Re: [keycloak-user] Keycloak User Storage SPI with external data base based on Spring Security
Thanks Dmitry for your orientation.
I found this project https://github.com/leroyguillaume/keycloak-bcrypt
looking about PasswordHashProvider.
I'm a little lost about how to configure my User Storage SPI to connect
with my database. The first approach is trying to use BCryp to cipher the
password and compare it with the password stored on the database, but I
don't know the salt. I'm trying to discover how Spring Security works.
The only way that I found to connect with an user from this data base, is
to change password from keycloak, and then due the password is stored in
plain text, I can login successfully.
Thanks!
On Mon, Jul 2, 2018 at 11:13 PM, Dmitry Telegin <dt(a)acutus.pro> wrote:
Hi Alvaro,
In addition to user storage provider, you'll need to implement a
org.keycloak.credential.hash.PasswordHashProvider. Use
Pbkdf2PasswordHashProvider as a reference.
Cheers,
Dmitry Telegin
CTO, Acutus s.r.o.
Keycloak Consulting and Training
Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
+ 42 (022) 888-30-71
E-mail: info(a)acutus.pro
On Mon, 2018-07-02 at 18:12 +0200, Alvaro Abella wrote:
> Hi,
> I followed this example https://github.com/keycloak/keycloak-quicksta
> rts/
> tree/latest/user-storage-jpa and I modified to connect with my Oracle
> database after a little work with Jboss.
> Now, I can view all users on my Keycloak admin panel, but I can't
> login
> with them into his account because password are cyphered with Bcrypt.
> How do you usually deal with this situations? Has anyone integrated a
> Spring-Security-based database with keycloak?
>
> Thanks!
>
>
--
*Álvaro Abella González*
[image: bluetab.net] <http://www.bluetab.net/>alvaro.abella@bluetab.net