329)*
* at org.jboss.modules.Main.main(Main.java:507)*
2.) via bin/add-user-keycloak.[sh|bat] -r master -u <username> -p <password>
User was created under standalone path.
Thanks and Best Regards
Andrej.
On Thu, Mar 3, 2016 at 7:18 PM, Stian Thorgersen <sthorger(a)redhat.com>
wrote:
Please read the documentation it explains it all
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
On 3 March 2016 at 16:24, Andrej Prievalsky <ado.boj.83(a)gmail.com> wrote:
> Hi all,
>
> 1.) meantime I tried on keycloak-overlay-1.7.0.Final via
> add-user-keycloak.sh script in wildfly domain mode create Admin user and I
> got:
>
> [root@keycloakoverlay /opt/wildfly/bin]$ ./add-user-keycloak.sh -u admin
> -p admin
> Added 'admin' to '
> */opt/wildfly/standalone/configuration/keycloak-add-user.json*', restart
> server to load user
>
> Is it correct, that user is created in standalone path?
>
>
> ----------------------------------------------------------------------------
>
> 2.) can I in version 1.7.0.Final create or replace Admin user for Master
> realm with permanent password, which could be created automatically via
> command line and not needed change password manually after first login?
>
> Thanks,
> Andrej.
>
>
> On Thu, Mar 3, 2016 at 1:50 PM, Stian Thorgersen <sthorger(a)redhat.com>
> wrote:
>
>>
>>
>> On 3 March 2016 at 13:48, Stan Silvert <ssilvert(a)redhat.com> wrote:
>>
>>> On 3/3/2016 12:09 AM, Stian Thorgersen wrote:
>>>
>>> The standard add-user script adds WildFly users, we want the standard
>>> script to add Keycloak users. It's a Keycloak server after all.
>>>
>>> You still need WildFly users if you want to use CLI (remotely) or web
>>> console. As far as I know, we can't secure those things with Keycloak
yet.
>>>
>>
>> In the future we will secure it with Keycloak, in the mean time the
>> add-user has a '--container' option.
>>
>>
>>>
>>> There are workarounds, but I'm just saying, WildFly add-user.sh is a
>>> useful tool that we might want to still ship in some form until such time
>>> that CLI and web console is fully integrated with Keycloak.
>>>
>>>
>>> On 2 March 2016 at 20:00, Stan Silvert <ssilvert(a)redhat.com> wrote:
>>>
>>>> On 3/2/2016 1:50 PM, Stian Thorgersen wrote:
>>>>
>>>> Not a chance. In server dist we want to hide WildFly's add-user
script.
>>>>
>>>> I could guess, but I have to ask, why?
>>>>
>>>>
>>>>
>>>> On 2 March 2016 at 14:12, Stan Silvert <ssilvert(a)redhat.com>
wrote:
>>>>
>>>>> On 3/2/2016 7:02 AM, Stian Thorgersen wrote:
>>>>>
>>>>> In overlay the script should be add-user-keycloak. The overlay adds
>>>>> Keycloak server to an existing WildFly installation so we don't
want to
>>>>> overwrite any existing files. I appreciate this may be confusing and
>>>>> inconsistent, but at the same time if we did overwrite people would
>>>>> probably complain about us overwriting the existing script.
>>>>>
>>>>> In the server dist this doesn't apply as the server is purely a
>>>>> Keycloak server, not a WildFly server.
>>>>>
>>>>> I guess the solution would be to make server dist consistent with
>>>>> overlay, so both are add-user-keycloak. Not sure how I feel about
that.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On 2 March 2016 at 11:10, Bruno Oliveira <bruno(a)abstractj.org>
wrote:
>>>>>
>>>>>> I'm not sure if I follow your question but './add-user.sh
-u admin
>>>>>> -p admin' or './add-user.sh -u admin' should work.
>>>>>>
>>>>>> On Wed, Mar 2, 2016 at 7:03 AM Andrej Prievalsky <
>>>>>> ado.boj.83(a)gmail.com> wrote:
>>>>>>
>>>>>>> Hi Bruno,
>>>>>>>
>>>>>>> thanks for answer.
>>>>>>> But from
>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>> and section: *...you can use the add-user script from the
>>>>>>> command-line.*
>>>>>>> is my question is how exactly should looks like command with
>>>>>>> add-user script?
>>>>>>> Because in past we used this command: add-user.sh –container
-u
>>>>>>> admin -p admin
>>>>>>>
>>>>>>> Andrej.
>>>>>>>
>>>>>>>
>>>>>>> On Wed, Mar 2, 2016 at 10:38 AM, Bruno Oliveira <
>>>>>>> bruno(a)abstractj.org> wrote:
>>>>>>>
>>>>>>>> Hi Andrej, answers inline
>>>>>>>>
>>>>>>>> On Wed, Mar 2, 2016 at 6:13 AM Andrej Prievalsky <
>>>>>>>> ado.boj.83(a)gmail.com> wrote:
>>>>>>>>
>>>>>>>>> Hi,
>>>>>>>>>
>>>>>>>>> I would like to summary information about How to add
Admin User -
>>>>>>>>> chapter 3.2.1.
>>>>>>>>>
>>>>>>>>> My questions are:
>>>>>>>>> 1.) From which version (including) is new concept,
that there is
>>>>>>>>> no built in user?
>>>>>>>>>
>>>>>>>>
>>>>>>>> 1.8.0 See:
>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/Migration_f...
>>>>>>>>
>>>>>>>>
>>>>>>>>> 2a.) What is exact command via add-user script
(add-user.sh) for
>>>>>>>>> create admin user ?
>>>>>>>>>
>>>>>>>>
>>>>>>>> See:
>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>>>
>>>>>>>>
>>>>>>>>> 2b.) Same question like in 2a, but in
keycloak-overlay (
>>>>>>>>> add-user-keycloak.sh)?
>>>>>>>>>
>>>>>>>>
>>>>>>>> You are correct. Maybe this is an inconsistency to be
fixed.
>>>>>>>>
>>>>>>>>>
>>>>>>>>> Thanks and Best Regards,
>>>>>>>>> Andrej.
>>>>>>>>> _______________________________________________
>>>>>>>>> keycloak-user mailing list
>>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>> _______________________________________________
>>>>>> keycloak-user mailing list
>>>>>> keycloak-user(a)lists.jboss.org
>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> keycloak-user mailing
listkeycloak-user@lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> keycloak-user mailing list
>>>>> keycloak-user(a)lists.jboss.org
>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user(a)lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>
8:25 a.m.
With server overlay use add-user-keycloak and restart the server
On 15 April 2016 at 14:43, Andrej Prievalsky <ado.boj.83(a)gmail.com> wrote:
Hi All,
in setup Wildfly-10 in domain mode + keycloak-overlay-1.9.2.Final I tried
to create Admin User in two ways like in guide:
1.) via bin/add-user.[sh|bat] -r master -u <username> -p <password>
I got this ERROR:
*[sab@idm69 wildfly]$ ./bin/add-user.sh -r master -u admin -p tmo46713*
** Error **
*WFLYDM0065: The user supplied realm name 'master' does not match the
realm name discovered from the property file(s) 'ManagementRealm'.*
*Exception in thread "main"
org.jboss.as.domain.management.security.adduser.AddUserFailedException:
WFLYDM0065: The user supplied realm name 'master' does not match the realm
name discovered from the property file(s) 'ManagementRealm'.*
* at
org.jboss.as.domain.management.security.adduser.ErrorState.execute(ErrorState.java:72)*
* at
org.jboss.as.domain.management.security.adduser.AddUser.run(AddUser.java:130)*
* at
org.jboss.as.domain.management.security.adduser.AddUser.main(AddUser.java:223)*
* at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)*
* at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)*
* at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)*
* at java.lang.reflect.Method.invoke(Method.java:497)*
* at org.jboss.modules.Module.run(Module.java:329)*
* at org.jboss.modules.Main.main(Main.java:507)*
2.) via bin/add-user-keycloak.[sh|bat] -r master -u <username> -p
<password>
User was created under standalone path.
Thanks and Best Regards
Andrej.
On Thu, Mar 3, 2016 at 7:18 PM, Stian Thorgersen <sthorger(a)redhat.com>
wrote:
> Please read the documentation it explains it all
>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>
> On 3 March 2016 at 16:24, Andrej Prievalsky <ado.boj.83(a)gmail.com> wrote:
>
>> Hi all,
>>
>> 1.) meantime I tried on keycloak-overlay-1.7.0.Final via
>> add-user-keycloak.sh script in wildfly domain mode create Admin user and I
>> got:
>>
>> [root@keycloakoverlay /opt/wildfly/bin]$ ./add-user-keycloak.sh -u
>> admin -p admin
>> Added 'admin' to '
>> */opt/wildfly/standalone/configuration/keycloak-add-user.json*',
>> restart server to load user
>>
>> Is it correct, that user is created in standalone path?
>>
>>
>> ----------------------------------------------------------------------------
>>
>> 2.) can I in version 1.7.0.Final create or replace Admin user for Master
>> realm with permanent password, which could be created automatically via
>> command line and not needed change password manually after first login?
>>
>> Thanks,
>> Andrej.
>>
>>
>> On Thu, Mar 3, 2016 at 1:50 PM, Stian Thorgersen <sthorger(a)redhat.com>
>> wrote:
>>
>>>
>>>
>>> On 3 March 2016 at 13:48, Stan Silvert <ssilvert(a)redhat.com> wrote:
>>>
>>>> On 3/3/2016 12:09 AM, Stian Thorgersen wrote:
>>>>
>>>> The standard add-user script adds WildFly users, we want the standard
>>>> script to add Keycloak users. It's a Keycloak server after all.
>>>>
>>>> You still need WildFly users if you want to use CLI (remotely) or web
>>>> console. As far as I know, we can't secure those things with
Keycloak yet.
>>>>
>>>
>>> In the future we will secure it with Keycloak, in the mean time the
>>> add-user has a '--container' option.
>>>
>>>
>>>>
>>>> There are workarounds, but I'm just saying, WildFly add-user.sh is a
>>>> useful tool that we might want to still ship in some form until such
time
>>>> that CLI and web console is fully integrated with Keycloak.
>>>>
>>>>
>>>> On 2 March 2016 at 20:00, Stan Silvert <ssilvert(a)redhat.com>
wrote:
>>>>
>>>>> On 3/2/2016 1:50 PM, Stian Thorgersen wrote:
>>>>>
>>>>> Not a chance. In server dist we want to hide WildFly's add-user
>>>>> script.
>>>>>
>>>>> I could guess, but I have to ask, why?
>>>>>
>>>>>
>>>>>
>>>>> On 2 March 2016 at 14:12, Stan Silvert <ssilvert(a)redhat.com>
wrote:
>>>>>
>>>>>> On 3/2/2016 7:02 AM, Stian Thorgersen wrote:
>>>>>>
>>>>>> In overlay the script should be add-user-keycloak. The overlay
adds
>>>>>> Keycloak server to an existing WildFly installation so we
don't want to
>>>>>> overwrite any existing files. I appreciate this may be confusing
and
>>>>>> inconsistent, but at the same time if we did overwrite people
would
>>>>>> probably complain about us overwriting the existing script.
>>>>>>
>>>>>> In the server dist this doesn't apply as the server is purely
a
>>>>>> Keycloak server, not a WildFly server.
>>>>>>
>>>>>> I guess the solution would be to make server dist consistent
with
>>>>>> overlay, so both are add-user-keycloak. Not sure how I feel
about that.
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On 2 March 2016 at 11:10, Bruno Oliveira
<bruno(a)abstractj.org>
>>>>>> wrote:
>>>>>>
>>>>>>> I'm not sure if I follow your question but
'./add-user.sh -u admin
>>>>>>> -p admin' or './add-user.sh -u admin' should
work.
>>>>>>>
>>>>>>> On Wed, Mar 2, 2016 at 7:03 AM Andrej Prievalsky <
>>>>>>> ado.boj.83(a)gmail.com> wrote:
>>>>>>>
>>>>>>>> Hi Bruno,
>>>>>>>>
>>>>>>>> thanks for answer.
>>>>>>>> But from
>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>>> and section: *...you can use the add-user script from
the
>>>>>>>> command-line.*
>>>>>>>> is my question is how exactly should looks like command
with
>>>>>>>> add-user script?
>>>>>>>> Because in past we used this command: add-user.sh
–container -u
>>>>>>>> admin -p admin
>>>>>>>>
>>>>>>>> Andrej.
>>>>>>>>
>>>>>>>>
>>>>>>>> On Wed, Mar 2, 2016 at 10:38 AM, Bruno Oliveira <
>>>>>>>> bruno(a)abstractj.org> wrote:
>>>>>>>>
>>>>>>>>> Hi Andrej, answers inline
>>>>>>>>>
>>>>>>>>> On Wed, Mar 2, 2016 at 6:13 AM Andrej Prievalsky
<
>>>>>>>>> ado.boj.83(a)gmail.com> wrote:
>>>>>>>>>
>>>>>>>>>> Hi,
>>>>>>>>>>
>>>>>>>>>> I would like to summary information about How to
add Admin User
>>>>>>>>>> - chapter 3.2.1.
>>>>>>>>>>
>>>>>>>>>> My questions are:
>>>>>>>>>> 1.) From which version (including) is new
concept, that there is
>>>>>>>>>> no built in user?
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>> 1.8.0 See:
>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/Migration_f...
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>> 2a.) What is exact command via add-user script
(add-user.sh) for
>>>>>>>>>> create admin user ?
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>> See:
>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>> 2b.) Same question like in 2a, but in
keycloak-overlay (
>>>>>>>>>> add-user-keycloak.sh)?
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>> You are correct. Maybe this is an inconsistency to be
fixed.
>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Thanks and Best Regards,
>>>>>>>>>> Andrej.
>>>>>>>>>> _______________________________________________
>>>>>>>>>> keycloak-user mailing list
>>>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> keycloak-user mailing list
>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> keycloak-user mailing
listkeycloak-user@lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> keycloak-user mailing list
>>>>>> keycloak-user(a)lists.jboss.org
>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user(a)lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>
>>
>
3:04 a.m.
OK, but when we created user with add-user-keycloak.sh:
[sab@idm69 wildfly]$ ./bin/add-user-keycloak.sh -r master -u admin -p admin
Added 'admin' to
'/opt/wildfly/standalone/configuration/keycloak-add-user.json', restart
server to load user
After restart server, we can't login with admin user and password admin.
We got Error message: Invalid username or password.
