October 2015 - keycloak-user - Jboss List Archives

Re: [keycloak-user] Changing url in reset-password emails

by Benjamin Hansmann [alphaApps]

That's exactly what I was asking two hours ago. I've found a temporary workaround: In the keycloak services module I patched the method loginBase in Urls.java to replace hostname. I added a nullcheck and used an Uribuilder to keep everything else as is, otherwise it failed to reset password. I built the module with maven and replaced just the keycloak-services jar on my server. Maybe this causes issues somewhere else, I don't know... -------- Ursprüngliche Nachricht -------- Von: Fabio Monteiro <fmrage(a)hotmail.com> Datum:21.10.2015 18:57 (GMT+01:00) An: keycloak-user(a)lists.jboss.org Cc: Betreff: [keycloak-user] Changing url in reset-password emails Hi, We use keycloak API rest to send email password reset to users. But we would need to change the host part of the url used in the email link presented to users in the email sent to them. Is there an easy way to do so, you guys know?? This is quite critical right now for our app so any help would be MUCH appreciated. THANKS A LOT Fabio Monteiro

8 years, 6 months

1
0
0 / 0

Keycloak 1.6.0.Final Released

by Stian Thorgersen

We're pleased to announce the release of Keycloak 1.6.0.Final. - *SAML SP* - in the past we only had client libraries for OpenID Connect, now we also have client libraries for SAML - *Offline Tokens* - if your applications need long term access outside of the users session you should take a look at the new offline tokens support we've added - *Client Registration* - we introduced a new rest api that can be used to automate the registration of clients, this includes a java client library. This feature will be further polished in a future release, including documentation and examples - *Import Clients in Admin Console* - it's now possible to import clients through the admin console using the Keycloak JSON client representation or OpenID Connect descriptions - *Added Root URL to Clients* - we've added a root url to clients. For clients that have a root url defined you can use relative urls for redirect uris and other urls - *Internationalization support in Admin Console* - we've added support for internationalization of the Admin Console. Around half the pages now support translation and the rest will be added in the next release For the full list of issues resolved check out JIRA <https://issues.jboss.org/issues/?jql=project%20%3D%2012313920%20AND%20fix...> and to download the release go to the Keycloak homepage <http://keycloak.org/downloads>.

8 years, 6 months

5
11
0 / 0

Integration in a federation of identity provider liek shibolleth

by Jérôme Blanchard

Hi all, I'm trying to integrate keycloak in a federation of indentities (shibolleth) using the SAMLv2 Identity Provider. The problem is that the federation count something like 100 Identity Providers and I'm afraid of the L&F of the GUI as for now, adding 3 of them is creating a button for each. Is there is a limit or something that creates a drop down menu ? (like this list https://discovery.renater.fr/renater) <https://discovery.renater.fr/renater/?entityID=https%3A%2F%2Fsaga.renater...> The goal for me is to create a kind of parser for this idps list : http://federation.renater.fr/renater/idps-renater-metadata.xml in order to parse this list and maintain my IDPs in keycloak up to date. Another question is : is each client in keycloak has to be declared as a Service Provider or only the keycloak server ? If you have any feedback for shibolleth federation integration using keycloak I'll be very glad to share them. Thanks a lot, Best Regards, Jérôme.

8 years, 6 months

3
5
0 / 0

Keycloak 1.1.0 Beta2

by Chen Keong Yap

Hi Stian, Please advise if Keycloak failover working in 2 nodes cluster in jboss?

8 years, 6 months

2
1
0 / 0

Rest api for login

by Revanth Ayalasomayajula

Hi, I am using Keycloak1.5.0 to secure my application. I want to perform login using a rest api. I was able to see that they are two parameters that are sent in the call and wanted to know how i will be able to achieve this functionality using a rest api. Thanks.

8 years, 6 months

3
4
0 / 0

Unable to Add Role Mappings Via REST API in 1.5.1

by Edem Morny

Hi, I'm having issues migrating my application from keycloak 1.2.1.Final to 1.5.1.Final. I already had working code that enables us to create users and assign role mappings to those users via the REST api. However, whiles testing the application for migrating to 1.5.1, I get a 404 when application attempts to add rolemappings to users via the REST api. The REST invocation to create the user actually works, its the subsequent invocation to add role-mappings that fails with the 404. Do you have any idea what has changed?

8 years, 6 months

3
3
0 / 0

Cluster configuration does not work

by Rafael Coutinho

Hi, I have an environment with an AngularJS app client, which authenticates user and keeps its data, and a server app that receive some requests for Webservices resources. For some webservices I need, on the server side, to translate the token into the user information. For that I use the url: auth/realms/MYREAL/protocol/openid-connect/userinfo with the Authorization token. The problem is that the server is behind a load balance and access keycloak thru port 8080. While AngularJS access the same server thru port 80. Keycloak complains that the Token was issued from a different url than I'm querying on the server side. Forcing me to use the same hostname and port on the server and on the client. Is that correct? How will I deploy on a distribuited environment? ps. I'm using my own HTTP client to make that request to userinfo. ps2. I have added "auth-server-url-for-backend-requests" however I don't see any difference. Rafael Coutinho Software Engineer Professional profile: www.linkedin.com/in/rafaelcoutinho

