I still need a help.
The example for the secret question is good but I need other example.
I am in the middle of POC that will help us to understand if we can use Keycloak in our
production.
It contains a lot of aspects (creating of other authenticators, creating of our own UI
over Keycloak etc.).
In this thread I just want to create the authenticator that will take a user name and a
user password and will authenticate against a Radius server.
If it will fails, the default UsernamePasswordForm authenticator should handle the
authentication.
I will really appreciate if somebody will help me with the following questions.
1. Do you have the example that shows how to create simple user name and password
authenticator?
2. How can I configure the authentication provider via REST API?
Will be generated configuration Rest API automatically?
3. I have created the simple authenticator that overrides UsernamePasswordForm.
It appears in UI.
Unfortunately the request does not come to my implementation.
What I have missed?
I have opened bug and attached sources:
https://issues.jboss.org/browse/KEYCLOAK-3867
Best regards,
Michael
________________________________
From: Thomas Darimont <thomas.darimont(a)googlemail.com>
Sent: Sunday, November 6, 2016 11:42 AM
To: Michael Furman
Cc: Stian Thorgersen; keycloak-user(a)lists.jboss.org
Subject: Re: [keycloak-user] Creation UI for new authentication schema configuration.
Hello Michael,
if you want to create a custom browser flow by copying the original browser flow you need
to bind your custom browser flow
on the "Authentication -> Bindings" tab where you link your custom browser
flow to be used as "the" browser flow.
Cheers,
Thomas
2016-11-06 10:33 GMT+01:00 Michael Furman
<michael_furman@hotmail.com<mailto:michael_furman@hotmail.com>>:
Hi Stian,
I was able to add the authentication provider in 2.3.0 but only to the copied flow.
1. Why I can not add the execution to the Browser flow?
If I copy the browser flow (and call it Browser2 flow) what flow will be default for the
browser authentication?
How can I configure the new Browser2 flow will be default for the browser
authentications?
2. Will be generated Rest API for the configuration of the authentication provider?
How can I configure via REST API.
Best regards,
Michael
________________________________
From: Stian Thorgersen <sthorger@redhat.com<mailto:sthorger@redhat.com>>
Sent: Friday, November 4, 2016 7:52 AM
To: Stian Thorgersen
Cc: Michael Furman;
keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org>
Subject: Re: [keycloak-user] Creation UI for new authentication schema configuration.
FIY we did check this example for 2.3.0.CR1 release so I doubt it's broken
On 4 November 2016 at 06:51, Stian Thorgersen
<sthorger@redhat.com<mailto:sthorger@redhat.com><mailto:sthorger@redhat.com<mailto:sthorger@redhat.com>>>
wrote:
I don't know what you mean by it is not recognized by Keycloak. Did you follow the
steps in the example to register it? See
https://github.com/keycloak/keycloak/blob/master/examples/providers/authe...
On 3 November 2016 at 20:14, Michael Furman
<michael_furman@hotmail.com<mailto:michael_furman@hotmail.com><mailto:michael_furman@hotmail.com<mailto:michael_furman@hotmail.com>>>
wrote:
Hi,
Unfortunately I can not deploy the example authentication provider to Keycloak
Who can help?
I have compiled authenticator-required-action-example from the examples.
I copied the provider jar into the “standalone/configuration/providers” directory
according to the document:
https://keycloak.gitbooks.io/server-developer-guide/content/v/2.2/topics/...
Unfortunately Keycloak does not recognize the provider.
Than I have copied it to the “providers” folder under the root Keycloak folder.
Also without success .
I have opened an issue
https://issues.jboss.org/browse/KEYCLOAK-3856
Best regards,
Michael
________________________________
From: Stian Thorgersen
<sthorger@redhat.com<mailto:sthorger@redhat.com><mailto:sthorger@redhat.com<mailto:sthorger@redhat.com>>>
Sent: Tuesday, November 1, 2016 11:08 AM
To: Michael Furman
Cc:
keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org><mailto:keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org>>
Subject: Re: [keycloak-user] Creation UI for new authentication schema configuration.
On the config for the authenticator. Please look at the docs and also the example it
explains this pretty well.
On 31 October 2016 at 13:47, Michael Furman
<michael_furman@hotmail.com<mailto:michael_furman@hotmail.com><mailto:michael_furman@hotmail.com<mailto:michael_furman@hotmail.com>>>
wrote:
Thanks,
Where I will see the generated UI?
On the authentication page?
http://localhost:8080/auth/admin/master/console/#/realms/master/authentic...
Also, can I add / update the authenticator configuration via REST API?
http://www.keycloak.org/docs/rest-api/#_update_authenticator_configuration
Thank you in advance for your help.
Best regards,
Michael
________________________________
From: Stian Thorgersen
<sthorger@redhat.com<mailto:sthorger@redhat.com><mailto:sthorger@redhat.com<mailto:sthorger@redhat.com>>>
Sent: Monday, October 31, 2016 8:00 AM
To: Michael Furman
Cc:
keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org><mailto:keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org>>
Subject: Re: [keycloak-user] Creation UI for new authentication schema configuration.
Configuration UI is generated based on what's returned by the getConfigProperties
method
On 30 October 2016 at 12:28, Michael Furman
<michael_furman@hotmail.com<mailto:michael_furman@hotmail.com><mailto:michael_furman@hotmail.com<mailto:michael_furman@hotmail.com>>>
wrote:
Thanks Stian,
I will happy for the additional clarifications.
I have looked in
https://keycloak.gitbooks.io/server-developer-guide/content/topics/auth-s... but was
not able to find a lot.
I think that the following is relevant:
The next few methods define how the Authenticator can be configured.
…
The getConfigProperties() method returns a list of ProviderConfigProperty objects. These
objects define a specific configuration attribute.
But according to my understanding the configuration should appear in the Authenticator
configuration UI.
Therefore, how should I create the UI?
Additional question: will the new Authenticator appear in Authentication Flows:
https://keycloak.gitbooks.io/server-adminstration-guide/content/topics/au...
Will I be able to configure Required / Optional / Disabled for the new the new
Authenticator?
Thank you in advance for your help.
Best regards,
Michael
________________________________
From: Stian Thorgersen
<sthorger@redhat.com<mailto:sthorger@redhat.com><mailto:sthorger@redhat.com<mailto:sthorger@redhat.com>>>
Sent: Thursday, October 27, 2016 9:57 AM
To: Michael Furman
Cc:
keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org><mailto:keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org>>
Subject: Re: [keycloak-user] Creation UI for new authentication schema configuration.
We don't support that directly so you would have to develop your own custom
authenticator for it. The doc you linked describes how to do that.
On 26 October 2016 at 17:08, Michael Furman
<michael_furman@hotmail.com<mailto:michael_furman@hotmail.com><mailto:michael_furman@hotmail.com<mailto:michael_furman@hotmail.com>>>
wrote:
Hi all,
I want to add support for the new authentication schema.
How can I add UI for new authentication schema configuration?
For example, I want to add the TACACS authentication schema.
Therefore I need to configure the TACACS server IP and the secret.
May be I have missed but I can not find it here:
https://keycloak.gitbooks.io/server-developer-guide/content/topics/auth-s...
Thank you in advance for your help.
Best regards,
Michael
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org><mailto:keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user