July 2014 - keycloak-user - Jboss List Archives

by Rodrigo Sasaki

Hi, I'm working on a Java-based wrapper for the REST API, to make it look more OO, abstracting the access to servers. It uses methods such as User bill = realm.getUser("bburke") List<RoleRepresentation> roles = bill.getApplicationRoleMappings("customer-portal"); It's still in it's early stages, but if you find it interesting, I'd be happy to create a repo for other Java users to use it, and adapt it based on suggestions aswell. Best regards, -- Rodrigo Sasaki

11 years, 5 months

4
37
0 / 0

Admin of A Realm

by Edem Morny

Hi, We will be doing a demo of a proof of concept of a project we've been working on by Friday, with keycloak as our security backbone. One of the questions that has come up in our work is that since the organisation's own IT staff will be managing the security and assigning of users to roles etc, there should be the ability to assign a person/persons as administrators of a particular realm. In our testing we've always been logging in with the admin of the "master" realm and navigating to the realm of the application. Is there a way to make a user in a realm an administrator of only their realm, so the org's IT staff can take over that task?

11 years, 5 months

2
1
0 / 0

Getting all roles for a realm and appliaction

by Chris Stier

Hi all, Is there currently a way to get all roles for a realm and application? I found the rest api docs... but when I call /admin/realms/{realm}/applications/{app-name}/roles <http://docs.jboss.org/keycloak/docs/1.0-beta-3/rest-api/admin/realms/%7Br...> with the appropriate realm and app name I just get the text "Bearer" returned. Is this still in the works or am I missing something? Thanks so much! Chris Stier

11 years, 5 months

3
2
0 / 0

Client cert based OAuth

by Vivek Srivastav (vivsriva)

The KeyCloak reference guide points out that client cert auth is coming soon. What cert authentication mechanism will be used in the implementation and when is is planned? Regards, Vivek

11 years, 5 months

2
1
0 / 0

Clarification on redirect uri configuration on the KeyCloak admin console

by Vivek Srivastav (vivsriva)

I am trying to understand the redirect uri configuration on the KeyCloak admin console. As per the document: http://docs.jboss.org/keycloak/docs/1.0-beta-3/userguide/html_single/#ins... there are two special special redirect uri for application. I have few questions about the http://localhost 1. When I configure my application with the http://localhost and confidential access_type, am I supposed to provide a callback implementation or is is handled by keyclock client libraries that I bundle with my web app? 2. Am I supposed to provide a “port” along with the redirect uri? I.e. http://localhost:8989? It seems like with either configuration gives me “WE’RE SORRY”, “Invalid redirect_uri”. 3. When running KeyCloak and my client application on separate servers, will the http://localhost redirect uri automatically supposed to be replaced with the correct IP address/hostname of the Resource Server provides, I.e. my application? I understand that this redirect_uri has been made a mandatory field in recent release of KeyCloak and I could not find information related to its configuration in the “Base Part 1” tutorial video. Any pointers about how to configure this redirect uri for “confidential” access_type would be very helpful. Kind Regards, Vivek

11 years, 5 months

3
4
0 / 0

Unable to register redirect url to google developer console

by Christina Lau

I have successfully create google social login on local keycloak install using this URL: http://localhost:8080/auth/rest/social/callback However, when I changed it to a keycloak install running on EC2, like this: http://54.84.240.18:8080/auth/rest/social/callback I keep getting invalid redirect URL error. Any idea what additional changes to make? Christina

11 years, 5 months

2
4
0 / 0

keycloak war deployment - cannot configure authenticator for method KEYCLOAK

by Vivek Srivastav (vivsriva)

Hi, I am evaluating keycloak and running into this issue when deploying a web application secured using keycloak: 14:12:59,436 INFO [org.jboss.web] (ServerService Thread Pool -- 80) JBAS018210: Register web context: /customer-portal 14:12:59,445 ERROR [org.apache.catalina.startup] (ServerService Thread Pool -- 80) JBWEB001034: Cannot configure an authenticator for method KEYCLOAK 14:12:59,446 ERROR [org.jboss.web] (ServerService Thread Pool -- 80) JBAS018206: Webapp [/customer-portal] is unavailable due to startup errors I have updated the customer-app/src/main/webapp/WEB-INF/web.xml app with following login-config parameter <login-config> <auth-method>KEYCLOAK</auth-method> <realm-name>demo</realm-name> </login-config> I have followed the instructions @ http://docs.jboss.org/keycloak/docs/1.0-beta-3/userguide/html_single/#WAR... and using the following versions of the software: jboss-eap-6.2 keycloak-war-dist-all-1.0-beta-3 I have in addition to the instructions above, cd $JBOSS_HOME unzip ~/opt/keycloak/keycloak-war-dist-all-1.0-beta-3/adapters/keycloak-eap6-adapter-dist-1.0-beta-3.zip to update the modules folder. Could you please suggest what I can do to fix this? Regards, Vivek

11 years, 5 months

2
3
0 / 0

Can't get sample to work on EC2 RHEL

by Christina Lau

Hi, I installed keycloak on a EC2 RHEL VM. I can login to the admin console. I then build and deploy the pre-configured-demo examples and imported the demo realm. However, I am unable to invoke the customer-portal. I have tried to change the application URL already in the admin console. Any idea what I may be missing? I get 404 not found error here: http://54.84.240.18:8080/customer-portal/customers/view.jsp You can login as admin/password to take a look too… http://54.84.240.18:8080/auth/

11 years, 5 months

2
1
0 / 0

Export a realm?

by Christina Lau

Is there a way to export a realm that I created manually, similar to the examples/testrealm.json file? I can’t find that function in the admin console. Thanks… Christina

11 years, 5 months

2
1
0 / 0

Using H2 database in PROD

by Kamal Jagadevan

Hello, Are there any Strong reasons/recommendation for moving Keycloak backend from H2 database to a different database? I noticed this in the Reference guide "....you might want to use a better relational database for Keycloak like PostgreSQL"... Our application is on-premise solution and wouldn't involve with substantially large number of users. Please advise if we can go with Keycloak & H2 database for production. Best Kamal

11 years, 5 months

2
1
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

keycloak-user July 2014