8:54 a.m.
I signed up to the mailinglist at a time that this thread was already
underway. I didn't read back to find out what the original question was,
and given the tone of the responses I am not going to either, but, as for
for the call for specific improvements: I've got two:
- It would be helpful if the section on JAAS integration would contain a
very short example of a configuration file, and a java snippet that shows
how to instantiate a LoginContext based on that. I was unfamiliar with JAAS
and was struggling to put one and one together. I think the above could be
done in ten lines or so, so it's relatively small, but would be a good
illustrative example for the likes of me.
- The REST endpoint documentation lacks structure (grouping), which
makes it hard to navigate. Improving on that would be a simple as grouping
each piece of documentation by its resource path.
$0.02
- Guus
On 24 March 2016 at 14:25, Bill Burke <bburke(a)redhat.com> wrote:
documentation hasn't received any love for more than a year.
Screencasts
are even more out of date. The good news is that myself and the red hat
documentation team is scheduled to focus on docs and screencasts the month
of April. Up until a few months ago, we were just an open source
community. Now that the Red Hat machine is getting behind us, areas like
documentation should start to be improved.
BTW, If you want help, we need more than just "it doesn't work, your
documentation sucks". Walking us through the problem helps us improve
error messages, general usability, and documentation. Threatening us
doesn't really help as you are just as likely to get ignored.
On 3/24/2016 4:56 AM, Stian Thorgersen wrote:
Firstly, that's not FreeIPA (community project) documentation, but Red Hat
Identity Management documentation (product). The FreeIPA documentation is
<https://www.freeipa.org/page/Documentation>
https://www.freeipa.org/page/Documentation.
Secondly, just stating that our documentation is bad and pointing to some
better documentation doesn't give us anything to go on. We would like to
give a good experience and I would be very interested in knowing exactly
what documentation you are lacking, hard to understand or whatever other
issues you may have with the documentation. Help us to help you ;)
Finally we know the documentation is not as good as it could be and are
planning to improve it in the not to distant future. So input from users
would be valuable.
On 23 March 2016 at 11:32, Pavlos Kleanthous <parsectix(a)gmail.com> wrote:
> Just compare the documentation from another redhat product FreeIPA
>
<https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/...
>
> I have read this documentation and setup/configure IPA server very easy.
>
> Keycloak's current documentation looks like more as a developers manual
> to me.
>
>
> On Tue, Mar 22, 2016 at 4:29 PM, Stian Thorgersen < <sthorger(a)redhat.com>
> sthorger(a)redhat.com> wrote:
>
>> Could you elaborate on what is missing from the documentation? That
>> would be helpful.
>> On 22 Mar 2016 12:05, "Pavlos Kleanthous" <
<parsectix(a)gmail.com>
>> parsectix(a)gmail.com> wrote:
>>
>>> Dear all,
>>>
>>> I dropped the project at the moment. The lack of documentation is too
>>> time consuming.
>>>
>>> Hope that soon keycloak will have it.
>>>
>>>
>>> On Fri, Mar 18, 2016 at 1:52 PM, Stian Thorgersen <
>>> <sthorger@redhat.com>sthorger(a)redhat.com> wrote:
>>>
>>>> What adapter? Is the server and client adapter both 1.9.1? We did
>>>> recently deprecate some OIDC endpoints. I think ../login is gone and it
>>>> should be ../auth. So if you are using an old adapter that may be the
issue.
>>>> On 18 Mar 2016 2:20 p.m., "Pavlos Kleanthous" <
<parsectix(a)gmail.com>
>>>> parsectix(a)gmail.com> wrote:
>>>>
>>>>> Yours.
>>>>>
>>>>> I configured the realm with the same settings on both versions
1.9.1
>>>>> and 1.8.1.
>>>>>
>>>>>
>>>>> On Fri, Mar 18, 2016 at 11:58 AM, Stian Thorgersen <
>>>>> <sthorger@redhat.com>sthorger(a)redhat.com> wrote:
>>>>>
>>>>>> Client ID has nothing to do with this issue as it would show an
>>>>>> login error page not a not found. So must be either realm name or
another
>>>>>> part of URL is wrong.
>>>>>>
>>>>>> Are you using our adapters or another library atm?
>>>>>>
>>>>>> I'm answering on my phone on the plane so can't look into
it more
>>>>>> atm.
>>>>>> On 17 Mar 2016 10:00, "Pavlos Kleanthous" <
<parsectix(a)gmail.com>
>>>>>> parsectix(a)gmail.com> wrote:
>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> In jenkins, I'm pasting the JSON configuration that it
can found
>>>>>>> inside "Installation" tab.
>>>>>>>
>>>>>>> Instead of using keycloak client plugins, can I use a generic
oauth
>>>>>>> plugin in my apps? How can I configure my keycloak for this?
