Redirect to keycloak only for certain content-types
by Tair Sabirgaliev
Hi,
Is it possible to setup login redirection only for certain content types?
I want to redirect only when the browser asks for text/html. For other types
either 40x or Authorization challenge.
--
Tair Sabirgaliev
Bee Software, LLP
9 years, 2 months
Service Setup
by Remi Cartier
Quick question.
what would be the best way to setup a keycloak instance to run as a service ?
I have setup the server as a standalone instance right now, but it needs a screen to run.
I have no wildfly instance running anywhere else in my stack.
thanks for your time !
________________________________
REMI CARTIER
B.O.S.S. (Business & Operation Support Systems) P.O (Product Owner)
IMETRIK GLOBAL INC.
T : +1 514 448-6407 x2009
T : +1 866 276-5382 (toll free)
F : +1 514 904-0611
740 Notre Dame St. West, Suite 1575
Montreal, Quebec, Canada H3C 3X6
imetrik.com<http://www.imetrik.com/>
9 years, 2 months
Re: [keycloak-user] Role to claim mapping
by Gonzalo López
testuser has some roles in host B (testrole in this example), I want to put
the roles as a claim in the token so when host A receives the token it maps
the claim to roles in host A
I already did the second part (mapping in host A), but I still can't find
out how to put the roles in a claim.
>
>
>
> On 9/29/2015 3:42 PM, Gonzalo L?pez wrote:
> > I'm trying to test the Identity broker to achieve cross domain sso, this
> > is what I have done:
> >
> > 1 - Installed jboss 6.4 eap + keycloak + keycloak eap6 adapter in host A
> > 2 - Installed jboss 6.4 eap + keycloak in host B
> > 3 - In host A, I added an oidc Identity Provider (importing host B
> > openid connect configuration).
> > 4 - In host A, I created an application (appa.war) that will try to use
> > the broker to authenticate. I added security to the app (only user with
> > role "user" will be able to access some parts)
> > 5 - In host B, I added 2 oidc clients (the broker from host A and appb,
> > appb (appb.war) is a simple application developed to log in using oidc)
> > 6 - In host B, I created a role "testrole" inside appb and a user
> > "testuser", then I added that role to the user.
> >
> > I couldn't find out how to map the role "testrole" to a claim that will
> > be sent to the broker once the user has authenticated. Is there a way to
> > do that?
> >
> > After I accomplish that I plan to map that claim to the role appa.user.
> >
>
> OIDC and SAML Identity Providers have mappers. Host A broker will
> receive the token from Host B. You can map the testrole to whatever
> claim you want.
>
>
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
>
>
>
9 years, 2 months
Direkt Link to forgot password page
by Sebastian Rose
Hi all,
part of my requirements are static links to forgot-password/forgot-credentials and register-user. As far as I understand the source code and everything i read so far, there is a check for the code/user-session and the client-id. Would it be acceptable to change this behaviour to allow requesting e.g. the forgot password link without visiting the login-page first?
Best Regards,
Sebastian
[AOESigLogo]
Sebastian Rose
Developer
AOE GmbH
LuisenForum, Kirchgasse 6
65185 Wiesbaden
Germany
Tel. +49 6122 70 70 7 -234
Fax. +49 6122 70 70 7 -199
e-Mail: sebastian.rose(a)aoe.com<mailto:sebastian.rose@aoe.com>
Web: http://www.aoe.com/
Pflichtangaben laut Handelsgesetz §37a / Aktiengesetz §35a
USt-ID Nr.: DE250247455
Handelsregister: Wiesbaden B
Handelsregister Nr.: 22567
Stammsitz: Wiesbaden
Creditreform: 625.0209354
Geschäftsführer: Kian Toyouri Gould
Diese E-Mail Nachricht enthält vertrauliche und/oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail.
This e-mail message may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail.
9 years, 2 months
Re: [keycloak-user] Issue to migrate MongoDB database from Keycloak version 1.2.0 to 1.5.0
by Pekka Leppänen
Hi,
Here is link to client screenshot: http://postimg.org/image/9brwy7iax/
--
Best regards,
Pekka Leppänen
--
email: galeido(a)galeido.com
--
On 06.10.15 13:58, Marek Posolda wrote :
> Another question: Are you seeing admin clients in master realm for all your realms in admin console? For example, assuming you have 2 realms "master" and "foo" . When you go to master and you check clients, are you seeing both "master-realm" and "foo-realm" clients in the list?
