Re: [keycloak-user] keycloak-user Digest, Vol 30, Issue 24
by Tair Sabirgaliev
Hi Aleksandr!
What is your Wildfly version?
Wildfly 8 has buggy Java Mail API. In Wildfly 9 and later proper encoding
is done automatically, no need to `encodeText` manually.
See my answer here:
http://stackoverflow.com/questions/35010796/wildfly-9-x-fails-encoding-gr...
--
Tair Sabirgaliev
On 7 June 2016 at 11:03:50, keycloak-user-request(a)lists.jboss.org (
keycloak-user-request(a)lists.jboss.org) wrote:
Message: 1
Date: Mon, 6 Jun 2016 12:12:26 +0000
From: Nekrasov Aleksandr <a.nekrasov(a)ftc.ru>
Subject: [keycloak-user] Email internationalization
To: "keycloak-user(a)lists.jboss.org" <keycloak-user(a)lists.jboss.org>
Message-ID: <59219ba4c1b449d0a2bded5436b8ca6a(a)nut-mbx-4.win.ftc.ru>
Content-Type: text/plain; charset="koi8-r"
Hello everyone.
I found a bug when trying to send email from keycloak to users with
encoding against English.
For example, when I try to send Russian message with subject "???????? ????
??????? ??????" I see "????????????? ?????? ??????????? ?????" in my email.
I think you should update org.keycloak.email.DefaultEmailSenderProvider
class with line
msg.setSubject(subject);
to
msg.setSubject(MimeUtility.encodeText(subject, "utf-8", "B"));
Thanks.
Nekrasov Aleksander,
Developer,
Center of Financial Techologies
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://lists.jboss.org/pipermail/keycloak-user/attachments/20160606/bea2f...
------------------------------
Message: 2
Date: Mon, 6 Jun 2016 19:38:59 +0200
From: Stian Thorgersen <sthorger(a)redhat.com>
Subject: Re: [keycloak-user] Email internationalization
To: Nekrasov Aleksandr <a.nekrasov(a)ftc.ru>
Cc: "keycloak-user(a)lists.jboss.org" <keycloak-user(a)lists.jboss.org>
Message-ID:
<CAJgngAeDFzb96dtFGgz59_RE-A3oGAJUNsNFPA-xXjxvYWipGw(a)mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Please create a JIRA. If you want to submit a PR that would be welcome as
well.
On 6 June 2016 at 14:12, Nekrasov Aleksandr <a.nekrasov(a)ftc.ru> wrote:
> Hello everyone.
>
> I found a bug when trying to send email from keycloak to users with
> encoding against English.
>
> For example, when I try to send Russian message with subject ?????????
> ???? ??????? ??????? I see ?????????????? ?????? ??????????? ?????? in my
> email.
>
>
>
> I think you should update org.keycloak.email.DefaultEmailSenderProvider
> class with line
>
> msg.setSubject(subject);
>
> to
>
> msg.setSubject(MimeUtility.*encodeText*(subject, *"utf-8"*, *"B"*));
>
>
>
> Thanks.
>
>
>
> Nekrasov Aleksander,
>
> Developer,
>
> Center of Financial Techologies
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://lists.jboss.org/pipermail/keycloak-user/attachments/20160606/21c20...
------------------------------
8 years, 5 months
Re: [keycloak-user] Email internationalization
by Tair Sabirgaliev
Hi Aleksandr!
What is your Wildfly version?
Wildfly 8 has buggy Java Mail API. In Wildfly 9 and later proper encoding is done automatically, no need to `encodeText` manually.
See my answer here: http://stackoverflow.com/questions/35010796/wildfly-9-x-fails-encod...
--
Tair Sabirgaliev
On 7 June 2016 at 11:03:50, keycloak-user-request(a)lists.jboss.org (keycloak-user-request(a)lists.jboss.org) wrote:
Message: 1
Date: Mon, 6 Jun 2016 12:12:26 +0000
From: Nekrasov Aleksandr <a.nekrasov(a)ftc.ru>
Subject: [keycloak-user] Email internationalization
To: "keycloak-user(a)lists.jboss.org" <keycloak-user(a)lists.jboss.org>
Message-ID: <59219ba4c1b449d0a2bded5436b8ca6a(a)nut-mbx-4.win.ftc.ru>
Content-Type: text/plain; charset="koi8-r"
Hello everyone.
I found a bug when trying to send email from keycloak to users with encoding against English.
For example, when I try to send Russian message with subject "???????? ???? ??????? ??????" I see "????????????? ?????? ??????????? ?????" in my email.
I think you should update org.keycloak.email.DefaultEmailSenderProvider class with line
msg.setSubject(subject);
to
msg.setSubject(MimeUtility.encodeText(subject, "utf-8", "B"));
Thanks.
Nekrasov Aleksander,
Developer,
Center of Financial Techologies
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160606/bea2f...
------------------------------
Message: 2
Date: Mon, 6 Jun 2016 19:38:59 +0200
From: Stian Thorgersen <sthorger(a)redhat.com>
Subject: Re: [keycloak-user] Email internationalization
To: Nekrasov Aleksandr <a.nekrasov(a)ftc.ru>
Cc: "keycloak-user(a)lists.jboss.org" <keycloak-user(a)lists.jboss.org>
Message-ID:
<CAJgngAeDFzb96dtFGgz59_RE-A3oGAJUNsNFPA-xXjxvYWipGw(a)mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Please create a JIRA. If you want to submit a PR that would be welcome as
well.