Can be problem on your side or in our setup and configuration?
On Fri, Apr 15, 2016 at 3:25 PM, Stian Thorgersen <sthorger(a)redhat.com>
wrote:
With server overlay use add-user-keycloak and restart the server
On 15 April 2016 at 14:43, Andrej Prievalsky <ado.boj.83(a)gmail.com> wrote:
> Hi All,
>
> in setup Wildfly-10 in domain mode + keycloak-overlay-1.9.2.Final I tried
> to create Admin User in two ways like in guide:
>
> 1.) via bin/add-user.[sh|bat] -r master -u <username> -p <password>
> I got this ERROR:
>
> *[sab@idm69 wildfly]$ ./bin/add-user.sh -r master -u admin -p tmo46713*
>
>
>
> ** Error **
>
> *WFLYDM0065: The user supplied realm name 'master' does not match the
> realm name discovered from the property file(s) 'ManagementRealm'.*
>
>
>
> *Exception in thread "main"
> org.jboss.as.domain.management.security.adduser.AddUserFailedException:
> WFLYDM0065: The user supplied realm name 'master' does not match the realm
> name discovered from the property file(s) 'ManagementRealm'.*
>
> * at
>
org.jboss.as.domain.management.security.adduser.ErrorState.execute(ErrorState.java:72)*
>
> * at
> org.jboss.as.domain.management.security.adduser.AddUser.run(AddUser.java:130)*
>
> * at
> org.jboss.as.domain.management.security.adduser.AddUser.main(AddUser.java:223)*
>
> * at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)*
>
> * at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)*
>
> * at
>
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)*
>
> * at java.lang.reflect.Method.invoke(Method.java:497)*
>
> * at org.jboss.modules.Module.run(Module.java:329)*
>
> * at org.jboss.modules.Main.main(Main.java:507)*
>
>
> 2.) via bin/add-user-keycloak.[sh|bat] -r master -u <username> -p
> <password>
>
> User was created under standalone path.
>
>
> Thanks and Best Regards
>
> Andrej.
>
>
>
> On Thu, Mar 3, 2016 at 7:18 PM, Stian Thorgersen <sthorger(a)redhat.com>
> wrote:
>
>> Please read the documentation it explains it all
>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>
>> On 3 March 2016 at 16:24, Andrej Prievalsky <ado.boj.83(a)gmail.com>
>> wrote:
>>
>>> Hi all,
>>>
>>> 1.) meantime I tried on keycloak-overlay-1.7.0.Final via
>>> add-user-keycloak.sh script in wildfly domain mode create Admin user and I
>>> got:
>>>
>>> [root@keycloakoverlay /opt/wildfly/bin]$ ./add-user-keycloak.sh -u
>>> admin -p admin
>>> Added 'admin' to '
>>> */opt/wildfly/standalone/configuration/keycloak-add-user.json*',
>>> restart server to load user
>>>
>>> Is it correct, that user is created in standalone path?
>>>
>>>
>>> ----------------------------------------------------------------------------
>>>
>>> 2.) can I in version 1.7.0.Final create or replace Admin user for
>>> Master realm with permanent password, which could be created automatically
>>> via command line and not needed change password manually after first login?
>>>
>>> Thanks,
>>> Andrej.
>>>
>>>
>>> On Thu, Mar 3, 2016 at 1:50 PM, Stian Thorgersen <sthorger(a)redhat.com>
>>> wrote:
>>>
>>>>
>>>>
>>>> On 3 March 2016 at 13:48, Stan Silvert <ssilvert(a)redhat.com>
wrote:
>>>>
>>>>> On 3/3/2016 12:09 AM, Stian Thorgersen wrote:
>>>>>
>>>>> The standard add-user script adds WildFly users, we want the
standard
>>>>> script to add Keycloak users. It's a Keycloak server after all.
>>>>>
>>>>> You still need WildFly users if you want to use CLI (remotely) or
web
>>>>> console. As far as I know, we can't secure those things with
Keycloak yet.
>>>>>
>>>>
>>>> In the future we will secure it with Keycloak, in the mean time the
>>>> add-user has a '--container' option.
>>>>
>>>>
>>>>>
>>>>> There are workarounds, but I'm just saying, WildFly add-user.sh
is a
>>>>> useful tool that we might want to still ship in some form until such
time
>>>>> that CLI and web console is fully integrated with Keycloak.
>>>>>
>>>>>
>>>>> On 2 March 2016 at 20:00, Stan Silvert <ssilvert(a)redhat.com>
wrote:
>>>>>
>>>>>> On 3/2/2016 1:50 PM, Stian Thorgersen wrote:
>>>>>>
>>>>>> Not a chance. In server dist we want to hide WildFly's
add-user
>>>>>> script.
>>>>>>
>>>>>> I could guess, but I have to ask, why?
>>>>>>
>>>>>>
>>>>>>
>>>>>> On 2 March 2016 at 14:12, Stan Silvert
<ssilvert(a)redhat.com> wrote:
>>>>>>
>>>>>>> On 3/2/2016 7:02 AM, Stian Thorgersen wrote:
>>>>>>>
>>>>>>> In overlay the script should be add-user-keycloak. The
overlay adds
>>>>>>> Keycloak server to an existing WildFly installation so we
don't want to
>>>>>>> overwrite any existing files. I appreciate this may be
confusing and
>>>>>>> inconsistent, but at the same time if we did overwrite people
would
>>>>>>> probably complain about us overwriting the existing script.
>>>>>>>
>>>>>>> In the server dist this doesn't apply as the server is
purely a
>>>>>>> Keycloak server, not a WildFly server.
>>>>>>>
>>>>>>> I guess the solution would be to make server dist consistent
with
>>>>>>> overlay, so both are add-user-keycloak. Not sure how I feel
about that.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On 2 March 2016 at 11:10, Bruno Oliveira
<bruno(a)abstractj.org>
>>>>>>> wrote:
>>>>>>>
>>>>>>>> I'm not sure if I follow your question but
'./add-user.sh -u admin
>>>>>>>> -p admin' or './add-user.sh -u admin' should
work.
>>>>>>>>
>>>>>>>> On Wed, Mar 2, 2016 at 7:03 AM Andrej Prievalsky <
>>>>>>>> ado.boj.83(a)gmail.com> wrote:
>>>>>>>>
>>>>>>>>> Hi Bruno,
>>>>>>>>>
>>>>>>>>> thanks for answer.
>>>>>>>>> But from
>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>>>> and section: *...you can use the add-user script from
the
>>>>>>>>> command-line.*
>>>>>>>>> is my question is how exactly should looks like
command with
>>>>>>>>> add-user script?
>>>>>>>>> Because in past we used this command: add-user.sh
–container -u
>>>>>>>>> admin -p admin
>>>>>>>>>
>>>>>>>>> Andrej.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Wed, Mar 2, 2016 at 10:38 AM, Bruno Oliveira <
>>>>>>>>> bruno(a)abstractj.org> wrote:
>>>>>>>>>
>>>>>>>>>> Hi Andrej, answers inline
>>>>>>>>>>
>>>>>>>>>> On Wed, Mar 2, 2016 at 6:13 AM Andrej Prievalsky
<
>>>>>>>>>> ado.boj.83(a)gmail.com> wrote:
>>>>>>>>>>
>>>>>>>>>>> Hi,
>>>>>>>>>>>
>>>>>>>>>>> I would like to summary information about How
to add Admin User
>>>>>>>>>>> - chapter 3.2.1.
>>>>>>>>>>>
>>>>>>>>>>> My questions are:
>>>>>>>>>>> 1.) From which version (including) is new
concept, that there
>>>>>>>>>>> is no built in user?
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> 1.8.0 See:
>>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/Migration_f...
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>> 2a.) What is exact command via add-user
script (add-user.sh) for
>>>>>>>>>>> create admin user ?
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> See:
>>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>> 2b.) Same question like in 2a, but in
keycloak-overlay (
>>>>>>>>>>> add-user-keycloak.sh)?
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> You are correct. Maybe this is an inconsistency
to be fixed.
>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Thanks and Best Regards,
>>>>>>>>>>> Andrej.
>>>>>>>>>>>
_______________________________________________
>>>>>>>>>>> keycloak-user mailing list
>>>>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> keycloak-user mailing list
>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> keycloak-user mailing
listkeycloak-user@lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> keycloak-user mailing list
>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>
>>>> _______________________________________________
>>>> keycloak-user mailing list
>>>> keycloak-user(a)lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>
>>>
>>>
>>
>
5:35 a.m.
I suggest to try again against clean environment (database). Are you
using default H2 database? If so, you can just delete directory
/opt/wildfly/standalone/data. Then you can start again and admin user
from '/opt/wildfly/standalone/configuration/keycloak-add-user.json'
should be correctly imported and you should be able to login.
Marek
On 18/04/16 10:04, Andrej Prievalsky wrote:
OK, but when we created user with add-user-keycloak.sh:
[sab@idm69 wildfly]$ ./bin/add-user-keycloak.sh -r master -u admin -p
admin
Added 'admin' to
'/opt/wildfly/standalone/configuration/keycloak-add-user.json',
restart server to load user
After restart server, we can't login with admin user and password admin.
We got Error message: Invalid username or password.
Can be problem on your side or in our setup and configuration?
On Fri, Apr 15, 2016 at 3:25 PM, Stian Thorgersen <sthorger(a)redhat.com
<mailto:sthorger@redhat.com>> wrote:
With server overlay use add-user-keycloak and restart the server
On 15 April 2016 at 14:43, Andrej Prievalsky <ado.boj.83(a)gmail.com
<mailto:ado.boj.83@gmail.com>> wrote:
Hi All,
in setup Wildfly-10 in domain mode +
keycloak-overlay-1.9.2.Final I tried to create Admin User in
two ways like in guide:
1.) via bin/add-user.[sh|bat] -r master -u <username> -p
<password>
I got this ERROR:
/[sab@idm69 wildfly]$ ./bin/add-user.sh -r master -u admin -p
tmo46713/
//
/* Error */
/WFLYDM0065: The user supplied realm name 'master' does not
match the realm name discovered from the property file(s)
'ManagementRealm'./
//
/Exception in thread "main"
org.jboss.as.domain.management.security.adduser.AddUserFailedException:
WFLYDM0065: The user supplied realm name 'master' does not
match the realm name discovered from the property file(s)
'ManagementRealm'./
/ at
org.jboss.as.domain.management.security.adduser.ErrorState.execute(ErrorState.java:72)/
/ at
org.jboss.as.domain.management.security.adduser.AddUser.run(AddUser.java:130)/
/ at
org.jboss.as.domain.management.security.adduser.AddUser.main(AddUser.java:223)/
/ at
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)/
/ at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)/
/ at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)/
/ at java.lang.reflect.Method.invoke(Method.java:497)/
/ at org.jboss.modules.Module.run(Module.java:329)/
/ at org.jboss.modules.Main.main(Main.java:507)/
/
/
2.) via bin/add-user-keycloak.[sh|bat] -r master -u <username>
-p <password>
User was created under standalone path.
Thanks and Best Regards
Andrej.
On Thu, Mar 3, 2016 at 7:18 PM, Stian Thorgersen
<sthorger(a)redhat.com <mailto:sthorger@redhat.com>> wrote:
Please read the documentation it explains it all
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
On 3 March 2016 at 16:24, Andrej Prievalsky
<ado.boj.83(a)gmail.com <mailto:ado.boj.83@gmail.com>> wrote:
Hi all,
1.) meantime I tried on keycloak-overlay-1.7.0.Final
via add-user-keycloak.sh script in wildfly domain mode
create Admin user and I got:
[root@keycloakoverlay /opt/wildfly/bin]$
./add-user-keycloak.sh -u admin -p admin
Added 'admin' to
'*/opt/wildfly/standalone/configuration/keycloak-add-user.json*',
restart server to load user
Is it correct, that user is created in standalone path?
----------------------------------------------------------------------------
2.) can I in version 1.7.0.Final create or replace
Admin user for Master realm with permanent password,
which could be created automatically via command line
and not needed change password manually after first login?
Thanks,
Andrej.
On Thu, Mar 3, 2016 at 1:50 PM, Stian Thorgersen
<sthorger(a)redhat.com <mailto:sthorger@redhat.com>> wrote:
On 3 March 2016 at 13:48, Stan Silvert
<ssilvert(a)redhat.com <mailto:ssilvert@redhat.com>>
wrote:
On 3/3/2016 12:09 AM, Stian Thorgersen wrote:
> The standard add-user script adds WildFly
> users, we want the standard script to add
> Keycloak users. It's a Keycloak server after all.
You still need WildFly users if you want to
use CLI (remotely) or web console. As far as I
know, we can't secure those things with
Keycloak yet.
In the future we will secure it with Keycloak, in
the mean time the add-user has a '--container' option.
There are workarounds, but I'm just saying,
WildFly add-user.sh is a useful tool that we
might want to still ship in some form until
such time that CLI and web console is fully
integrated with Keycloak.
>
> On 2 March 2016 at 20:00, Stan Silvert
> <ssilvert(a)redhat.com
> <mailto:ssilvert@redhat.com>> wrote:
>
> On 3/2/2016 1:50 PM, Stian Thorgersen wrote:
>> Not a chance. In server dist we want to
>> hide WildFly's add-user script.
> I could guess, but I have to ask, why?
>
>
>>
>> On 2 March 2016 at 14:12, Stan Silvert
>> <ssilvert(a)redhat.com
>> <mailto:ssilvert@redhat.com>> wrote:
>>
>> On 3/2/2016 7:02 AM, Stian
>> Thorgersen wrote:
>>> In overlay the script should be
>>> add-user-keycloak. The overlay adds
>>> Keycloak server to an existing
>>> WildFly installation so we don't
>>> want to overwrite any existing
>>> files. I appreciate this may be
>>> confusing and inconsistent, but at
>>> the same time if we did overwrite
>>> people would probably complain
>>> about us overwriting the existing
>>> script.
>>>
>>> In the server dist this doesn't
>>> apply as the server is purely a
>>> Keycloak server, not a WildFly server.
>> I guess the solution would be to
>> make server dist consistent with
>> overlay, so both are
>> add-user-keycloak. Not sure how I
>> feel about that.
>>
>>
>>
>>>
>>> On 2 March 2016 at 11:10, Bruno
>>> Oliveira <bruno(a)abstractj.org
>>> <mailto:bruno@abstractj.org>>
wrote:
>>>
>>> I'm not sure if I follow your
>>> question but './add-user.sh -u
>>> admin -p admin' or
>>> './add-user.sh -u admin' should
>>> work.