8 years, 6 months

2
1
0 / 0

Problem with Keycloak WF 9 adapter and Wildfly 10 CR2

by Flynn, Kenneth

Hello all, It looks like Wildfly 10 changes a method interface in undertow and the keycloak is still linking against the old method. Going across a redirect, I get this exception: java.lang.NoSuchMethodError: io.undertow.server.Connectors.ungetRequestBytes(Lio/undertow/server/HttpServerExchange;[Lorg/xnio/Pooled;)V org.keycloak.adapters.undertow.SavedRequest.tryRestoreRequest(SavedRequest.java:112) org.keycloak.adapters.undertow.ServletSessionTokenStore.restoreRequest(ServletSessionTokenStore.java:119) org.keycloak.adapters.undertow.ServletSessionTokenStore.isCached(ServletSessionTokenStore.java:67) org.keycloak.adapters.RequestAuthenticator.authenticate(RequestAuthenticator.java:85) org.keycloak.adapters.undertow.AbstractUndertowKeycloakAuthMech.keycloakAuthenticate(AbstractUndertowKeycloakAuthMech.java:114) org.keycloak.adapters.undertow.ServletKeycloakAuthMech.authenticate(ServletKeycloakAuthMech.java:94) Looking at this commit: https://github.com/undertow-io/undertow/commit/b62c3f1efadeb86d94ed6577f5... the parameters changed type (from Pooled<ByteBuffer> to PooledByteBuffer). This is called from here: https://github.com/keycloak/keycloak/blob/master/integration/undertow/src... I'm guessing the call on 112 needs to make the new object type? Should I file a bug in the JIRA? Thanks, Kenn

8 years, 6 months

2
1
0 / 0

Jackson2 Support for AdminClient

by Travis De Silva

Hi, Some previous posts discuss about the error you get when you use the Admin Client in Jackson2 environments. The current solution seems to be 1. Revert to Jackson 1 by specifying it in the jboss deployment xml 2. Use the Admin REST API directly. Option 1 is possible if your application does not depend on any jackson2 feature (which is not the case for me and I suspect many others as well) So we end using using the Admin REST API directly which is a shame as the AdminClient looks a more elegant option that we can use out of the box. There also seems to be a Jira issue present for this https://issues.jboss.org/browse/KEYCLOAK-815 Any idea if this will get resolved anytime in the near future. Cheers Travis

8 years, 6 months

2
2
0 / 0

Re: [keycloak-user] Issue with XPathFactory

by carmen

Hi Bill, I already had <module name="javax.api”/> in my module.xml I did find a workaround that I do not like and I am hoping that you can help me do it right Ok so I first set jaxp debug to true, and I was getting the following error JAXP: using thread context class loader (ModuleClassLoader for Module "deployment.keycloak-server.war:main" from Service Module Loader) for search 11:03:40,517 ERROR [stderr] (default task-2) JAXP: Looking up system property 'javax.xml.xpath.XPathFactory:http://java.sun.com/jaxp/xpath/dom' <http://java.sun.com/jaxp/xpath/dom'> 11:03:40,517 ERROR [stderr] (default task-2) JAXP: The value is '__redirected.__XPathFactory' 11:03:40,517 ERROR [stderr] (default task-2) JAXP: createInstance(__redirected.__XPathFactory) 11:03:40,518 ERROR [stderr] (default task-2) JAXP: loaded __redirected.__XPathFactory from jar:file:/Users/Carmen/software/keycloak-demo-1.5.0.Final/keycloak/jboss-modules.jar!/__redirected/__XPathFactory.class 11:03:40,518 ERROR [stderr] (default task-2) JAXP: could not instantiate __redirected.__XPathFactory 11:03:40,519 ERROR [stderr] (default task-2) java.lang.ClassCastException: __redirected.__XPathFactory cannot be cast to javax.xml.xpath.XPathFactory 11:03:40,519 ERROR [stderr] (default task-2) at javax.xml.xpath.XPathFactoryFinder.createInstance(XPathFactoryFinder.java:306) 11:03:40,519 ERROR [stderr] (default task-2) at javax.xml.xpath.XPathFactoryFinder._newFactory(XPathFactoryFinder.java:184) 11:03:40,519 ERROR [stderr] (default task-2) at javax.xml.xpath.XPathFactoryFinder.newFactory(XPathFactoryFinder.java:157) So it looked like there was a class loader issue and the ClassCast was not working. I did not know how to fix that, so I went ahead and I changed the property javax.xml.xpath.XPathFactory:http://java.sun.com/jaxp/xpath/dom <http://java.sun.com/jaxp/xpath/dom> back to the default, to override looking for __redirected.__XPathFactory The default implementation is a com.sun….. class that lives in rt.jar and when I tried that I was getting a ClassNotFound, so I went ahead, added Xalan to my module and changed the property to use the Xalan class: org.apache.path.jaxp.XPathFactoryImpl That worked. I had that same issue with another class that was also overriden with a __redirected class (DocumentBuilderFactory), and once I set the default value to the default implementation, the implementation cannot be loaded because it is in rt.jar. I went around that by adding crimsom to my module. So it looks like even though there is a dependency defined of java.api, those jars (at least for xml) do not contain implementations, just the interfaces, and the actual providers are in rt.jar and I get an error trying to load them. So I really do not like what I have done. There’s got to be a way to be able to use the implementations in rt.jar, right? Thanks Maria

8 years, 6 months

2
2
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

keycloak-user October 2015