>
> Feel free to create JIRA (ideally with info about mongo version and about your realms and if those admin clients in master realm are available)
>
> Thanks,
> Marek
>
> On 06/10/15 12:46, Marek Posolda wrote:
> > Hi,
> >
> > what's your mongo DB version?
> >
> > Marek
> >
> > On 06/10/15 12:28, Pekka Leppänen wrote:
> >> Hi,
> >>
> >> I have issue to migrate MongoDB database related to the upgrade of Keycloak version 1.2.0 to 1.5.0.
> >>
> >> Here is the direct link to error mesasge itself:
> >> http://pastebin.ubuntu.com/12634233/
> >>
> >> Any ideas what could cause this error scenario or is it just a bug in migration process?
> >>
> >> --
> >> Best regards,
> >> Pekka Leppänen
> >>
> >> --
> >> email: galeido(a)galeido.com
> >> --
> >>
> >>
> >> _______________________________________________
> >> keycloak-user mailing list
> >> keycloak-user(a)lists.jboss.org
> >> https://lists.jboss.org/mailman/listinfo/keycloak-user
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user(a)lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>
> .
9 years, 2 months
Crypto
by Remi Cartier
Hy guys,
I am trying to use some crypto to match hashes from my old db.
The code is :
KeySpec keySpec = new PBEKeySpec(password.toCharArray(), salt.getBytes(), 2048, 160);
SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
byte[] hash = secretKeyFactory.generateSecret(keySpec).getEncoded();
I cant make it work as a federation provider.
it was complaining about java.lang.ClassNotFoundException: javax.crypto.spec.PBEKeySpec
I added jce.jar to the list of dependencies in my module.xml (I shouldn’t have to do that)
Then I got :
ClassNotFoundException: sun.security.jca.GetInstance
I added rt.jar (which I shouldn’t do either)
and then I got some fancy exception : java.lang.LinkageError: loader constraint violation
I then tried with bouncy castle : bcprov-jdk15on-152.jar to no avail.
what is wrong ?
here is my module.xml file :
<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="urn:jboss:module:1.1" name="com.imetrik.saas.server.services.insuranceWebUIBackend.dao.federation">
<resources>
<resource-root path="insuranceWebUIBackend-lib-2.0.5-SNAPSHOT.jar"/>
<resource-root path="jdbi-2.63.1.jar"/>
<resource-root path="postgresql-9.4-1203-jdbc4.jar"/>
<resource-root path="slf4j-api-1.7.12.jar"/>
<resource-root path="slf4j-simple-1.7.12.jar"/>
<resource-root path="global-library-common-2.0.4.jar"/>
<resource-root path="jce.jar"/>
<resource-root path="bcprov-jdk15on-152.jar"/>
</resources>
<dependencies>
<module name="org.keycloak.keycloak-core"/>
<module name="org.keycloak.keycloak-model-api"/>
</dependencies>
</module>
Cheers.
________________________________
REMI CARTIER
B.O.S.S. (Business & Operation Support Systems) P.O (Product Owner)
IMETRIK GLOBAL INC.
T : +1 514 448-6407 x2009
T : +1 866 276-5382 (toll free)
F : +1 514 904-0611
740 Notre Dame St. West, Suite 1575
Montreal, Quebec, Canada H3C 3X6
imetrik.com<http://www.imetrik.com/>
9 years, 2 months
export of realm json
by Tim Dudgeon
keycloak provides a way to import the definition of a realm as json, but
I can't see any way in the UI to export the definition in the first place.
Am I missing something obvious?
Tim
9 years, 2 months
Re: [keycloak-user] Issue to migrate MongoDB database from Keycloak version 1.2.0 to 1.5.0
by Pekka Leppänen
Hi Marek,
Currently running 3.0.3. Previous version of Keycloak (1.2.0) works perfectly with this.
--
Best regards,
Pekka Leppänen
--
email: galeido(a)galeido.com
--
On 06.10.15 13:46, Marek Posolda wrote :
> Hi,
>
> what's your mongo DB version?
>
> Marek
>
> On 06/10/15 12:28, Pekka Leppänen wrote:
> > Hi,
> >
> > I have issue to migrate MongoDB database related to the upgrade of Keycloak version 1.2.0 to 1.5.0.
> >
> > Here is the direct link to error mesasge itself:
> > http://pastebin.ubuntu.com/12634233/
> >
> > Any ideas what could cause this error scenario or is it just a bug in migration process?
> >
> > --
> > Best regards,
> > Pekka Leppänen
> >
> > --
> > email: galeido(a)galeido.com
> > --
> >
> >
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user(a)lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>
> .
9 years, 2 months