>>>
>>> On Wed, Mar 2, 2016 at 7:03 AM
>>> Andrej Prievalsky
>>> <ado.boj.83(a)gmail.com
>>> <mailto:ado.boj.83@gmail.com>>
>>> wrote:
>>>
>>> Hi Bruno,
>>>
>>> thanks for answer.
>>> But from
>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>> and section: *...you can
>>> use the add-user script
>>> from the command-line.*
>>> is my question is how
>>> exactly should looks like
>>> command with add-user script?
>>> Because in past we used
>>> this command: add-user.sh
>>> –container -u admin -p admin
>>>
>>> Andrej.
>>>
>>>
>>> On Wed, Mar 2, 2016 at
>>> 10:38 AM, Bruno Oliveira
>>> <bruno(a)abstractj.org
>>>
<mailto:bruno@abstractj.org>>
>>> wrote:
>>>
>>> Hi Andrej, answers inline
>>>
>>> On Wed, Mar 2, 2016 at
>>> 6:13 AM Andrej
>>> Prievalsky
>>> <ado.boj.83(a)gmail.com
>>>
<mailto:ado.boj.83@gmail.com>>
>>> wrote:
>>>
>>> Hi,
>>>
>>> I would like to
>>> summary information
>>> about How to add
>>> Admin User -
>>> chapter 3.2.1.
>>>
>>> My questions are:
>>> 1.) From which
>>> version (including)
>>> is new concept,
>>> that there is no
>>> built in user?
>>>
>>>
>>> 1.8.0 See:
>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/Migration_f...
>>>
>>> 2a.) What is exact
>>> command via
>>> add-user script
>>> (add-user.sh) for
>>> create admin user ?
>>>
>>>
>>> See:
>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>
>>> 2b.) Same question
>>> like in 2a, but in
>>> keycloak-overlay
>>> (add-user-keycloak.sh)?
>>>
>>>
>>> You are correct. Maybe
>>> this is an
>>> inconsistency to be fixed.
>>>
>>>
>>> Thanks and Best
>>> Regards,
>>> Andrej.
>>>
_______________________________________________
>>> keycloak-user
>>> mailing list
>>>
keycloak-user(a)lists.jboss.org
>>>
<mailto:keycloak-user@lists.jboss.org>
>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>>
>>>
>>>
_______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user(a)lists.jboss.org
>>>
<mailto:keycloak-user@lists.jboss.org>
>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>>
>>>
>>>
>>>
_______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user(a)lists.jboss.org
>>> <mailto:keycloak-user@lists.jboss.org>
>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user(a)lists.jboss.org
>> <mailto:keycloak-user@lists.jboss.org>
>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>>
>
>
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
<mailto:keycloak-user@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
6:59 a.m.
Just to confirm are you trying to login to Keycloak admin console or
WildFly console?
On 18 April 2016 at 10:04, Andrej Prievalsky <ado.boj.83(a)gmail.com> wrote:
OK, but when we created user with add-user-keycloak.sh:
[sab@idm69 wildfly]$ ./bin/add-user-keycloak.sh -r master -u admin -p
admin
Added 'admin' to
'/opt/wildfly/standalone/configuration/keycloak-add-user.json', restart
server to load user
After restart server, we can't login with admin user and password admin.
We got Error message: Invalid username or password.
Can be problem on your side or in our setup and configuration?
On Fri, Apr 15, 2016 at 3:25 PM, Stian Thorgersen <sthorger(a)redhat.com>
wrote:
> With server overlay use add-user-keycloak and restart the server
>
> On 15 April 2016 at 14:43, Andrej Prievalsky <ado.boj.83(a)gmail.com>
> wrote:
>
>> Hi All,
>>
>> in setup Wildfly-10 in domain mode + keycloak-overlay-1.9.2.Final I
>> tried to create Admin User in two ways like in guide:
>>
>> 1.) via bin/add-user.[sh|bat] -r master -u <username> -p <password>
>> I got this ERROR:
>>
>> *[sab@idm69 wildfly]$ ./bin/add-user.sh -r master -u admin -p tmo46713*
>>
>>
>>
>> ** Error **
>>
>> *WFLYDM0065: The user supplied realm name 'master' does not match the
>> realm name discovered from the property file(s) 'ManagementRealm'.*
>>
>>
>>
>> *Exception in thread "main"
>> org.jboss.as.domain.management.security.adduser.AddUserFailedException:
>> WFLYDM0065: The user supplied realm name 'master' does not match the
realm
>> name discovered from the property file(s) 'ManagementRealm'.*
>>
>> * at
>>
org.jboss.as.domain.management.security.adduser.ErrorState.execute(ErrorState.java:72)*
>>
>> * at
>> org.jboss.as.domain.management.security.adduser.AddUser.run(AddUser.java:130)*
>>
>> * at
>> org.jboss.as.domain.management.security.adduser.AddUser.main(AddUser.java:223)*
>>
>> * at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)*
>>
>> * at
>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)*
>>
>> * at
>>
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)*
>>
>> * at java.lang.reflect.Method.invoke(Method.java:497)*
>>
>> * at org.jboss.modules.Module.run(Module.java:329)*
>>
>> * at org.jboss.modules.Main.main(Main.java:507)*
>>
>>
>> 2.) via bin/add-user-keycloak.[sh|bat] -r master -u <username> -p
>> <password>
>>
>> User was created under standalone path.
>>
>>
>> Thanks and Best Regards
>>
>> Andrej.
>>
>>
>>
>> On Thu, Mar 3, 2016 at 7:18 PM, Stian Thorgersen <sthorger(a)redhat.com>
>> wrote:
>>
>>> Please read the documentation it explains it all
>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>
>>> On 3 March 2016 at 16:24, Andrej Prievalsky <ado.boj.83(a)gmail.com>
>>> wrote:
>>>
>>>> Hi all,
>>>>
>>>> 1.) meantime I tried on keycloak-overlay-1.7.0.Final via
>>>> add-user-keycloak.sh script in wildfly domain mode create Admin user and
I
>>>> got:
>>>>
>>>> [root@keycloakoverlay /opt/wildfly/bin]$ ./add-user-keycloak.sh -u
>>>> admin -p admin
>>>> Added 'admin' to '
>>>> */opt/wildfly/standalone/configuration/keycloak-add-user.json*',
>>>> restart server to load user
>>>>
>>>> Is it correct, that user is created in standalone path?
>>>>
>>>>
>>>>
----------------------------------------------------------------------------
>>>>
>>>> 2.) can I in version 1.7.0.Final create or replace Admin user for
>>>> Master realm with permanent password, which could be created
automatically
>>>> via command line and not needed change password manually after first
login?
>>>>
>>>> Thanks,
>>>> Andrej.
>>>>
>>>>
>>>> On Thu, Mar 3, 2016 at 1:50 PM, Stian Thorgersen
<sthorger(a)redhat.com>
>>>> wrote:
>>>>
>>>>>
>>>>>
>>>>> On 3 March 2016 at 13:48, Stan Silvert <ssilvert(a)redhat.com>
wrote:
>>>>>
>>>>>> On 3/3/2016 12:09 AM, Stian Thorgersen wrote:
>>>>>>
>>>>>> The standard add-user script adds WildFly users, we want the
>>>>>> standard script to add Keycloak users. It's a Keycloak server
after all.
>>>>>>
>>>>>> You still need WildFly users if you want to use CLI (remotely)
or
>>>>>> web console. As far as I know, we can't secure those things
with Keycloak
>>>>>> yet.
>>>>>>
>>>>>
>>>>> In the future we will secure it with Keycloak, in the mean time the
>>>>> add-user has a '--container' option.
>>>>>
>>>>>
>>>>>>
>>>>>> There are workarounds, but I'm just saying, WildFly
add-user.sh is a
>>>>>> useful tool that we might want to still ship in some form until
such time
>>>>>> that CLI and web console is fully integrated with Keycloak.
>>>>>>
>>>>>>
>>>>>> On 2 March 2016 at 20:00, Stan Silvert
<ssilvert(a)redhat.com> wrote:
>>>>>>
>>>>>>> On 3/2/2016 1:50 PM, Stian Thorgersen wrote:
>>>>>>>
>>>>>>> Not a chance. In server dist we want to hide WildFly's
add-user
>>>>>>> script.
>>>>>>>
>>>>>>> I could guess, but I have to ask, why?
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On 2 March 2016 at 14:12, Stan Silvert
<ssilvert(a)redhat.com> wrote:
>>>>>>>
>>>>>>>> On 3/2/2016 7:02 AM, Stian Thorgersen wrote:
>>>>>>>>
>>>>>>>> In overlay the script should be add-user-keycloak. The
overlay
>>>>>>>> adds Keycloak server to an existing WildFly installation
so we don't want
>>>>>>>> to overwrite any existing files. I appreciate this may be
confusing and
>>>>>>>> inconsistent, but at the same time if we did overwrite
people would
>>>>>>>> probably complain about us overwriting the existing
script.
>>>>>>>>
>>>>>>>> In the server dist this doesn't apply as the server
is purely a
>>>>>>>> Keycloak server, not a WildFly server.
>>>>>>>>
>>>>>>>> I guess the solution would be to make server dist
consistent with
>>>>>>>> overlay, so both are add-user-keycloak. Not sure how I
feel about that.
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On 2 March 2016 at 11:10, Bruno Oliveira
<bruno(a)abstractj.org>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>> I'm not sure if I follow your question but
'./add-user.sh -u
>>>>>>>>> admin -p admin' or './add-user.sh -u
admin' should work.
>>>>>>>>>
>>>>>>>>> On Wed, Mar 2, 2016 at 7:03 AM Andrej Prievalsky
<
>>>>>>>>> ado.boj.83(a)gmail.com> wrote:
>>>>>>>>>
>>>>>>>>>> Hi Bruno,
>>>>>>>>>>
>>>>>>>>>> thanks for answer.
>>>>>>>>>> But from
>>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>>>>> and section: *...you can use the add-user script
from the
>>>>>>>>>> command-line.*
>>>>>>>>>> is my question is how exactly should looks like
command with
>>>>>>>>>> add-user script?
>>>>>>>>>> Because in past we used this command: add-user.sh
–container -u
>>>>>>>>>> admin -p admin
>>>>>>>>>>
>>>>>>>>>> Andrej.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Wed, Mar 2, 2016 at 10:38 AM, Bruno Oliveira
<
>>>>>>>>>> bruno(a)abstractj.org> wrote:
>>>>>>>>>>
>>>>>>>>>>> Hi Andrej, answers inline
>>>>>>>>>>>
>>>>>>>>>>> On Wed, Mar 2, 2016 at 6:13 AM Andrej
Prievalsky <
>>>>>>>>>>> ado.boj.83(a)gmail.com> wrote:
>>>>>>>>>>>
>>>>>>>>>>>> Hi,
>>>>>>>>>>>>
>>>>>>>>>>>> I would like to summary information about
How to add Admin
>>>>>>>>>>>> User - chapter 3.2.1.
>>>>>>>>>>>>
>>>>>>>>>>>> My questions are:
>>>>>>>>>>>> 1.) From which version (including) is new
concept, that there
>>>>>>>>>>>> is no built in user?
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> 1.8.0 See:
>>>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/Migration_f...
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>> 2a.) What is exact command via add-user
script (add-user.sh) for
>>>>>>>>>>>> create admin user ?
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> See:
>>>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>> 2b.) Same question like in 2a, but in
keycloak-overlay (
>>>>>>>>>>>> add-user-keycloak.sh)?
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> You are correct. Maybe this is an
inconsistency to be fixed.
>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> Thanks and Best Regards,
>>>>>>>>>>>> Andrej.
>>>>>>>>>>>>
_______________________________________________
>>>>>>>>>>>> keycloak-user mailing list
>>>>>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> keycloak-user mailing list
>>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> keycloak-user mailing
listkeycloak-user@lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> keycloak-user mailing list
>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> keycloak-user mailing list
>>>>> keycloak-user(a)lists.jboss.org
>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>
>>>>
>>>>
>>>
>>
>
1:40 a.m.
Thanks Marek, I will try your hint.
@Stian: I am trying login to Keycloak admin console.
On Mon, Apr 18, 2016 at 1:59 PM, Stian Thorgersen <sthorger(a)redhat.com>
wrote:
Just to confirm are you trying to login to Keycloak admin console or
WildFly console?
On 18 April 2016 at 10:04, Andrej Prievalsky <ado.boj.83(a)gmail.com> wrote:
> OK, but when we created user with add-user-keycloak.sh:
>
> [sab@idm69 wildfly]$ ./bin/add-user-keycloak.sh -r master -u admin -p
> admin
> Added 'admin' to
> '/opt/wildfly/standalone/configuration/keycloak-add-user.json', restart
> server to load user
>
> After restart server, we can't login with admin user and password admin.
> We got Error message: Invalid username or password.
>
>
> Can be problem on your side or in our setup and configuration?
>
> On Fri, Apr 15, 2016 at 3:25 PM, Stian Thorgersen <sthorger(a)redhat.com>
> wrote:
>
>> With server overlay use add-user-keycloak and restart the server
>>
>> On 15 April 2016 at 14:43, Andrej Prievalsky <ado.boj.83(a)gmail.com>
>> wrote:
>>
>>> Hi All,
>>>
>>> in setup Wildfly-10 in domain mode + keycloak-overlay-1.9.2.Final I
>>> tried to create Admin User in two ways like in guide:
>>>
>>> 1.) via bin/add-user.[sh|bat] -r master -u <username> -p
<password>
>>> I got this ERROR:
>>>
>>> *[sab@idm69 wildfly]$ ./bin/add-user.sh -r master -u admin -p tmo46713*
>>>
>>>
>>>
>>> ** Error **
>>>
>>> *WFLYDM0065: The user supplied realm name 'master' does not match
the
>>> realm name discovered from the property file(s) 'ManagementRealm'.*
>>>
>>>
>>>
>>> *Exception in thread "main"
>>> org.jboss.as.domain.management.security.adduser.AddUserFailedException:
>>> WFLYDM0065: The user supplied realm name 'master' does not match the
realm
>>> name discovered from the property file(s) 'ManagementRealm'.*
>>>
>>> * at
>>>
org.jboss.as.domain.management.security.adduser.ErrorState.execute(ErrorState.java:72)*
>>>
>>> * at
>>>
org.jboss.as.domain.management.security.adduser.AddUser.run(AddUser.java:130)*
>>>
>>> * at
>>>
org.jboss.as.domain.management.security.adduser.AddUser.main(AddUser.java:223)*
>>>
>>> * at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)*
>>>
>>> * at
>>>
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)*
>>>
>>> * at
>>>
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)*
>>>
>>> * at java.lang.reflect.Method.invoke(Method.java:497)*
>>>
>>> * at org.jboss.modules.Module.run(Module.java:329)*
>>>
>>> * at org.jboss.modules.Main.main(Main.java:507)*
>>>
>>>
>>> 2.) via bin/add-user-keycloak.[sh|bat] -r master -u <username> -p
>>> <password>
>>>
>>> User was created under standalone path.