>>>>>>> i.e. Instead of using google's oauth URL use my own
pointing to
>>>>>>> keycloak.
>>>>>>>
>>>>>>>
>>>>>>> On Wed, Mar 16, 2016 at 1:29 PM, Marko Strukelj <
>>>>>>> <mstrukel@redhat.com>mstrukel(a)redhat.com> wrote:
>>>>>>>
>>>>>>>> In your jenkins realm - under Clients do you have a
client called
>>>>>>>> 'ci'? That's the client_id used in your
request.
>>>>>>>>
>>>>>>>> AFAIK nothing changed in this part of the code since
1.8.1.
>>>>>>>> On Mar 16, 2016 12:04 PM, "Pavlos Kleanthous"
<
>>>>>>>> <parsectix@gmail.com>parsectix(a)gmail.com>
wrote:
>>>>>>>>
>>>>>>>>> yes I can.
>>>>>>>>>
>>>>>>>>> Please note that this is a problem of version 1.9.1.
>>>>>>>>> I have tried now version 1.8.1 and it redirect me to
keycloak.
>>>>>>>>>
>>>>>>>>> p.s. I'm using the official containers from
docker hub.
>>>>>>>>>
>>>>>>>>> On Wed, Mar 16, 2016 at 10:56 AM, Marko Strukelj
<
>>>>>>>>> <mstrukel@redhat.com>mstrukel(a)redhat.com>
wrote:
>>>>>>>>>
>>>>>>>>>> Are you able to login into admin console at:
>>>>>>>>>> <http://192.168.99.100:32786/auth>
>>>>>>>>>> http://192.168.99.100:32786/auth
>>>>>>>>>>
>>>>>>>>>> And you see the realm called 'jenkins'
there?
>>>>>>>>>> On Mar 16, 2016 11:32 AM, "Pavlos
Kleanthous" <
>>>>>>>>>>
<parsectix@gmail.com>parsectix(a)gmail.com> wrote:
>>>>>>>>>>
>>>>>>>>>>> Hi guys adding to this. Please see the HTTP
requests and
>>>>>>>>>>> responses.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> 1. Request URL:
>>>>>>>>>>>
>>>>>>>>>>>
http://192.168.99.100:32769/securityRealm/commenceLogin?from=%2F
>>>>>>>>>>> 2. Request Method:
>>>>>>>>>>> GET
>>>>>>>>>>> 3. Status Code:
>>>>>>>>>>> 302 Found
>>>>>>>>>>> 4. Remote Address:
>>>>>>>>>>> 192.168.99.100:32769
>>>>>>>>>>> 1. Response Headersview source
>>>>>>>>>>> 1. Content-Length:
>>>>>>>>>>> 0
>>>>>>>>>>> 2. Location:
>>>>>>>>>>>
>>>>>>>>>>>
http://192.168.99.100:32786/auth/realms/jenkins/protocol/openid-connect/l...
>>>>>>>>>>> 3. Server:
>>>>>>>>>>> Jetty(winstone-2.9)
>>>>>>>>>>> 4. X-Content-Type-Options:
>>>>>>>>>>> nosniff
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> 1. Request URL:
>>>>>>>>>>>
>>>>>>>>>>>
http://192.168.99.100:32786/auth/realms/jenkins/protocol/openid-connect/l...