On 6 June 2016 at 14:12, Nekrasov Aleksandr <a.nekrasov(a)ftc.ru> wrote:
> Hello everyone.
>
> I found a bug when trying to send email from keycloak to users with
> encoding against English.
>
> For example, when I try to send Russian message with subject ?????????
> ???? ??????? ??????? I see ?????????????? ?????? ??????????? ?????? in my
> email.
>
>
>
> I think you should update org.keycloak.email.DefaultEmailSenderProvider
> class with line
>
> msg.setSubject(subject);
>
> to
>
> msg.setSubject(MimeUtility.*encodeText*(subject, *"utf-8"*, *"B"*));
>
>
>
> Thanks.
>
>
>
> Nekrasov Aleksander,
>
> Developer,
>
> Center of Financial Techologies
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160606/21c20...
------------------------------
8 years, 5 months
Email internationalization
by Nekrasov Aleksandr
Hello everyone.
I found a bug when trying to send email from keycloak to users with encoding against English.
For example, when I try to send Russian message with subject "Обновите вашу учётную запись" I see "????????????? ?????? ??????????? ?????" in my email.
I think you should update org.keycloak.email.DefaultEmailSenderProvider class with line
msg.setSubject(subject);
to
msg.setSubject(MimeUtility.encodeText(subject, "utf-8", "B"));
Thanks.
Nekrasov Aleksander,
Developer,
Center of Financial Techologies
8 years, 5 months
Understanding Realm vs. Client roles
by Rafael T. C. Soares
Hi.
I'm trying to understand how a standard Java web app (client) deal with
keycloak roles mechanism.
...
<security-constraint>
<web-resource-collection>
<web-resource-name>App</web-resource-name>
<url-pattern>/some-context/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>some-role</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>KEYCLOAK</auth-method>
<realm-name>demo</realm-name>
</login-config>
<security-role>
<role-name>some-role</role-name>
</security-role>
...
Keycloak has two different role levels: Realm roles and Client roles.
When I create a new user it can automatically inherit default roles from
its realm.
But I can't refer to realm roles from my client app because by default
there is no relationship between realm roles and client apps.
I mean a client under the realm is not aware of realm roles. Right?
From the client app user perspective, I have to create the roles for a
specific client app and then associate that role(s) with a given user
(who wants to have access to that client app). Ok! But what can I do to
associate realm roles with a given client app?
I can create a composite role inside the client and associate it with
some realm roles. But I still have to explicitly associate that client
role with each user I want to grant access to that client app.
Imagine a scenario where you imported thousands of users from a LDAP
server (through User Federation).
Let me explain my scenario:
I'm federating users and roles from an MS AD server. I created a Role
Mapper to import AD groups as Keycloak roles and automatically create
realm roles.
Keycloak imported LDAP groups as realm roles and associated that
roles with each user (according to the group/user association on LDAP)
But in this scenario the association roles/client app on Keycloak is
missing. Ok, I could choose to import LDAP groups as Client roles on the
LDAP Role Mapper configuration. But I prefer to import as realm roles.
Thus all client app create under this realm will inherit that roles.
The role mapper worked perfectly! The problem is: How can I use that
roles (imported to realm and associated with each imported user) to
restrict access to a specific client app?
Can some one point me what would be the correct understanding and the
right approach to use imported AD roles into my realm?
--
___
Rafael T. C. Soares | Solution Architect
JBoss Enterprise Middleware | Red Hat Brazil
Mobile: +55 71 98181-3636
Phone: +55 11 3529-6096
8 years, 5 months
Classification all email that sent from keycloak as SPAM on GMAIL
by Yasser El-ata
Hello,
I have an issue , all the emails that send by keycloak are classified as
spam just on gmail.
the email that sends to Yahoo and Hotmail are received in the inbox.
i'am using Amazon SMTP and i already use certificates from amazon to make
sure all emails will not send as spam.
Any ideas please?
Thanks
--
Yasser El-Ata
Java Developer
BluLogix
737 Walker Rd Ste 3, Great Falls, VA 22066
t: 443.333.4100 | f: 443.333.4101
*www.blulogix.com <http://www.blueoss.com/>*
The information transmitted is intended only for the person(s) to whom it
is addressed and may contain confidential and/or privileged material. Any
review, retransmission, dissemination or other use of, or taking of any
action in reliance upon, this information by persons or entities other than
the intended recipient is prohibited. If you received this in error, please
contact the sender and delete the material from any computer.
8 years, 5 months
Fw: Are there plans to implement PK Certificate user authentication?
by Peter Nalyvayko
Hello,
Cross-posting...We are considering using keycloak as an STS (Secure Token Service). One of the requirements is PK certificate user authentication. It seems the only supported user authentication mechanism in keycloak is user credentials (user name / password). Before rolling out our own implementation, I just want to make sure I am not missing something obvious and that PK authentication is indeed not supported in keycloak yet. Regards,Peter
8 years, 5 months
keycloak catridge and extra modules
by Simon Gordon
Hey all
Another simple one from me I think!
I'm looking to add a userFederation provider, plus a new theme. I am using
the keycloak cartridge, which is very convenient - but maybe I should
resort to a .war to add modules? Or is there a way to add modules to the
keycloak cartridge?
Thanks,
Simon
8 years, 5 months