>>>
>>>
>>> Thanks and Best Regards
>>>
>>> Andrej.
>>>
>>>
>>>
>>> On Thu, Mar 3, 2016 at 7:18 PM, Stian Thorgersen <sthorger(a)redhat.com>
>>> wrote:
>>>
>>>> Please read the documentation it explains it all
>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>
>>>> On 3 March 2016 at 16:24, Andrej Prievalsky <ado.boj.83(a)gmail.com>
>>>> wrote:
>>>>
>>>>> Hi all,
>>>>>
>>>>> 1.) meantime I tried on keycloak-overlay-1.7.0.Final via
>>>>> add-user-keycloak.sh script in wildfly domain mode create Admin user
and I
>>>>> got:
>>>>>
>>>>> [root@keycloakoverlay /opt/wildfly/bin]$ ./add-user-keycloak.sh -u
>>>>> admin -p admin
>>>>> Added 'admin' to '
>>>>> */opt/wildfly/standalone/configuration/keycloak-add-user.json*',
>>>>> restart server to load user
>>>>>
>>>>> Is it correct, that user is created in standalone path?
>>>>>
>>>>>
>>>>>
----------------------------------------------------------------------------
>>>>>
>>>>> 2.) can I in version 1.7.0.Final create or replace Admin user for
>>>>> Master realm with permanent password, which could be created
automatically
>>>>> via command line and not needed change password manually after first
login?
>>>>>
>>>>> Thanks,
>>>>> Andrej.
>>>>>
>>>>>
>>>>> On Thu, Mar 3, 2016 at 1:50 PM, Stian Thorgersen
<sthorger(a)redhat.com
>>>>> > wrote:
>>>>>
>>>>>>
>>>>>>
>>>>>> On 3 March 2016 at 13:48, Stan Silvert
<ssilvert(a)redhat.com> wrote:
>>>>>>
>>>>>>> On 3/3/2016 12:09 AM, Stian Thorgersen wrote:
>>>>>>>
>>>>>>> The standard add-user script adds WildFly users, we want the
>>>>>>> standard script to add Keycloak users. It's a Keycloak
server after all.
>>>>>>>
>>>>>>> You still need WildFly users if you want to use CLI
(remotely) or
>>>>>>> web console. As far as I know, we can't secure those
things with Keycloak
>>>>>>> yet.
>>>>>>>
>>>>>>
>>>>>> In the future we will secure it with Keycloak, in the mean time
the
>>>>>> add-user has a '--container' option.
>>>>>>
>>>>>>
>>>>>>>
>>>>>>> There are workarounds, but I'm just saying, WildFly
add-user.sh is
>>>>>>> a useful tool that we might want to still ship in some form
until such time
>>>>>>> that CLI and web console is fully integrated with Keycloak.
>>>>>>>
>>>>>>>
>>>>>>> On 2 March 2016 at 20:00, Stan Silvert
<ssilvert(a)redhat.com> wrote:
>>>>>>>
>>>>>>>> On 3/2/2016 1:50 PM, Stian Thorgersen wrote:
>>>>>>>>
>>>>>>>> Not a chance. In server dist we want to hide
WildFly's add-user
>>>>>>>> script.
>>>>>>>>
>>>>>>>> I could guess, but I have to ask, why?
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On 2 March 2016 at 14:12, Stan Silvert
<ssilvert(a)redhat.com>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>> On 3/2/2016 7:02 AM, Stian Thorgersen wrote:
>>>>>>>>>
>>>>>>>>> In overlay the script should be add-user-keycloak.
The overlay
>>>>>>>>> adds Keycloak server to an existing WildFly
installation so we don't want
>>>>>>>>> to overwrite any existing files. I appreciate this
may be confusing and
>>>>>>>>> inconsistent, but at the same time if we did
overwrite people would
>>>>>>>>> probably complain about us overwriting the existing
script.
>>>>>>>>>
>>>>>>>>> In the server dist this doesn't apply as the
server is purely a
>>>>>>>>> Keycloak server, not a WildFly server.
>>>>>>>>>
>>>>>>>>> I guess the solution would be to make server dist
consistent with
>>>>>>>>> overlay, so both are add-user-keycloak. Not sure how
I feel about that.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On 2 March 2016 at 11:10, Bruno Oliveira
<bruno(a)abstractj.org>
>>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>>> I'm not sure if I follow your question but
'./add-user.sh -u
>>>>>>>>>> admin -p admin' or './add-user.sh -u
admin' should work.
>>>>>>>>>>
>>>>>>>>>> On Wed, Mar 2, 2016 at 7:03 AM Andrej Prievalsky
<
>>>>>>>>>> ado.boj.83(a)gmail.com> wrote:
>>>>>>>>>>
>>>>>>>>>>> Hi Bruno,
>>>>>>>>>>>
>>>>>>>>>>> thanks for answer.
>>>>>>>>>>> But from
>>>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>>>>>> and section: *...you can use the add-user
script from the
>>>>>>>>>>> command-line.*
>>>>>>>>>>> is my question is how exactly should looks
like command with
>>>>>>>>>>> add-user script?
>>>>>>>>>>> Because in past we used this command:
add-user.sh –container
>>>>>>>>>>> -u admin -p admin
>>>>>>>>>>>
>>>>>>>>>>> Andrej.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On Wed, Mar 2, 2016 at 10:38 AM, Bruno
Oliveira <
>>>>>>>>>>> bruno(a)abstractj.org> wrote:
>>>>>>>>>>>
>>>>>>>>>>>> Hi Andrej, answers inline
>>>>>>>>>>>>
>>>>>>>>>>>> On Wed, Mar 2, 2016 at 6:13 AM Andrej
Prievalsky <
>>>>>>>>>>>> ado.boj.83(a)gmail.com> wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> Hi,
>>>>>>>>>>>>>
>>>>>>>>>>>>> I would like to summary information
about How to add Admin
>>>>>>>>>>>>> User - chapter 3.2.1.
>>>>>>>>>>>>>
>>>>>>>>>>>>> My questions are:
>>>>>>>>>>>>> 1.) From which version (including) is
new concept, that there
>>>>>>>>>>>>> is no built in user?
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> 1.8.0 See:
>>>>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/Migration_f...
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>> 2a.) What is exact command via
add-user script (add-user.sh) for
>>>>>>>>>>>>> create admin user ?
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> See:
>>>>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>> 2b.) Same question like in 2a, but in
keycloak-overlay (
>>>>>>>>>>>>> add-user-keycloak.sh)?
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> You are correct. Maybe this is an
inconsistency to be fixed.
>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> Thanks and Best Regards,
>>>>>>>>>>>>> Andrej.
>>>>>>>>>>>>>
_______________________________________________
>>>>>>>>>>>>> keycloak-user mailing list
>>>>>>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>> _______________________________________________
>>>>>>>>>> keycloak-user mailing list
>>>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> keycloak-user mailing
listkeycloak-user@lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> keycloak-user mailing list
>>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> keycloak-user mailing list
>>>>>> keycloak-user(a)lists.jboss.org
>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>
>>>>>
>>>>>
>>>>
>>>
>>
>
6:09 a.m.
Hi all,
@Marek: I am using H2 database. I can't delete /opt/wildfly/standalone/data,
because this folder is not present.
But, for our domain mode we have to move created /opt/wildfly/standalone/
configuration/keycloak-add-user.json to
/opt/wildfly/domain/servers/{server-name}/configuration
and after we could login to keycloak admin console.
So in summary we have to in domain mode for create admin user:
1.) bin/add-user-keycloak.[sh|bat] -r master -u <username> -p <password>
2.) copy /opt/wildfly/standalone/configuration/keycloak-add-user.json to
/opt/wildfly/domain/servers/{server-name}/configuration
3.) restart server
Are this steps correctly and expected from your side?
On Tue, Apr 19, 2016 at 8:40 AM, Andrej Prievalsky <ado.boj.83(a)gmail.com>
wrote:
Thanks Marek, I will try your hint.
@Stian: I am trying login to Keycloak admin console.
On Mon, Apr 18, 2016 at 1:59 PM, Stian Thorgersen <sthorger(a)redhat.com>
wrote:
> Just to confirm are you trying to login to Keycloak admin console or
> WildFly console?
>
> On 18 April 2016 at 10:04, Andrej Prievalsky <ado.boj.83(a)gmail.com>
> wrote:
>
>> OK, but when we created user with add-user-keycloak.sh:
>>
>> [sab@idm69 wildfly]$ ./bin/add-user-keycloak.sh -r master -u admin -p
>> admin
>> Added 'admin' to
>> '/opt/wildfly/standalone/configuration/keycloak-add-user.json', restart
>> server to load user
>>
>> After restart server, we can't login with admin user and password admin.
>> We got Error message: Invalid username or password.
>>
>>
>> Can be problem on your side or in our setup and configuration?
>>
>> On Fri, Apr 15, 2016 at 3:25 PM, Stian Thorgersen <sthorger(a)redhat.com>
>> wrote:
>>
>>> With server overlay use add-user-keycloak and restart the server
>>>
>>> On 15 April 2016 at 14:43, Andrej Prievalsky <ado.boj.83(a)gmail.com>
>>> wrote:
>>>
>>>> Hi All,
>>>>
>>>> in setup Wildfly-10 in domain mode + keycloak-overlay-1.9.2.Final I
>>>> tried to create Admin User in two ways like in guide:
>>>>
>>>> 1.) via bin/add-user.[sh|bat] -r master -u <username> -p
<password>
>>>> I got this ERROR:
>>>>
>>>> *[sab@idm69 wildfly]$ ./bin/add-user.sh -r master -u admin -p tmo46713*
>>>>
>>>>
>>>>
>>>> ** Error **
>>>>
>>>> *WFLYDM0065: The user supplied realm name 'master' does not match
the
>>>> realm name discovered from the property file(s)
'ManagementRealm'.*
>>>>
>>>>
>>>>
>>>> *Exception in thread "main"
>>>> org.jboss.as.domain.management.security.adduser.AddUserFailedException:
>>>> WFLYDM0065: The user supplied realm name 'master' does not match
the realm
>>>> name discovered from the property file(s) 'ManagementRealm'.*
>>>>
>>>> * at
>>>>
org.jboss.as.domain.management.security.adduser.ErrorState.execute(ErrorState.java:72)*
>>>>
>>>> * at
>>>>
org.jboss.as.domain.management.security.adduser.AddUser.run(AddUser.java:130)*
>>>>
>>>> * at
>>>>
org.jboss.as.domain.management.security.adduser.AddUser.main(AddUser.java:223)*
>>>>
>>>> * at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
>>>> Method)*
>>>>
>>>> * at
>>>>
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)*
>>>>
>>>> * at
>>>>
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)*
>>>>
>>>> * at java.lang.reflect.Method.invoke(Method.java:497)*
>>>>
>>>> * at org.jboss.modules.Module.run(Module.java:329)*
>>>>
>>>> * at org.jboss.modules.Main.main(Main.java:507)*
>>>>
>>>>
>>>> 2.) via bin/add-user-keycloak.[sh|bat] -r master -u <username> -p
>>>> <password>
>>>>
>>>> User was created under standalone path.
>>>>
>>>>
>>>> Thanks and Best Regards
>>>>
>>>> Andrej.
>>>>
>>>>
>>>>
>>>> On Thu, Mar 3, 2016 at 7:18 PM, Stian Thorgersen
<sthorger(a)redhat.com>
>>>> wrote:
>>>>
>>>>> Please read the documentation it explains it all
>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>
>>>>> On 3 March 2016 at 16:24, Andrej Prievalsky
<ado.boj.83(a)gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Hi all,
>>>>>>
>>>>>> 1.) meantime I tried on keycloak-overlay-1.7.0.Final via
>>>>>> add-user-keycloak.sh script in wildfly domain mode create Admin
user and I
>>>>>> got:
>>>>>>
>>>>>> [root@keycloakoverlay /opt/wildfly/bin]$ ./add-user-keycloak.sh
-u
>>>>>> admin -p admin
>>>>>> Added 'admin' to '
>>>>>>
*/opt/wildfly/standalone/configuration/keycloak-add-user.json*',
>>>>>> restart server to load user
>>>>>>
>>>>>> Is it correct, that user is created in standalone path?
>>>>>>
>>>>>>
>>>>>>
----------------------------------------------------------------------------
>>>>>>
>>>>>> 2.) can I in version 1.7.0.Final create or replace Admin user
for
>>>>>> Master realm with permanent password, which could be created
automatically
>>>>>> via command line and not needed change password manually after
first login?
>>>>>>
>>>>>> Thanks,
>>>>>> Andrej.
>>>>>>
>>>>>>
>>>>>> On Thu, Mar 3, 2016 at 1:50 PM, Stian Thorgersen <
>>>>>> sthorger(a)redhat.com> wrote:
>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On 3 March 2016 at 13:48, Stan Silvert
<ssilvert(a)redhat.com> wrote:
>>>>>>>
>>>>>>>> On 3/3/2016 12:09 AM, Stian Thorgersen wrote:
>>>>>>>>
>>>>>>>> The standard add-user script adds WildFly users, we want
the
>>>>>>>> standard script to add Keycloak users. It's a
Keycloak server after all.
>>>>>>>>
>>>>>>>> You still need WildFly users if you want to use CLI
(remotely) or
>>>>>>>> web console. As far as I know, we can't secure
those things with Keycloak
>>>>>>>> yet.
>>>>>>>>
>>>>>>>
>>>>>>> In the future we will secure it with Keycloak, in the mean
time the
>>>>>>> add-user has a '--container' option.
>>>>>>>
>>>>>>>
>>>>>>>>
>>>>>>>> There are workarounds, but I'm just saying, WildFly
add-user.sh is
>>>>>>>> a useful tool that we might want to still ship in some
form until such time
>>>>>>>> that CLI and web console is fully integrated with
Keycloak.
