April 2015 - keycloak-user - Jboss List Archives

by Raghu Prabhala

Hi Dev team, Can you let us know the road map for keycloak? What are your plans regarding FIDO protocol and WS Trust/STS? Thanks Raghu Sent from my iPhone

9 years

2
1
0 / 0

External Registration Flow

by Schneider, Tom

I have an existing application that I'm looking to integrate with keycloak. One of the flows we're working on is a user self-registration flow. In this flow, a user will enter registration information, then the user will be provisioned within the local app and then we use web service calls to create the user in keycloak. After the user is provisioned, then we do a SAML post to keycloak, the user logs in and then they are redirected back to our app. This is all working fine, however, the user must enter their username and password twice, once on the registration screen and once to log into keycloak to establish an SSO session. We'd like to avoid using the keycloak registration screens since we collect additional business data on our registration screen that our app needs. Are there any suggestions on how to avoid this double login?

9 years

3
7
0 / 0

CatalinaUserSessionManagement: Session not present or already invalidated

by Scott Rossillo

Hi all, I’m running Keycloak 1.1.0-Final in standalone mode and using Keycloak agents on Tomcat 6 and Tomcat 8. With both agents, whenever I try to log a user out via the Keycloak server, I see this in the Tomcat server’s log: Apr 01, 2015 7:27:47 PM org.keycloak.adapters.tomcat.CatalinaUserSessionManagement logoutSession WARN: Session not present or already invalidated. The session is still valid and continues to be valid for some period of time in each of the Tomcat instances. Anyone know how to fix? I was looking at the source and I see this method: - - org.keycloak.adapters.tomcat.CatalinaUserSessionManagement. logoutSession() I may test loging the actual exception tomorrow if no one has a clue, but I think it’s probably the exception is being thrown for some reason other than the session no longer existing (it definitely still does). Best, Scott

9 years

2
10
0 / 0

Keycloak OpenShift Cartridge updated to 1.2.0.Beta1

by Stian Thorgersen

Keycloak OpenShift Cartridge updated to 1.2.0.Beta1 https://github.com/keycloak/openshift-keycloak-cartridge

9 years

1
0
0 / 0

Password Expiration

by Chris Atkinson

Hi, How do you configure Keycloak to require users to change their password every, say, 90 days? Or do you need to write a federation provider? Thanks, Chris

9 years

2
1
0 / 0

Play Framwork

by Pablo Martin Gore

Hi I need to implement a security process(SSO) in a play + scala application. could someone help me how I should implement it. Thanks

9 years

1
0
0 / 0

Client cert authentication

by Chris Rued

Hi all, I see on the keycloak homepage that client certificate authentication is "coming soon" for keycloak. Any sense on timing for this/specifics on what it might look like or pointers to docs? Thanks, Chris Sent from my iPhone

9 years

2
1
0 / 0

Missing module

by Juraci Paixão Kröhling

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, For Hawkular, we build a distribution based on Wildfly and add our deployments as modules. Up to Keycloak 1.1.0.Final, we could just add keycloak-wildfly-adapter-dist to our assembly, plus some changes to the standalone.xml and it would work fine. - From Keycloak 1.2.0.Beta1, we get an exception while booting about a missing module (org.picketlink.idm.schema, required by org.keycloak.keycloak-ldap-federation). This module is present on Keycloak's appliance distribution but isn't included on the wildfly-adapter-dist anymore. Copying this module from the appliance distribution is enough to make it work again. Is this change on purpose? If not, I'll send a PR for adding this module into the adapter-dist. - - Juca. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBAgAGBQJVI/tSAAoJEDnJtskdmzLMr8gH/3aypIau9zlVEE6OXQFwgcM4 3oprAxVnSXWpxO05OsgAUKgA7yAXdzKzH0z15kYeqMwT0uGHq7w1Sp0+PZR8JWm9 ktv4uAmk974QgN7cevquKzAO/yXy2XPop/egRq0Smi/sR1gBkCw2KtQOSY//6qK2 mPA4aS4WUXmCp7HLU1EEjoJsAoSrZSKjUp4fD/knon7xjXBV+WGBnjKkCVVuUu5P 4rYXr/6dFohVNjShvB2tG9hJXAdeBF8mIgG/gvbgx186zPSi5HavbgJx61O/oJ2K gp3HCUH7uDofdz3efWbk1CToRoJXnXK7h6d2ctRQBcE6b/iNLsTmr4fabD7JOHk= =bqHe -----END PGP SIGNATURE-----

9 years

2
2
0 / 0

Running Liquibase updates via maven plugin

by Schneider, Tom

I'd like to populate a database for keycloak via the command line using the liquibase maven plugin. With the latest master code, when I try to run this command: mvn -f connections/jpa-liquibase/pom.xml liquibase:update -Durl=jdbc:h2:keycloak I receive the following error message: [ERROR] liquibase.exception.UnexpectedLiquibaseException: liquibase.exception.CustomChangeException: liquibase.exception.SetupException: No KeycloakSession provided in ThreadLocal Am I missing some setup or is this no longer supported?

9 years

2
3
0 / 0

Externalising session storage in keycloak

by Kalinga Dissanayake

Guys i know this has been discussed before, but im trying to find a simple number of steps for me to externalize the session storage in keycloak. I just need to do the following; 1. Two servers running keycloak (wildfly) 2. A load balancer in front of these two servers. Preferably an AWS loadbalancer 3. I need to store the session details on an external store so that the sessions work accurately. There is so much documentation for this but I am actually confused as to what i should do and the bare minimum i should do to achieve this. I dont need a distributed cache or anything just need one cache store (may be infinispan or memcached) and the two keycloak servers running storing the sessions on that. Is there one key place i should look into which contains the bare minimum i should do. Kalinga.

9 years

2
4
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

keycloak-user April 2015