>>>>>>>>>>> 2. Request Method:
>>>>>>>>>>> GET
>>>>>>>>>>> 3. Status Code:
>>>>>>>>>>> *404 Not Found*
>>>>>>>>>>> 4. Remote Address:
>>>>>>>>>>> 192.168.99.100:32786
>>>>>>>>>>> 1. Response Headersview source
>>>>>>>>>>> 1. Connection:
>>>>>>>>>>> keep-alive
>>>>>>>>>>> 2. Content-Length:
>>>>>>>>>>> 0
>>>>>>>>>>> 3. Date:
>>>>>>>>>>> Wed, 16 Mar 2016 10:30:40 GMT
>>>>>>>>>>> 4. Server:
>>>>>>>>>>> WildFly/10
>>>>>>>>>>> 5. X-Powered-By:
>>>>>>>>>>> Undertow/1
>>>>>>>>>>> 2. Request Headersview source
>>>>>>>>>>> 1. Accept:
>>>>>>>>>>>
>>>>>>>>>>>
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
>>>>>>>>>>> 2. Accept-Encoding:
>>>>>>>>>>> gzip, deflate, sdch
>>>>>>>>>>> 3. Accept-Language:
>>>>>>>>>>> en-US,en;q=0.8,el;q=0.6
>>>>>>>>>>> 4. Connection:
>>>>>>>>>>> keep-alive
>>>>>>>>>>> 5. Cookie:
>>>>>>>>>>>
KEYCLOAK_STATE_CHECKER=VJrM9jv37wPkh_NmI101cofXzDzfVqK-MNEmt9V5Hic;
>>>>>>>>>>>
KC_RESTART=eyJhbGciOiJIUzI1NiJ9.eyJjcyI6IjhlYWY3ZjM2LWZhOGMtNGFiZi04ZDQ0LWVlN2RlODI0ZmE2NyIsImNpZCI6ImFjY291bnQiLCJwdHkiOiJvcGVuaWQtY29ubmVjdCIsInJ1cmkiOiJodHRwOi8vMTkyLjE2OC45OS4xMDA6MzI3ODYvYXV0aC9yZWFsbXMvamVua2lucy9hY2NvdW50L2xvZ2luLXJlZGlyZWN0IiwiYWN0IjoiQVVUSEVOVElDQVRFIiwibm90ZXMiOnsiYWN0aW9uX2tleSI6IjIyMGExNzllLWM1OGQtNDAyOS1hMmIwLTQ5MmI3MTVkMWI3ZiIsImF1dGhfdHlwZSI6ImNvZGUiLCJpc3MiOiJodHRwOi8vMTkyLjE2OC45OS4xMDA6MzI3ODYvYXV0aC9yZWFsbXMvamVua2lucyIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwicmVkaXJlY3RfdXJpIjoiaHR0cDovLzE5Mi4xNjguOTkuMTAwOjMyNzg2L2F1dGgvcmVhbG1zL2plbmtpbnMvYWNjb3VudC9sb2dpbi1yZWRpcmVjdCIsInN0YXRlIjoiMC8zMjFhMDk0Zi03ODYwLTRkOTAtOWU4Yy1iMmM5ZmFkYWVjZmIifX0.QAucuHQLj_-5s3dgnFaxDeni!
>>>>>>>>>>> gQ9FnaP6 DEyOvd8v2Yo;
>>>>>>>>>>>
KEYCLOAK_IDENTITY=eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiJmYjc3NDc0NS1jNDA4LTQ5ODctYjE2My03NWFiNTc1YmYzYTMiLCJleHAiOjE0NTgxNTczNDcsIm5iZiI6MCwiaWF0IjoxNDU4MTIxMzQ3LCJpc3MiOiJodHRwOi8vMTkyLjE2OC45OS4xMDA6MzI3ODYvYXV0aC9yZWFsbXMvamVua2lucyIsInN1YiI6ImM1ZWU4OGQ2LTE1Y2MtNDMwOS1hMjdjLTBmYjAwMmI2NDA2YiIsInNlc3Npb25fc3RhdGUiOiJkMDkxYzNkMi04YzQ0LTQyMTEtYWEyNi1lM2Y3ZmRhY2I1YWUiLCJyZXNvdXJjZV9hY2Nlc3MiOnt9fQ.a2A3wZ6-VSAErHebIuV1maEEHYknzB7eiiogT03Ab6t_d95bj8FDNl5YrDrS6hoJqgJXQrGYdp5xurb8zcEQIUCnwxFs1Kh62UtMytYyyaDyJEfQeJf8o2QSZdyAs_OZHDtPeY8qVbVvJkttQ_umsiQMPUmi9ADKeLE-nqq5T9fuo29WMEf9SFiEwJJE4ya3-Ut8NPa5iG-TbxSmDrDRGJXNrCuN2stOuYNHXwWRVd7DckZS0ZOB-ReQQM9NBMw-gDjaEv_0_2oG-whv1dQKpGlrQObNL9sNqvV_PgIEUgRGB6sn2U1zFnwao-bwxYIYXbXqiIaiLC9ObnqYCuYVtg;
>>>>>>>>>>>
KEYCLOAK_SESSION=jenkins/c5ee88d6-15cc-4309-a27c-0fb002b6406b/d091c3d2-8c44-4211-aa26-e3f7fdacb5ae;
>>>>>>>>>>>
JSESSIONID.96a98541=1a8t1iio7w9ol14h8gslmkjvr4; screenResolution=1920x1080
>>>>>>>>>>> 6. DNT:
>>>>>>>>>>> 1
>>>>>>>>>>> 7. Host:
>>>>>>>>>>> 192.168.99.100:32786
>>>>>>>>>>> 8. Referer:
>>>>>>>>>>> http://192.168.99.100:32769/
>>>>>>>>>>> 9. Save-Data:
>>>>>>>>>>> on
>>>>>>>>>>> 10. Upgrade-Insecure-Requests:
>>>>>>>>>>> 1
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On Tue, Mar 15, 2016 at 4:26 PM, Pavlos
Kleanthous <
>>>>>>>>>>>
<parsectix@gmail.com>parsectix(a)gmail.com> wrote:
>>>>>>>>>>>
>>>>>>>>>>>> Thanks for pointing this out. I think it
does not matter as
>>>>>>>>>>>> the same name can be found in
"Installation" tab where
>>>>>>>>>>>> I copied the configuration.