>>>>>>>>
>>>>>>>>
>>>>>>>> On 2 March 2016 at 20:00, Stan Silvert
<ssilvert(a)redhat.com>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>> On 3/2/2016 1:50 PM, Stian Thorgersen wrote:
>>>>>>>>>
>>>>>>>>> Not a chance. In server dist we want to hide
WildFly's add-user
>>>>>>>>> script.
>>>>>>>>>
>>>>>>>>> I could guess, but I have to ask, why?
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On 2 March 2016 at 14:12, Stan Silvert
<ssilvert(a)redhat.com>
>>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>>> On 3/2/2016 7:02 AM, Stian Thorgersen wrote:
>>>>>>>>>>
>>>>>>>>>> In overlay the script should be
add-user-keycloak. The overlay
>>>>>>>>>> adds Keycloak server to an existing WildFly
installation so we don't want
>>>>>>>>>> to overwrite any existing files. I appreciate
this may be confusing and
>>>>>>>>>> inconsistent, but at the same time if we did
overwrite people would
>>>>>>>>>> probably complain about us overwriting the
existing script.
>>>>>>>>>>
>>>>>>>>>> In the server dist this doesn't apply as the
server is purely a
>>>>>>>>>> Keycloak server, not a WildFly server.
>>>>>>>>>>
>>>>>>>>>> I guess the solution would be to make server dist
consistent
>>>>>>>>>> with overlay, so both are add-user-keycloak. Not
sure how I feel about
>>>>>>>>>> that.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On 2 March 2016 at 11:10, Bruno Oliveira
<bruno(a)abstractj.org>
>>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>>> I'm not sure if I follow your question
but './add-user.sh -u
>>>>>>>>>>> admin -p admin' or './add-user.sh -u
admin' should work.
>>>>>>>>>>>
>>>>>>>>>>> On Wed, Mar 2, 2016 at 7:03 AM Andrej
Prievalsky <
>>>>>>>>>>> ado.boj.83(a)gmail.com> wrote:
>>>>>>>>>>>
>>>>>>>>>>>> Hi Bruno,
>>>>>>>>>>>>
>>>>>>>>>>>> thanks for answer.
>>>>>>>>>>>> But from
>>>>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>>>>>>> and section: *...you can use the add-user
script from the
>>>>>>>>>>>> command-line.*
>>>>>>>>>>>> is my question is how exactly should
looks like command with
>>>>>>>>>>>> add-user script?
>>>>>>>>>>>> Because in past we used this command:
add-user.sh –container
>>>>>>>>>>>> -u admin -p admin
>>>>>>>>>>>>
>>>>>>>>>>>> Andrej.
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> On Wed, Mar 2, 2016 at 10:38 AM, Bruno
Oliveira <
>>>>>>>>>>>> bruno(a)abstractj.org> wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> Hi Andrej, answers inline
>>>>>>>>>>>>>
>>>>>>>>>>>>> On Wed, Mar 2, 2016 at 6:13 AM Andrej
Prievalsky <
>>>>>>>>>>>>> ado.boj.83(a)gmail.com> wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> Hi,
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> I would like to summary
information about How to add Admin
>>>>>>>>>>>>>> User - chapter 3.2.1.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> My questions are:
>>>>>>>>>>>>>> 1.) From which version
(including) is new concept, that
>>>>>>>>>>>>>> there is no built in user?
>>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> 1.8.0 See:
>>>>>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/Migration_f...
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>> 2a.) What is exact command via
add-user script (add-user.sh) for
>>>>>>>>>>>>>> create admin user ?
>>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> See:
>>>>>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>> 2b.) Same question like in 2a,
but in keycloak-overlay (
>>>>>>>>>>>>>> add-user-keycloak.sh)?
>>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> You are correct. Maybe this is an
inconsistency to be fixed.
>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Thanks and Best Regards,
>>>>>>>>>>>>>> Andrej.
>>>>>>>>>>>>>>
_______________________________________________
>>>>>>>>>>>>>> keycloak-user mailing list
>>>>>>>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>
_______________________________________________
>>>>>>>>>>> keycloak-user mailing list
>>>>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> _______________________________________________
>>>>>>>>>> keycloak-user mailing
listkeycloak-user@lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> _______________________________________________
>>>>>>>>>> keycloak-user mailing list
>>>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> keycloak-user mailing list
>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>
6:15 a.m.
There's a domain option:
bin/add-user-keycloak.[sh|bat] -r master -u <username> -p <password>
--domain
On 19 April 2016 at 13:09, Andrej Prievalsky <ado.boj.83(a)gmail.com> wrote:
Hi all,
@Marek: I am using H2 database. I can't delete /opt/wildfly/standalone/data,
because this folder is not present.
But, for our domain mode we have to move created /opt/wildfly/standalone/
configuration/keycloak-add-user.json to
/opt/wildfly/domain/servers/{server-name}/configuration
and after we could login to keycloak admin console.
So in summary we have to in domain mode for create admin user:
1.) bin/add-user-keycloak.[sh|bat] -r master -u <username> -p <password>
2.) copy /opt/wildfly/standalone/configuration/keycloak-add-user.json to
/opt/wildfly/domain/servers/{server-name}/configuration
3.) restart server
Are this steps correctly and expected from your side?
On Tue, Apr 19, 2016 at 8:40 AM, Andrej Prievalsky <ado.boj.83(a)gmail.com>
wrote:
> Thanks Marek, I will try your hint.
> @Stian: I am trying login to Keycloak admin console.
>
> On Mon, Apr 18, 2016 at 1:59 PM, Stian Thorgersen <sthorger(a)redhat.com>
> wrote:
>
>> Just to confirm are you trying to login to Keycloak admin console or
>> WildFly console?
>>
>> On 18 April 2016 at 10:04, Andrej Prievalsky <ado.boj.83(a)gmail.com>
>> wrote:
>>
>>> OK, but when we created user with add-user-keycloak.sh:
>>>
>>> [sab@idm69 wildfly]$ ./bin/add-user-keycloak.sh -r master -u admin -p
>>> admin
>>> Added 'admin' to
>>> '/opt/wildfly/standalone/configuration/keycloak-add-user.json',
restart
>>> server to load user
>>>
>>> After restart server, we can't login with admin user and password admin.
>>> We got Error message: Invalid username or password.
>>>
>>>
>>> Can be problem on your side or in our setup and configuration?
>>>
>>> On Fri, Apr 15, 2016 at 3:25 PM, Stian Thorgersen
<sthorger(a)redhat.com>
>>> wrote:
>>>
>>>> With server overlay use add-user-keycloak and restart the server
>>>>
>>>> On 15 April 2016 at 14:43, Andrej Prievalsky
<ado.boj.83(a)gmail.com>
>>>> wrote:
>>>>
>>>>> Hi All,
>>>>>
>>>>> in setup Wildfly-10 in domain mode + keycloak-overlay-1.9.2.Final I
>>>>> tried to create Admin User in two ways like in guide:
>>>>>
>>>>> 1.) via bin/add-user.[sh|bat] -r master -u <username> -p
<password>
>>>>> I got this ERROR:
>>>>>
>>>>> *[sab@idm69 wildfly]$ ./bin/add-user.sh -r master -u admin -p
>>>>> tmo46713*
>>>>>
>>>>>
>>>>>
>>>>> ** Error **
>>>>>
>>>>> *WFLYDM0065: The user supplied realm name 'master' does not
match the
>>>>> realm name discovered from the property file(s)
'ManagementRealm'.*
>>>>>
>>>>>
>>>>>
>>>>> *Exception in thread "main"
>>>>>
org.jboss.as.domain.management.security.adduser.AddUserFailedException:
>>>>> WFLYDM0065: The user supplied realm name 'master' does not
match the realm
>>>>> name discovered from the property file(s)
'ManagementRealm'.*
>>>>>
>>>>> * at
>>>>>
org.jboss.as.domain.management.security.adduser.ErrorState.execute(ErrorState.java:72)*
>>>>>
>>>>> * at
>>>>>
org.jboss.as.domain.management.security.adduser.AddUser.run(AddUser.java:130)*
>>>>>
>>>>> * at
>>>>>
org.jboss.as.domain.management.security.adduser.AddUser.main(AddUser.java:223)*
>>>>>
>>>>> * at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
>>>>> Method)*
>>>>>
>>>>> * at
>>>>>
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)*
>>>>>
>>>>> * at
>>>>>
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)*
>>>>>
>>>>> * at java.lang.reflect.Method.invoke(Method.java:497)*
>>>>>
>>>>> * at org.jboss.modules.Module.run(Module.java:329)*
>>>>>
>>>>> * at org.jboss.modules.Main.main(Main.java:507)*
>>>>>
>>>>>
>>>>> 2.) via bin/add-user-keycloak.[sh|bat] -r master -u <username>
-p
>>>>> <password>
>>>>>
>>>>> User was created under standalone path.
>>>>>
>>>>>
>>>>> Thanks and Best Regards
>>>>>
>>>>> Andrej.
>>>>>
>>>>>
>>>>>
>>>>> On Thu, Mar 3, 2016 at 7:18 PM, Stian Thorgersen
<sthorger(a)redhat.com
>>>>> > wrote:
>>>>>
>>>>>> Please read the documentation it explains it all
>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>
>>>>>> On 3 March 2016 at 16:24, Andrej Prievalsky
<ado.boj.83(a)gmail.com>
>>>>>> wrote:
>>>>>>
>>>>>>> Hi all,
>>>>>>>
>>>>>>> 1.) meantime I tried on keycloak-overlay-1.7.0.Final via
>>>>>>> add-user-keycloak.sh script in wildfly domain mode create
Admin user and I
>>>>>>> got:
>>>>>>>
>>>>>>> [root@keycloakoverlay /opt/wildfly/bin]$
./add-user-keycloak.sh -u
>>>>>>> admin -p admin
>>>>>>> Added 'admin' to '
>>>>>>>
*/opt/wildfly/standalone/configuration/keycloak-add-user.json*',
>>>>>>> restart server to load user
>>>>>>>
>>>>>>> Is it correct, that user is created in standalone path?
>>>>>>>
>>>>>>>
>>>>>>>
----------------------------------------------------------------------------
>>>>>>>
>>>>>>> 2.) can I in version 1.7.0.Final create or replace Admin user
for
>>>>>>> Master realm with permanent password, which could be created
automatically
>>>>>>> via command line and not needed change password manually
after first login?
>>>>>>>
>>>>>>> Thanks,
>>>>>>> Andrej.
>>>>>>>
>>>>>>>
>>>>>>> On Thu, Mar 3, 2016 at 1:50 PM, Stian Thorgersen <
>>>>>>> sthorger(a)redhat.com> wrote:
>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On 3 March 2016 at 13:48, Stan Silvert
<ssilvert(a)redhat.com>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>> On 3/3/2016 12:09 AM, Stian Thorgersen wrote:
>>>>>>>>>
>>>>>>>>> The standard add-user script adds WildFly users, we
want the
>>>>>>>>> standard script to add Keycloak users. It's a
Keycloak server after all.
>>>>>>>>>
>>>>>>>>> You still need WildFly users if you want to use CLI
(remotely) or
>>>>>>>>> web console. As far as I know, we can't secure
those things with Keycloak
>>>>>>>>> yet.
>>>>>>>>>
>>>>>>>>
>>>>>>>> In the future we will secure it with Keycloak, in the
mean time
>>>>>>>> the add-user has a '--container' option.
>>>>>>>>
>>>>>>>>
>>>>>>>>>
>>>>>>>>> There are workarounds, but I'm just saying,
WildFly add-user.sh
>>>>>>>>> is a useful tool that we might want to still ship in
some form until such
>>>>>>>>> time that CLI and web console is fully integrated
with Keycloak.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On 2 March 2016 at 20:00, Stan Silvert
<ssilvert(a)redhat.com>
>>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>>> On 3/2/2016 1:50 PM, Stian Thorgersen wrote:
>>>>>>>>>>
>>>>>>>>>> Not a chance. In server dist we want to hide
WildFly's add-user
>>>>>>>>>> script.
>>>>>>>>>>
>>>>>>>>>> I could guess, but I have to ask, why?
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On 2 March 2016 at 14:12, Stan Silvert
<ssilvert(a)redhat.com>
>>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>>> On 3/2/2016 7:02 AM, Stian Thorgersen wrote:
>>>>>>>>>>>
>>>>>>>>>>> In overlay the script should be
add-user-keycloak. The overlay
>>>>>>>>>>> adds Keycloak server to an existing WildFly
installation so we don't want
>>>>>>>>>>> to overwrite any existing files. I appreciate
this may be confusing and
>>>>>>>>>>> inconsistent, but at the same time if we did
overwrite people would
>>>>>>>>>>> probably complain about us overwriting the
existing script.
>>>>>>>>>>>
>>>>>>>>>>> In the server dist this doesn't apply as
the server is purely a
>>>>>>>>>>> Keycloak server, not a WildFly server.
>>>>>>>>>>>
>>>>>>>>>>> I guess the solution would be to make server
dist consistent
>>>>>>>>>>> with overlay, so both are add-user-keycloak.
Not sure how I feel about
>>>>>>>>>>> that.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On 2 March 2016 at 11:10, Bruno Oliveira
<bruno(a)abstractj.org>
>>>>>>>>>>> wrote:
>>>>>>>>>>>
>>>>>>>>>>>> I'm not sure if I follow your
question but './add-user.sh -u
>>>>>>>>>>>> admin -p admin' or './add-user.sh
-u admin' should work.
>>>>>>>>>>>>
>>>>>>>>>>>> On Wed, Mar 2, 2016 at 7:03 AM Andrej
Prievalsky <
>>>>>>>>>>>> ado.boj.83(a)gmail.com> wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> Hi Bruno,
>>>>>>>>>>>>>
>>>>>>>>>>>>> thanks for answer.
>>>>>>>>>>>>> But from
>>>>>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>>>>>>>> and section: *...you can use the
add-user script from the
>>>>>>>>>>>>> command-line.*
>>>>>>>>>>>>> is my question is how exactly should
looks like command with
>>>>>>>>>>>>> add-user script?
>>>>>>>>>>>>> Because in past we used this command:
add-user.sh –container
>>>>>>>>>>>>> -u admin -p admin
>>>>>>>>>>>>>
>>>>>>>>>>>>> Andrej.
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> On Wed, Mar 2, 2016 at 10:38 AM,
Bruno Oliveira <
>>>>>>>>>>>>> bruno(a)abstractj.org> wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> Hi Andrej, answers inline
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> On Wed, Mar 2, 2016 at 6:13 AM
Andrej Prievalsky <
>>>>>>>>>>>>>> ado.boj.83(a)gmail.com> wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Hi,
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> I would like to summary
information about How to add Admin
>>>>>>>>>>>>>>> User - chapter 3.2.1.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> My questions are:
>>>>>>>>>>>>>>> 1.) From which version
(including) is new concept, that
>>>>>>>>>>>>>>> there is no built in user?
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> 1.8.0 See:
>>>>>>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/Migration_f...
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> 2a.) What is exact command
via add-user script
>>>>>>>>>>>>>>> (add-user.sh) for create
admin user ?
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> See:
>>>>>>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> 2b.) Same question like in
2a, but in keycloak-overlay (
>>>>>>>>>>>>>>> add-user-keycloak.sh)?
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> You are correct. Maybe this is an
inconsistency to be fixed.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Thanks and Best Regards,
>>>>>>>>>>>>>>> Andrej.
>>>>>>>>>>>>>>>
_______________________________________________
>>>>>>>>>>>>>>> keycloak-user mailing list
>>>>>>>>>>>>>>>
keycloak-user(a)lists.jboss.org
>>>>>>>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>
_______________________________________________
>>>>>>>>>>>> keycloak-user mailing list
>>>>>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
_______________________________________________
>>>>>>>>>>> keycloak-user mailing
listkeycloak-user@lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
_______________________________________________
>>>>>>>>>>> keycloak-user mailing list
>>>>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> keycloak-user mailing list
>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>
8:43 a.m.
With only domain option I got and it doesn't work:
[sab@idm72 wildfly]$ ./bin/add-user-keycloak.sh -r master -u admin -p admin
--domain
Added 'admin' to
'/opt/wildfly/domain/configuration/keycloak-add-user.json',
restart server to load user
But with next option I got and it works:
sab@idm72 wildfly]$ ./bin/add-user-keycloak.sh -r master -u admin -p
admin --domain
--dc /opt/wildfly/domain/servers/idm-server-idm72/configuration/
Added 'admin' to '/opt/wildfly/
domain/servers/idm-server-idm72/configuration/keycloak-add-user.json',
restart server to load user
Are needed for domain both options?
On Tue, Apr 19, 2016 at 1:15 PM, Stian Thorgersen <sthorger(a)redhat.com>
wrote:
There's a domain option:
bin/add-user-keycloak.[sh|bat] -r master -u <username> -p <password>
--domain
On 19 April 2016 at 13:09, Andrej Prievalsky <ado.boj.83(a)gmail.com> wrote:
> Hi all,
>
> @Marek: I am using H2 database. I can't delete /opt/wildfly/standalone/data,
> because this folder is not present.
>
> But, for our domain mode we have to move created /opt/wildfly/standalone/
> configuration/keycloak-add-user.json to
> /opt/wildfly/domain/servers/{server-name}/configuration
> and after we could login to keycloak admin console.
>
> So in summary we have to in domain mode for create admin user:
> 1.) bin/add-user-keycloak.[sh|bat] -r master -u <username> -p <password>
> 2.) copy /opt/wildfly/standalone/configuration/keycloak-add-user.json to
> /opt/wildfly/domain/servers/{server-name}/configuration
> 3.) restart server
>
> Are this steps correctly and expected from your side?
>
>
>
> On Tue, Apr 19, 2016 at 8:40 AM, Andrej Prievalsky <ado.boj.83(a)gmail.com>
> wrote:
>
>> Thanks Marek, I will try your hint.
>> @Stian: I am trying login to Keycloak admin console.
>>
>> On Mon, Apr 18, 2016 at 1:59 PM, Stian Thorgersen <sthorger(a)redhat.com>
>> wrote:
>>
>>> Just to confirm are you trying to login to Keycloak admin console or
>>> WildFly console?
>>>
>>> On 18 April 2016 at 10:04, Andrej Prievalsky <ado.boj.83(a)gmail.com>
>>> wrote:
>>>
>>>> OK, but when we created user with add-user-keycloak.sh:
>>>>
>>>> [sab@idm69 wildfly]$ ./bin/add-user-keycloak.sh -r master -u admin -p
>>>> admin
>>>> Added 'admin' to
>>>> '/opt/wildfly/standalone/configuration/keycloak-add-user.json',
restart
>>>> server to load user
>>>>
>>>> After restart server, we can't login with admin user and password
>>>> admin.
>>>> We got Error message: Invalid username or password.
>>>>
>>>>
>>>> Can be problem on your side or in our setup and configuration?
>>>>
>>>> On Fri, Apr 15, 2016 at 3:25 PM, Stian Thorgersen
<sthorger(a)redhat.com
>>>> > wrote:
>>>>
>>>>> With server overlay use add-user-keycloak and restart the server
>>>>>
>>>>> On 15 April 2016 at 14:43, Andrej Prievalsky
<ado.boj.83(a)gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Hi All,
>>>>>>
>>>>>> in setup Wildfly-10 in domain mode + keycloak-overlay-1.9.2.Final
I
>>>>>> tried to create Admin User in two ways like in guide:
>>>>>>
>>>>>> 1.) via bin/add-user.[sh|bat] -r master -u <username> -p
<password>
>>>>>> I got this ERROR:
>>>>>>
>>>>>> *[sab@idm69 wildfly]$ ./bin/add-user.sh -r master -u admin -p
>>>>>> tmo46713*
>>>>>>
>>>>>>
>>>>>>
>>>>>> ** Error **
>>>>>>
>>>>>> *WFLYDM0065: The user supplied realm name 'master' does
not match
>>>>>> the realm name discovered from the property file(s)
'ManagementRealm'.*
>>>>>>
>>>>>>
>>>>>>
>>>>>> *Exception in thread "main"
>>>>>>
org.jboss.as.domain.management.security.adduser.AddUserFailedException:
>>>>>> WFLYDM0065: The user supplied realm name 'master' does
not match the realm
>>>>>> name discovered from the property file(s)
'ManagementRealm'.*
>>>>>>
>>>>>> * at
>>>>>>
org.jboss.as.domain.management.security.adduser.ErrorState.execute(ErrorState.java:72)*
>>>>>>
>>>>>> * at
>>>>>>
org.jboss.as.domain.management.security.adduser.AddUser.run(AddUser.java:130)*
>>>>>>
>>>>>> * at
>>>>>>
org.jboss.as.domain.management.security.adduser.AddUser.main(AddUser.java:223)*
>>>>>>
>>>>>> * at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
>>>>>> Method)*
>>>>>>
>>>>>> * at
>>>>>>
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)*
>>>>>>
>>>>>> * at
>>>>>>
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)*
>>>>>>
>>>>>> * at java.lang.reflect.Method.invoke(Method.java:497)*
>>>>>>
>>>>>> * at org.jboss.modules.Module.run(Module.java:329)*
>>>>>>
>>>>>> * at org.jboss.modules.Main.main(Main.java:507)*
>>>>>>
>>>>>>
>>>>>> 2.) via bin/add-user-keycloak.[sh|bat] -r master -u
<username> -p
>>>>>> <password>
>>>>>>
>>>>>> User was created under standalone path.
>>>>>>
>>>>>>
>>>>>> Thanks and Best Regards
>>>>>>
>>>>>> Andrej.
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Thu, Mar 3, 2016 at 7:18 PM, Stian Thorgersen <
>>>>>> sthorger(a)redhat.com> wrote:
>>>>>>
>>>>>>> Please read the documentation it explains it all
>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>>
>>>>>>> On 3 March 2016 at 16:24, Andrej Prievalsky
<ado.boj.83(a)gmail.com>
>>>>>>> wrote:
>>>>>>>
>>>>>>>> Hi all,
>>>>>>>>
>>>>>>>> 1.) meantime I tried on keycloak-overlay-1.7.0.Final via
>>>>>>>> add-user-keycloak.sh script in wildfly domain mode create
Admin user and I
>>>>>>>> got:
>>>>>>>>
>>>>>>>> [root@keycloakoverlay /opt/wildfly/bin]$
./add-user-keycloak.sh
>>>>>>>> -u admin -p admin
>>>>>>>> Added 'admin' to '
>>>>>>>>
*/opt/wildfly/standalone/configuration/keycloak-add-user.json*',
>>>>>>>> restart server to load user
>>>>>>>>
>>>>>>>> Is it correct, that user is created in standalone path?
>>>>>>>>
>>>>>>>>
>>>>>>>>
----------------------------------------------------------------------------
>>>>>>>>
>>>>>>>> 2.) can I in version 1.7.0.Final create or replace Admin
user for
>>>>>>>> Master realm with permanent password, which could be
created automatically
>>>>>>>> via command line and not needed change password manually
after first login?
>>>>>>>>
>>>>>>>> Thanks,
>>>>>>>> Andrej.
>>>>>>>>
>>>>>>>>
>>>>>>>> On Thu, Mar 3, 2016 at 1:50 PM, Stian Thorgersen <
>>>>>>>> sthorger(a)redhat.com> wrote:
>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On 3 March 2016 at 13:48, Stan Silvert
<ssilvert(a)redhat.com>
>>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>>> On 3/3/2016 12:09 AM, Stian Thorgersen wrote:
>>>>>>>>>>
>>>>>>>>>> The standard add-user script adds WildFly users,
we want the
>>>>>>>>>> standard script to add Keycloak users. It's a
Keycloak server after all.
>>>>>>>>>>
>>>>>>>>>> You still need WildFly users if you want to use
CLI (remotely)
>>>>>>>>>> or web console. As far as I know, we can't
secure those things with
>>>>>>>>>> Keycloak yet.
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>> In the future we will secure it with Keycloak, in the
mean time
>>>>>>>>> the add-user has a '--container' option.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> There are workarounds, but I'm just saying,
WildFly add-user.sh
>>>>>>>>>> is a useful tool that we might want to still ship
in some form until such
>>>>>>>>>> time that CLI and web console is fully integrated
with Keycloak.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On 2 March 2016 at 20:00, Stan Silvert
<ssilvert(a)redhat.com>
>>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>>> On 3/2/2016 1:50 PM, Stian Thorgersen wrote:
>>>>>>>>>>>
>>>>>>>>>>> Not a chance. In server dist we want to hide
WildFly's add-user
>>>>>>>>>>> script.
>>>>>>>>>>>
>>>>>>>>>>> I could guess, but I have to ask, why?
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On 2 March 2016 at 14:12, Stan Silvert
<ssilvert(a)redhat.com>
>>>>>>>>>>> wrote:
>>>>>>>>>>>
>>>>>>>>>>>> On 3/2/2016 7:02 AM, Stian Thorgersen
wrote:
>>>>>>>>>>>>
>>>>>>>>>>>> In overlay the script should be
add-user-keycloak. The overlay
>>>>>>>>>>>> adds Keycloak server to an existing
WildFly installation so we don't want
>>>>>>>>>>>> to overwrite any existing files. I
appreciate this may be confusing and
>>>>>>>>>>>> inconsistent, but at the same time if we
did overwrite people would
>>>>>>>>>>>> probably complain about us overwriting
the existing script.
>>>>>>>>>>>>
>>>>>>>>>>>> In the server dist this doesn't apply
as the server is purely
>>>>>>>>>>>> a Keycloak server, not a WildFly server.
>>>>>>>>>>>>
>>>>>>>>>>>> I guess the solution would be to make
server dist consistent
>>>>>>>>>>>> with overlay, so both are
add-user-keycloak. Not sure how I feel about
>>>>>>>>>>>> that.
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> On 2 March 2016 at 11:10, Bruno Oliveira
<bruno(a)abstractj.org>
>>>>>>>>>>>> wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> I'm not sure if I follow your
question but './add-user.sh -u
>>>>>>>>>>>>> admin -p admin' or
'./add-user.sh -u admin' should work.
>>>>>>>>>>>>>
>>>>>>>>>>>>> On Wed, Mar 2, 2016 at 7:03 AM Andrej
Prievalsky <
>>>>>>>>>>>>> ado.boj.83(a)gmail.com> wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> Hi Bruno,
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> thanks for answer.
>>>>>>>>>>>>>> But from
>>>>>>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>>>>>>>>> and section: *...you can use the
add-user script from the
>>>>>>>>>>>>>> command-line.*
>>>>>>>>>>>>>> is my question is how exactly
should looks like command with
>>>>>>>>>>>>>> add-user script?
>>>>>>>>>>>>>> Because in past we used this
command: add-user.sh
>>>>>>>>>>>>>> –container -u admin -p admin
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Andrej.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> On Wed, Mar 2, 2016 at 10:38 AM,
Bruno Oliveira <
>>>>>>>>>>>>>> bruno(a)abstractj.org> wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Hi Andrej, answers inline
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> On Wed, Mar 2, 2016 at 6:13
AM Andrej Prievalsky <
>>>>>>>>>>>>>>> ado.boj.83(a)gmail.com>
wrote:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Hi,
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> I would like to summary
information about How to add Admin
>>>>>>>>>>>>>>>> User - chapter 3.2.1.
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> My questions are:
>>>>>>>>>>>>>>>> 1.) From which version
(including) is new concept, that
>>>>>>>>>>>>>>>> there is no built in
user?
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> 1.8.0 See:
>>>>>>>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/Migration_f...
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> 2a.) What is exact
command via add-user script
>>>>>>>>>>>>>>>> (add-user.sh) for create
admin user ?
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> See:
>>>>>>>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> 2b.) Same question like
in 2a, but in keycloak-overlay (
>>>>>>>>>>>>>>>> add-user-keycloak.sh)?
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> You are correct. Maybe this
is an inconsistency to be
>>>>>>>>>>>>>>> fixed.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Thanks and Best Regards,
>>>>>>>>>>>>>>>> Andrej.
>>>>>>>>>>>>>>>>
_______________________________________________
>>>>>>>>>>>>>>>> keycloak-user mailing
list
>>>>>>>>>>>>>>>>
keycloak-user(a)lists.jboss.org
>>>>>>>>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>
_______________________________________________
>>>>>>>>>>>>> keycloak-user mailing list
>>>>>>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
_______________________________________________
>>>>>>>>>>>> keycloak-user mailing
listkeycloak-user@lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
_______________________________________________
>>>>>>>>>>>> keycloak-user mailing list
>>>>>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> keycloak-user mailing list
>>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>
2:57 a.m.
Hi all,
I would like to ask again only for confirmation.
My setup is keycloak overlay in domain mode.
Question is how can I create Admin keycloak user in this setup.