>>>>>>>>>>>>
>>>>>>>>>>>> On Tue, Mar 15, 2016 at 4:21 PM, Marko
Strukelj <
>>>>>>>>>>>>
<mstrukel@redhat.com>mstrukel(a)redhat.com> wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> Looks like you mistyped your client
id: 'jenknis'.
>>>>>>>>>>>>> On Mar 15, 2016 5:19 PM, "Pavlos
Kleanthous" <
>>>>>>>>>>>>>
<parsectix@gmail.com>parsectix(a)gmail.com> wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> Hello,
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> I'm trying to configure
keycloak for first time. My setup
>>>>>>>>>>>>>> has 2 containers keycloak and
jenkins.
>>>>>>>>>>>>>> Following the example how to
integrate those two, I created
>>>>>>>>>>>>>> a realm and a client called
"jenkins".
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> It seams that the realm
configuration it's not correct as I
>>>>>>>>>>>>>> get the following debug error.
>>>>>>>>>>>>>> "15:47:55,791 ERROR
[org.jboss.resteasy.resteasy_jaxrs.i18n]
>>>>>>>>>>>>>> (default task-12) RESTEASY002010:
Failed to execute:
>>>>>>>>>>>>>> javax.ws.rs.NotFoundException:
RESTEASY003210: Could not find resource for
>>>>>>>>>>>>>> full path:
>>>>>>>>>>>>>>
<http://192.168.99.100:32786/auth/realms/ci/protocol/openid-connect/login?...
>>>>>>>>>>>>>>
http://192.168.99.100:32786/auth/realms/ci/protocol/openid-connect/login?...
>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> I noticed that "
>>>>>>>>>>>>>>
<http://192.168.99.100:32786/auth/realms/ci/protocol/openid-connect>
>>>>>>>>>>>>>>
http://192.168.99.100:32786/auth/realms/ci/protocol/openid-connect"
>>>>>>>>>>>>>> does not work generally. The URL
ending with "/auth/realms/ci/account" it
>>>>>>>>>>>>>> works.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> if I access the URL:
>>>>>>>>>>>>>>
<http://192.168.99.100:32786/auth/realms/ci>
>>>>>>>>>>>>>>
http://192.168.99.100:32786/auth/realms/ci
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
{"realm":"ci","public_key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0IQoyEf8wt4ZkD0Jf6t8ppM4MVtiR+QJkaWctQvYRPeg9HGBHLDcsnQnpQ+zZ6Rl5sn5CArqcEygpALpglUiiGdSuH8X0VwfATpWB/0KBwylPJ7CJObDiKoBD7ZMjR67IRa9e8ySdbbCb/Ehapk9SkDfAU7dgHscEkVMuHWUilSpGrqUPPMX9dl6rpIZGX/87DxuHGi4e3d9RYrvKS6wliZF+Pvar5A48OmmklTIpPoPr4NXyQx7a1gsk3VjHLtK2NBLcbMVY+juJTCxa2reukl0eMGVITYFyQgQrXtCyDh18M3TTyFQsS3H2+dLcUdob8r1f973HHXaOUDiD7TrwIDAQAB","token-service":"http://192.168.99.100:32786/auth/realms/ci/protocol/openid-connect","account-service":"http://192.168.99.100:32786/auth/realms/ci/account","admin-api":"http://192.168.99.100:32786/auth/admin","tokens-not-before":0}
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Can you help how to find the
problem ?
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> p.s. is there any other way to
find help on those matters?
>>>>>>>>>>>>>> Tried IRC but nobody is replying
there...
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Thank you
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
_______________________________________________
>>>>>>>>>>>>>> keycloak-user mailing list
>>>>>>>>>>>>>>
<keycloak-user@lists.jboss.org>keycloak-user(a)lists.jboss.org
>>>>>>>>>>>>>>
<https://lists.jboss.org/mailman/listinfo/keycloak-user>
>>>>>>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> keycloak-user mailing list
>>>>>>>
<keycloak-user@lists.jboss.org>keycloak-user(a)lists.jboss.org
>>>>>>>
<https://lists.jboss.org/mailman/listinfo/keycloak-user>
>>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>
>>>>>>
>>>>>
>>>
>
_______________________________________________
keycloak-user mailing
listkeycloak-user@lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
--
Bill Burke
JBoss, a division of Red Hathttp://bill.burkecentral.com
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user