With only domain option it doesn't work:
[sab@idm72 wildfly]$ ./bin/add-user-keycloak.sh -r master -u admin -p admin
--domain
Added 'admin' to
'/opt/wildfly/domain/configuration/keycloak-add-user.json',
restart server to load user
But with next option I got and it works:
sab@idm72 wildfly]$ ./bin/add-user-keycloak.sh -r master -u admin -p admin
--domain --dc /opt/wildfly/domain/servers/idm-server-idm72/configuration/
Added 'admin' to '/opt/wildfly/
domain/servers/idm-server-idm72/configuration/keycloak-add-user.json',
restart server to load user
Are needed for domain mode both options?
Best Regards,
Andrej.
On Tue, Apr 19, 2016 at 3:43 PM, Andrej Prievalsky <ado.boj.83(a)gmail.com>
wrote:
With only domain option I got and it doesn't work:
[sab@idm72 wildfly]$ ./bin/add-user-keycloak.sh -r master -u admin -p
admin --domain
Added 'admin' to
'/opt/wildfly/domain/configuration/keycloak-add-user.json',
restart server to load user
But with next option I got and it works:
sab@idm72 wildfly]$ ./bin/add-user-keycloak.sh -r master -u admin -p
admin --domain --dc
/opt/wildfly/domain/servers/idm-server-idm72/configuration/
Added 'admin' to '/opt/wildfly/
domain/servers/idm-server-idm72/configuration/keycloak-add-user.json',
restart server to load user
Are needed for domain both options?
On Tue, Apr 19, 2016 at 1:15 PM, Stian Thorgersen <sthorger(a)redhat.com>
wrote:
> There's a domain option:
> bin/add-user-keycloak.[sh|bat] -r master -u <username> -p <password>
> --domain
>
> On 19 April 2016 at 13:09, Andrej Prievalsky <ado.boj.83(a)gmail.com>
> wrote:
>
>> Hi all,
>>
>> @Marek: I am using H2 database. I can't delete /opt/wildfly/standalone/data,
>> because this folder is not present.
>>
>> But, for our domain mode we have to move created
>> /opt/wildfly/standalone/configuration/keycloak-add-user.json to
>> /opt/wildfly/domain/servers/{server-name}/configuration
>> and after we could login to keycloak admin console.
>>
>> So in summary we have to in domain mode for create admin user:
>> 1.) bin/add-user-keycloak.[sh|bat] -r master -u <username> -p
<password>
>> 2.) copy /opt/wildfly/standalone/configuration/keycloak-add-user.json
>> to /opt/wildfly/domain/servers/{server-name}/configuration
>> 3.) restart server
>>
>> Are this steps correctly and expected from your side?
>>
>>
>>
>> On Tue, Apr 19, 2016 at 8:40 AM, Andrej Prievalsky <ado.boj.83(a)gmail.com
>> > wrote:
>>
>>> Thanks Marek, I will try your hint.
>>> @Stian: I am trying login to Keycloak admin console.
>>>
>>> On Mon, Apr 18, 2016 at 1:59 PM, Stian Thorgersen
<sthorger(a)redhat.com>
>>> wrote:
>>>
>>>> Just to confirm are you trying to login to Keycloak admin console or
>>>> WildFly console?
>>>>
>>>> On 18 April 2016 at 10:04, Andrej Prievalsky
<ado.boj.83(a)gmail.com>
>>>> wrote:
>>>>
>>>>> OK, but when we created user with add-user-keycloak.sh:
>>>>>
>>>>> [sab@idm69 wildfly]$ ./bin/add-user-keycloak.sh -r master -u admin
>>>>> -p admin
>>>>> Added 'admin' to
>>>>>
'/opt/wildfly/standalone/configuration/keycloak-add-user.json', restart
>>>>> server to load user
>>>>>
>>>>> After restart server, we can't login with admin user and
password
>>>>> admin.
>>>>> We got Error message: Invalid username or password.
>>>>>
>>>>>
>>>>> Can be problem on your side or in our setup and configuration?
>>>>>
>>>>> On Fri, Apr 15, 2016 at 3:25 PM, Stian Thorgersen <
>>>>> sthorger(a)redhat.com> wrote:
>>>>>
>>>>>> With server overlay use add-user-keycloak and restart the server
>>>>>>
>>>>>> On 15 April 2016 at 14:43, Andrej Prievalsky
<ado.boj.83(a)gmail.com>
>>>>>> wrote:
>>>>>>
>>>>>>> Hi All,
>>>>>>>
>>>>>>> in setup Wildfly-10 in domain mode +
keycloak-overlay-1.9.2.Final I
>>>>>>> tried to create Admin User in two ways like in guide:
>>>>>>>
>>>>>>> 1.) via bin/add-user.[sh|bat] -r master -u <username>
-p <password>
>>>>>>> I got this ERROR:
>>>>>>>
>>>>>>> *[sab@idm69 wildfly]$ ./bin/add-user.sh -r master -u admin
-p
>>>>>>> tmo46713*
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> ** Error **
>>>>>>>
>>>>>>> *WFLYDM0065: The user supplied realm name 'master'
does not match
>>>>>>> the realm name discovered from the property file(s)
'ManagementRealm'.*
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> *Exception in thread "main"
>>>>>>>
org.jboss.as.domain.management.security.adduser.AddUserFailedException:
>>>>>>> WFLYDM0065: The user supplied realm name 'master'
does not match the realm
>>>>>>> name discovered from the property file(s)
'ManagementRealm'.*
>>>>>>>
>>>>>>> * at
>>>>>>>
org.jboss.as.domain.management.security.adduser.ErrorState.execute(ErrorState.java:72)*
>>>>>>>
>>>>>>> * at
>>>>>>>
org.jboss.as.domain.management.security.adduser.AddUser.run(AddUser.java:130)*
>>>>>>>
>>>>>>> * at
>>>>>>>
org.jboss.as.domain.management.security.adduser.AddUser.main(AddUser.java:223)*
>>>>>>>
>>>>>>> * at
sun.reflect.NativeMethodAccessorImpl.invoke0(Native
>>>>>>> Method)*
>>>>>>>
>>>>>>> * at
>>>>>>>
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)*
>>>>>>>
>>>>>>> * at
>>>>>>>
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)*
>>>>>>>
>>>>>>> * at
java.lang.reflect.Method.invoke(Method.java:497)*
>>>>>>>
>>>>>>> * at org.jboss.modules.Module.run(Module.java:329)*
>>>>>>>
>>>>>>> * at org.jboss.modules.Main.main(Main.java:507)*
>>>>>>>
>>>>>>>
>>>>>>> 2.) via bin/add-user-keycloak.[sh|bat] -r master -u
<username> -p
>>>>>>> <password>
>>>>>>>
>>>>>>> User was created under standalone path.
>>>>>>>
>>>>>>>
>>>>>>> Thanks and Best Regards
>>>>>>>
>>>>>>> Andrej.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Thu, Mar 3, 2016 at 7:18 PM, Stian Thorgersen <
>>>>>>> sthorger(a)redhat.com> wrote:
>>>>>>>
>>>>>>>> Please read the documentation it explains it all
>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>>>
>>>>>>>> On 3 March 2016 at 16:24, Andrej Prievalsky
<ado.boj.83(a)gmail.com>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>> Hi all,
>>>>>>>>>
>>>>>>>>> 1.) meantime I tried on keycloak-overlay-1.7.0.Final
via
>>>>>>>>> add-user-keycloak.sh script in wildfly domain mode
create Admin user and I
>>>>>>>>> got:
>>>>>>>>>
>>>>>>>>> [root@keycloakoverlay /opt/wildfly/bin]$
./add-user-keycloak.sh
>>>>>>>>> -u admin -p admin
>>>>>>>>> Added 'admin' to '
>>>>>>>>>
*/opt/wildfly/standalone/configuration/keycloak-add-user.json*',
>>>>>>>>> restart server to load user
>>>>>>>>>
>>>>>>>>> Is it correct, that user is created in standalone
path?
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
----------------------------------------------------------------------------
>>>>>>>>>
>>>>>>>>> 2.) can I in version 1.7.0.Final create or replace
Admin user for
>>>>>>>>> Master realm with permanent password, which could be
created automatically
>>>>>>>>> via command line and not needed change password
manually after first login?
>>>>>>>>>
>>>>>>>>> Thanks,
>>>>>>>>> Andrej.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Thu, Mar 3, 2016 at 1:50 PM, Stian Thorgersen
<
>>>>>>>>> sthorger(a)redhat.com> wrote:
>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On 3 March 2016 at 13:48, Stan Silvert
<ssilvert(a)redhat.com>
>>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>>> On 3/3/2016 12:09 AM, Stian Thorgersen
wrote:
>>>>>>>>>>>
>>>>>>>>>>> The standard add-user script adds WildFly
users, we want the
>>>>>>>>>>> standard script to add Keycloak users.
It's a Keycloak server after all.
>>>>>>>>>>>
>>>>>>>>>>> You still need WildFly users if you want to
use CLI (remotely)
>>>>>>>>>>> or web console. As far as I know, we
can't secure those things with
>>>>>>>>>>> Keycloak yet.
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> In the future we will secure it with Keycloak, in
the mean time
>>>>>>>>>> the add-user has a '--container' option.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> There are workarounds, but I'm just
saying, WildFly add-user.sh
>>>>>>>>>>> is a useful tool that we might want to still
ship in some form until such
>>>>>>>>>>> time that CLI and web console is fully
integrated with Keycloak.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On 2 March 2016 at 20:00, Stan Silvert
<ssilvert(a)redhat.com>
>>>>>>>>>>> wrote:
>>>>>>>>>>>
>>>>>>>>>>>> On 3/2/2016 1:50 PM, Stian Thorgersen
wrote:
>>>>>>>>>>>>
>>>>>>>>>>>> Not a chance. In server dist we want to
hide WildFly's
>>>>>>>>>>>> add-user script.
>>>>>>>>>>>>
>>>>>>>>>>>> I could guess, but I have to ask, why?
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> On 2 March 2016 at 14:12, Stan Silvert
<ssilvert(a)redhat.com>
>>>>>>>>>>>> wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> On 3/2/2016 7:02 AM, Stian Thorgersen
wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>> In overlay the script should be
add-user-keycloak. The
>>>>>>>>>>>>> overlay adds Keycloak server to an
existing WildFly installation so we
>>>>>>>>>>>>> don't want to overwrite any
existing files. I appreciate this may be
>>>>>>>>>>>>> confusing and inconsistent, but at
the same time if we did overwrite people
>>>>>>>>>>>>> would probably complain about us
overwriting the existing script.
>>>>>>>>>>>>>
>>>>>>>>>>>>> In the server dist this doesn't
apply as the server is purely
>>>>>>>>>>>>> a Keycloak server, not a WildFly
server.
>>>>>>>>>>>>>
>>>>>>>>>>>>> I guess the solution would be to make
server dist consistent
>>>>>>>>>>>>> with overlay, so both are
add-user-keycloak. Not sure how I feel about
>>>>>>>>>>>>> that.
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> On 2 March 2016 at 11:10, Bruno
Oliveira <bruno(a)abstractj.org
>>>>>>>>>>>>> > wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> I'm not sure if I follow your
question but './add-user.sh -u
>>>>>>>>>>>>>> admin -p admin' or
'./add-user.sh -u admin' should work.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> On Wed, Mar 2, 2016 at 7:03 AM
Andrej Prievalsky <
>>>>>>>>>>>>>> ado.boj.83(a)gmail.com> wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Hi Bruno,
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> thanks for answer.
>>>>>>>>>>>>>>> But from
>>>>>>>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>>>>>>>>>> and section: *...you can use
the add-user script from the
>>>>>>>>>>>>>>> command-line.*
>>>>>>>>>>>>>>> is my question is how exactly
should looks like command
>>>>>>>>>>>>>>> with add-user script?
>>>>>>>>>>>>>>> Because in past we used this
command: add-user.sh
>>>>>>>>>>>>>>> –container -u admin -p admin
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Andrej.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> On Wed, Mar 2, 2016 at 10:38
AM, Bruno Oliveira <
>>>>>>>>>>>>>>> bruno(a)abstractj.org>
wrote:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Hi Andrej, answers
inline
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> On Wed, Mar 2, 2016 at
6:13 AM Andrej Prievalsky <
>>>>>>>>>>>>>>>> ado.boj.83(a)gmail.com>
wrote:
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> Hi,
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> I would like to
summary information about How to add
>>>>>>>>>>>>>>>>> Admin User - chapter
3.2.1.
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> My questions are:
>>>>>>>>>>>>>>>>> 1.) From which
version (including) is new concept, that
>>>>>>>>>>>>>>>>> there is no built in
user?
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> 1.8.0 See:
>>>>>>>>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/Migration_f...
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> 2a.) What is exact
command via add-user script
>>>>>>>>>>>>>>>>> (add-user.sh) for
create admin user ?
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> See:
>>>>>>>>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> 2b.) Same question
like in 2a, but in keycloak-overlay (
>>>>>>>>>>>>>>>>>
add-user-keycloak.sh)?
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> You are correct. Maybe
this is an inconsistency to be
>>>>>>>>>>>>>>>> fixed.
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> Thanks and Best
Regards,
>>>>>>>>>>>>>>>>> Andrej.
>>>>>>>>>>>>>>>>>
_______________________________________________
>>>>>>>>>>>>>>>>> keycloak-user mailing
list
>>>>>>>>>>>>>>>>>
keycloak-user(a)lists.jboss.org
>>>>>>>>>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
_______________________________________________
>>>>>>>>>>>>>> keycloak-user mailing list
>>>>>>>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
_______________________________________________
>>>>>>>>>>>>> keycloak-user mailing
listkeycloak-user@lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
_______________________________________________
>>>>>>>>>>>>> keycloak-user mailing list
>>>>>>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> _______________________________________________
>>>>>>>>>> keycloak-user mailing list
>>>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>
9:12 a.m.
It would seem so
On 27 April 2016 at 09:57, Andrej Prievalsky <ado.boj.83(a)gmail.com> wrote:
Hi all,
I would like to ask again only for confirmation.
My setup is keycloak overlay in domain mode.
Question is how can I create Admin keycloak user in this setup.
With only domain option it doesn't work:
[sab@idm72 wildfly]$ ./bin/add-user-keycloak.sh -r master -u admin -p
admin --domain
Added 'admin' to
'/opt/wildfly/domain/configuration/keycloak-add-user.json',
restart server to load user
But with next option I got and it works:
sab@idm72 wildfly]$ ./bin/add-user-keycloak.sh -r master -u admin -p
admin --domain --dc
/opt/wildfly/domain/servers/idm-server-idm72/configuration/
Added 'admin' to '/opt/wildfly/
domain/servers/idm-server-idm72/configuration/keycloak-add-user.json',
restart server to load user
Are needed for domain mode both options?
Best Regards,
Andrej.
On Tue, Apr 19, 2016 at 3:43 PM, Andrej Prievalsky <ado.boj.83(a)gmail.com>
wrote:
> With only domain option I got and it doesn't work:
>
> [sab@idm72 wildfly]$ ./bin/add-user-keycloak.sh -r master -u admin -p
> admin --domain
>
> Added 'admin' to
'/opt/wildfly/domain/configuration/keycloak-add-user.json',
> restart server to load user
>
>
> But with next option I got and it works:
>
> sab@idm72 wildfly]$ ./bin/add-user-keycloak.sh -r master -u admin -p
> admin --domain --dc
> /opt/wildfly/domain/servers/idm-server-idm72/configuration/
>
> Added 'admin' to '/opt/wildfly/
> domain/servers/idm-server-idm72/configuration/keycloak-add-user.json',
> restart server to load user
>
>
> Are needed for domain both options?
>
> On Tue, Apr 19, 2016 at 1:15 PM, Stian Thorgersen <sthorger(a)redhat.com>
> wrote:
>
>> There's a domain option:
>> bin/add-user-keycloak.[sh|bat] -r master -u <username> -p <password>
>> --domain
>>
>> On 19 April 2016 at 13:09, Andrej Prievalsky <ado.boj.83(a)gmail.com>
>> wrote:
>>
>>> Hi all,
>>>
>>> @Marek: I am using H2 database. I can't delete
/opt/wildfly/standalone/data,
>>> because this folder is not present.
>>>
>>> But, for our domain mode we have to move created
>>> /opt/wildfly/standalone/configuration/keycloak-add-user.json to
>>> /opt/wildfly/domain/servers/{server-name}/configuration
>>> and after we could login to keycloak admin console.
>>>
>>> So in summary we have to in domain mode for create admin user:
>>> 1.) bin/add-user-keycloak.[sh|bat] -r master -u <username> -p
>>> <password>
>>> 2.) copy /opt/wildfly/standalone/configuration/keycloak-add-user.json
>>> to /opt/wildfly/domain/servers/{server-name}/configuration
>>> 3.) restart server
>>>
>>> Are this steps correctly and expected from your side?
>>>
>>>
>>>
>>> On Tue, Apr 19, 2016 at 8:40 AM, Andrej Prievalsky <
>>> ado.boj.83(a)gmail.com> wrote:
>>>
>>>> Thanks Marek, I will try your hint.
>>>> @Stian: I am trying login to Keycloak admin console.
>>>>
>>>> On Mon, Apr 18, 2016 at 1:59 PM, Stian Thorgersen
<sthorger(a)redhat.com
>>>> > wrote:
>>>>
>>>>> Just to confirm are you trying to login to Keycloak admin console or
>>>>> WildFly console?
>>>>>
>>>>> On 18 April 2016 at 10:04, Andrej Prievalsky
<ado.boj.83(a)gmail.com>
>>>>> wrote:
>>>>>
>>>>>> OK, but when we created user with add-user-keycloak.sh:
>>>>>>
>>>>>> [sab@idm69 wildfly]$ ./bin/add-user-keycloak.sh -r master -u
admin
>>>>>> -p admin
>>>>>> Added 'admin' to
>>>>>>
'/opt/wildfly/standalone/configuration/keycloak-add-user.json', restart
>>>>>> server to load user
>>>>>>
>>>>>> After restart server, we can't login with admin user and
password
>>>>>> admin.
>>>>>> We got Error message: Invalid username or password.
>>>>>>
>>>>>>
>>>>>> Can be problem on your side or in our setup and configuration?
>>>>>>
>>>>>> On Fri, Apr 15, 2016 at 3:25 PM, Stian Thorgersen <
>>>>>> sthorger(a)redhat.com> wrote:
>>>>>>
>>>>>>> With server overlay use add-user-keycloak and restart the
server
>>>>>>>
>>>>>>> On 15 April 2016 at 14:43, Andrej Prievalsky
<ado.boj.83(a)gmail.com>
>>>>>>> wrote:
>>>>>>>
>>>>>>>> Hi All,
>>>>>>>>
>>>>>>>> in setup Wildfly-10 in domain mode +
keycloak-overlay-1.9.2.Final
>>>>>>>> I tried to create Admin User in two ways like in guide:
>>>>>>>>
>>>>>>>> 1.) via bin/add-user.[sh|bat] -r master -u
<username> -p
>>>>>>>> <password>
>>>>>>>> I got this ERROR:
>>>>>>>>
>>>>>>>> *[sab@idm69 wildfly]$ ./bin/add-user.sh -r master -u
admin -p
>>>>>>>> tmo46713*
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> ** Error **
>>>>>>>>
>>>>>>>> *WFLYDM0065: The user supplied realm name
'master' does not match
>>>>>>>> the realm name discovered from the property file(s)
'ManagementRealm'.*
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> *Exception in thread "main"
>>>>>>>>
org.jboss.as.domain.management.security.adduser.AddUserFailedException:
>>>>>>>> WFLYDM0065: The user supplied realm name 'master'
does not match the realm
>>>>>>>> name discovered from the property file(s)
'ManagementRealm'.*
>>>>>>>>
>>>>>>>> * at
>>>>>>>>
org.jboss.as.domain.management.security.adduser.ErrorState.execute(ErrorState.java:72)*
>>>>>>>>
>>>>>>>> * at
>>>>>>>>
org.jboss.as.domain.management.security.adduser.AddUser.run(AddUser.java:130)*
>>>>>>>>
>>>>>>>> * at
>>>>>>>>
org.jboss.as.domain.management.security.adduser.AddUser.main(AddUser.java:223)*
>>>>>>>>
>>>>>>>> * at
sun.reflect.NativeMethodAccessorImpl.invoke0(Native
>>>>>>>> Method)*
>>>>>>>>
>>>>>>>> * at
>>>>>>>>
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)*
>>>>>>>>
>>>>>>>> * at
>>>>>>>>
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)*
>>>>>>>>
>>>>>>>> * at
java.lang.reflect.Method.invoke(Method.java:497)*
>>>>>>>>
>>>>>>>> * at
org.jboss.modules.Module.run(Module.java:329)*
>>>>>>>>
>>>>>>>> * at org.jboss.modules.Main.main(Main.java:507)*
>>>>>>>>
>>>>>>>>
>>>>>>>> 2.) via bin/add-user-keycloak.[sh|bat] -r master -u
<username> -p
>>>>>>>> <password>
>>>>>>>>
>>>>>>>> User was created under standalone path.
>>>>>>>>
>>>>>>>>
>>>>>>>> Thanks and Best Regards
>>>>>>>>
>>>>>>>> Andrej.
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On Thu, Mar 3, 2016 at 7:18 PM, Stian Thorgersen <
>>>>>>>> sthorger(a)redhat.com> wrote:
>>>>>>>>
>>>>>>>>> Please read the documentation it explains it all
>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>>>>
>>>>>>>>> On 3 March 2016 at 16:24, Andrej Prievalsky
<ado.boj.83(a)gmail.com
>>>>>>>>> > wrote:
>>>>>>>>>
>>>>>>>>>> Hi all,
>>>>>>>>>>
>>>>>>>>>> 1.) meantime I tried on
keycloak-overlay-1.7.0.Final via
>>>>>>>>>> add-user-keycloak.sh script in wildfly domain
mode create Admin user and I
>>>>>>>>>> got:
>>>>>>>>>>
>>>>>>>>>> [root@keycloakoverlay /opt/wildfly/bin]$
./add-user-keycloak.sh
>>>>>>>>>> -u admin -p admin
>>>>>>>>>> Added 'admin' to '
>>>>>>>>>>
*/opt/wildfly/standalone/configuration/keycloak-add-user.json*',
>>>>>>>>>> restart server to load user
>>>>>>>>>>
>>>>>>>>>> Is it correct, that user is created in standalone
path?
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
----------------------------------------------------------------------------
>>>>>>>>>>
>>>>>>>>>> 2.) can I in version 1.7.0.Final create or
replace Admin user
>>>>>>>>>> for Master realm with permanent password, which
could be created
>>>>>>>>>> automatically via command line and not needed
change password manually
>>>>>>>>>> after first login?
>>>>>>>>>>
>>>>>>>>>> Thanks,
>>>>>>>>>> Andrej.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Thu, Mar 3, 2016 at 1:50 PM, Stian Thorgersen
<
>>>>>>>>>> sthorger(a)redhat.com> wrote:
>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On 3 March 2016 at 13:48, Stan Silvert
<ssilvert(a)redhat.com>
>>>>>>>>>>> wrote:
>>>>>>>>>>>
>>>>>>>>>>>> On 3/3/2016 12:09 AM, Stian Thorgersen
wrote:
>>>>>>>>>>>>
>>>>>>>>>>>> The standard add-user script adds WildFly
users, we want the
>>>>>>>>>>>> standard script to add Keycloak users.
It's a Keycloak server after all.
>>>>>>>>>>>>
>>>>>>>>>>>> You still need WildFly users if you want
to use CLI (remotely)
>>>>>>>>>>>> or web console. As far as I know, we
can't secure those things with
>>>>>>>>>>>> Keycloak yet.
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> In the future we will secure it with
Keycloak, in the mean time
>>>>>>>>>>> the add-user has a '--container'
option.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> There are workarounds, but I'm just
saying, WildFly
>>>>>>>>>>>> add-user.sh is a useful tool that we
might want to still ship in some form
>>>>>>>>>>>> until such time that CLI and web console
is fully integrated with Keycloak.
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> On 2 March 2016 at 20:00, Stan Silvert
<ssilvert(a)redhat.com>
>>>>>>>>>>>> wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> On 3/2/2016 1:50 PM, Stian Thorgersen
wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>> Not a chance. In server dist we want
to hide WildFly's
>>>>>>>>>>>>> add-user script.
>>>>>>>>>>>>>
>>>>>>>>>>>>> I could guess, but I have to ask,
why?
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> On 2 March 2016 at 14:12, Stan
Silvert <ssilvert(a)redhat.com>
>>>>>>>>>>>>> wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> On 3/2/2016 7:02 AM, Stian
Thorgersen wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> In overlay the script should be
add-user-keycloak. The
>>>>>>>>>>>>>> overlay adds Keycloak server to
an existing WildFly installation so we
>>>>>>>>>>>>>> don't want to overwrite any
existing files. I appreciate this may be
>>>>>>>>>>>>>> confusing and inconsistent, but
at the same time if we did overwrite people
>>>>>>>>>>>>>> would probably complain about us
overwriting the existing script.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> In the server dist this
doesn't apply as the server is
>>>>>>>>>>>>>> purely a Keycloak server, not a
WildFly server.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> I guess the solution would be to
make server dist consistent
>>>>>>>>>>>>>> with overlay, so both are
add-user-keycloak. Not sure how I feel about
>>>>>>>>>>>>>> that.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> On 2 March 2016 at 11:10, Bruno
Oliveira <
>>>>>>>>>>>>>> bruno(a)abstractj.org> wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> I'm not sure if I follow
your question but './add-user.sh
>>>>>>>>>>>>>>> -u admin -p admin' or
'./add-user.sh -u admin' should work.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> On Wed, Mar 2, 2016 at 7:03
AM Andrej Prievalsky <
>>>>>>>>>>>>>>> ado.boj.83(a)gmail.com>
wrote:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Hi Bruno,
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> thanks for answer.
>>>>>>>>>>>>>>>> But from
>>>>>>>>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>>>>>>>>>>> and section: *...you can
use the add-user script from the
>>>>>>>>>>>>>>>> command-line.*
>>>>>>>>>>>>>>>> is my question is how
exactly should looks like command
>>>>>>>>>>>>>>>> with add-user script?
>>>>>>>>>>>>>>>> Because in past we used
this command: add-user.sh
>>>>>>>>>>>>>>>> –container -u admin -p
admin
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Andrej.
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> On Wed, Mar 2, 2016 at
10:38 AM, Bruno Oliveira <
>>>>>>>>>>>>>>>> bruno(a)abstractj.org>
wrote:
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> Hi Andrej, answers
inline
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> On Wed, Mar 2, 2016
at 6:13 AM Andrej Prievalsky <
>>>>>>>>>>>>>>>>>
ado.boj.83(a)gmail.com> wrote:
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> Hi,
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> I would like to
summary information about How to add
>>>>>>>>>>>>>>>>>> Admin User -
chapter 3.2.1.
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> My questions
are:
>>>>>>>>>>>>>>>>>> 1.) From which
version (including) is new concept, that
>>>>>>>>>>>>>>>>>> there is no built
in user?
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> 1.8.0 See:
>>>>>>>>>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/Migration_f...
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> 2a.) What is
exact command via add-user script
>>>>>>>>>>>>>>>>>> (add-user.sh) for
create admin user ?
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> See:
>>>>>>>>>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> 2b.) Same
question like in 2a, but in keycloak-overlay (
>>>>>>>>>>>>>>>>>>
add-user-keycloak.sh)?
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> You are correct.
Maybe this is an inconsistency to be
>>>>>>>>>>>>>>>>> fixed.
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> Thanks and Best
Regards,
>>>>>>>>>>>>>>>>>> Andrej.
>>>>>>>>>>>>>>>>>>
_______________________________________________
>>>>>>>>>>>>>>>>>> keycloak-user
mailing list
>>>>>>>>>>>>>>>>>>
keycloak-user(a)lists.jboss.org
>>>>>>>>>>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
_______________________________________________
>>>>>>>>>>>>>>> keycloak-user mailing list
>>>>>>>>>>>>>>>
keycloak-user(a)lists.jboss.org
>>>>>>>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
_______________________________________________
>>>>>>>>>>>>>> keycloak-user mailing
listkeycloak-user@lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
_______________________________________________
>>>>>>>>>>>>>> keycloak-user mailing list
>>>>>>>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
_______________________________________________
>>>>>>>>>>> keycloak-user mailing list
>>>>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>
3160
days inactive
3216
days old
23 comments
5 participants
participants (5)
-
Andrej Prievalsky -
Bruno Oliveira -
Marek Posolda -
Stan Silvert -
Stian Thorgersen