I suggest to try again against clean environment (database). Are you
using default H2 database? If so, you can just delete directory
/opt/wildfly/standalone/data. Then you can start again and admin user
from '/opt/wildfly/standalone/configuration/keycloak-add-user.json'
should be correctly imported and you should be able to login.
Marek
On 18/04/16 10:04, Andrej Prievalsky wrote:
OK, but when we created user with add-user-keycloak.sh:
[sab@idm69 wildfly]$ ./bin/add-user-keycloak.sh -r master -u admin -p
admin
Added 'admin' to
'/opt/wildfly/standalone/configuration/keycloak-add-user.json',
restart server to load user
After restart server, we can't login with admin user and password admin.
We got Error message: Invalid username or password.
Can be problem on your side or in our setup and configuration?
On Fri, Apr 15, 2016 at 3:25 PM, Stian Thorgersen <sthorger(a)redhat.com
<mailto:sthorger@redhat.com>> wrote:
With server overlay use add-user-keycloak and restart the server
On 15 April 2016 at 14:43, Andrej Prievalsky <ado.boj.83(a)gmail.com
<mailto:ado.boj.83@gmail.com>> wrote:
Hi All,
in setup Wildfly-10 in domain mode +
keycloak-overlay-1.9.2.Final I tried to create Admin User in
two ways like in guide:
1.) via bin/add-user.[sh|bat] -r master -u <username> -p
<password>
I got this ERROR:
/[sab@idm69 wildfly]$ ./bin/add-user.sh -r master -u admin -p
tmo46713/
//
/* Error */
/WFLYDM0065: The user supplied realm name 'master' does not
match the realm name discovered from the property file(s)
'ManagementRealm'./
//
/Exception in thread "main"
org.jboss.as.domain.management.security.adduser.AddUserFailedException:
WFLYDM0065: The user supplied realm name 'master' does not
match the realm name discovered from the property file(s)
'ManagementRealm'./
/ at
org.jboss.as.domain.management.security.adduser.ErrorState.execute(ErrorState.java:72)/
/ at
org.jboss.as.domain.management.security.adduser.AddUser.run(AddUser.java:130)/
/ at
org.jboss.as.domain.management.security.adduser.AddUser.main(AddUser.java:223)/
/ at
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)/
/ at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)/
/ at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)/
/ at java.lang.reflect.Method.invoke(Method.java:497)/
/ at org.jboss.modules.Module.run(Module.java:329)/
/ at org.jboss.modules.Main.main(Main.java:507)/
/
/
2.) via bin/add-user-keycloak.[sh|bat] -r master -u <username>
-p <password>
User was created under standalone path.
Thanks and Best Regards
Andrej.
On Thu, Mar 3, 2016 at 7:18 PM, Stian Thorgersen
<sthorger(a)redhat.com <mailto:sthorger@redhat.com>> wrote:
Please read the documentation it explains it all
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
On 3 March 2016 at 16:24, Andrej Prievalsky
<ado.boj.83(a)gmail.com <mailto:ado.boj.83@gmail.com>> wrote:
Hi all,
1.) meantime I tried on keycloak-overlay-1.7.0.Final
via add-user-keycloak.sh script in wildfly domain mode
create Admin user and I got:
[root@keycloakoverlay /opt/wildfly/bin]$
./add-user-keycloak.sh -u admin -p admin
Added 'admin' to
'*/opt/wildfly/standalone/configuration/keycloak-add-user.json*',
restart server to load user
Is it correct, that user is created in standalone path?
----------------------------------------------------------------------------
2.) can I in version 1.7.0.Final create or replace
Admin user for Master realm with permanent password,
which could be created automatically via command line
and not needed change password manually after first login?
Thanks,
Andrej.
On Thu, Mar 3, 2016 at 1:50 PM, Stian Thorgersen
<sthorger(a)redhat.com <mailto:sthorger@redhat.com>> wrote:
On 3 March 2016 at 13:48, Stan Silvert
<ssilvert(a)redhat.com <mailto:ssilvert@redhat.com>>
wrote:
On 3/3/2016 12:09 AM, Stian Thorgersen wrote:
> The standard add-user script adds WildFly
> users, we want the standard script to add
> Keycloak users. It's a Keycloak server after all.
You still need WildFly users if you want to
use CLI (remotely) or web console. As far as I
know, we can't secure those things with
Keycloak yet.
In the future we will secure it with Keycloak, in
the mean time the add-user has a '--container' option.
There are workarounds, but I'm just saying,
WildFly add-user.sh is a useful tool that we
might want to still ship in some form until
such time that CLI and web console is fully
integrated with Keycloak.
>
> On 2 March 2016 at 20:00, Stan Silvert
> <ssilvert(a)redhat.com
> <mailto:ssilvert@redhat.com>> wrote:
>
> On 3/2/2016 1:50 PM, Stian Thorgersen wrote:
>> Not a chance. In server dist we want to
>> hide WildFly's add-user script.
> I could guess, but I have to ask, why?
>
>
>>
>> On 2 March 2016 at 14:12, Stan Silvert
>> <ssilvert(a)redhat.com
>> <mailto:ssilvert@redhat.com>> wrote:
>>
>> On 3/2/2016 7:02 AM, Stian
>> Thorgersen wrote:
>>> In overlay the script should be
>>> add-user-keycloak. The overlay adds
>>> Keycloak server to an existing
>>> WildFly installation so we don't
>>> want to overwrite any existing
>>> files. I appreciate this may be
>>> confusing and inconsistent, but at
>>> the same time if we did overwrite
>>> people would probably complain
>>> about us overwriting the existing
>>> script.
>>>
>>> In the server dist this doesn't
>>> apply as the server is purely a
>>> Keycloak server, not a WildFly server.
>> I guess the solution would be to
>> make server dist consistent with
>> overlay, so both are
>> add-user-keycloak. Not sure how I
>> feel about that.
>>
>>
>>
>>>
>>> On 2 March 2016 at 11:10, Bruno
>>> Oliveira <bruno(a)abstractj.org
>>> <mailto:bruno@abstractj.org>>
wrote:
>>>
>>> I'm not sure if I follow your
>>> question but './add-user.sh -u
>>> admin -p admin' or
>>> './add-user.sh -u admin' should
>>> work.
>>>
>>> On Wed, Mar 2, 2016 at 7:03 AM
>>> Andrej Prievalsky
>>> <ado.boj.83(a)gmail.com
>>> <mailto:ado.boj.83@gmail.com>>
>>> wrote:
>>>
>>> Hi Bruno,
>>>
>>> thanks for answer.
>>> But from
>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>> and section: *...you can
>>> use the add-user script
>>> from the command-line.*
>>> is my question is how
>>> exactly should looks like
>>> command with add-user script?
>>> Because in past we used
>>> this command: add-user.sh
>>> –container -u admin -p admin
>>>
>>> Andrej.
>>>
>>>
>>> On Wed, Mar 2, 2016 at
>>> 10:38 AM, Bruno Oliveira
>>> <bruno(a)abstractj.org
>>>
<mailto:bruno@abstractj.org>>
>>> wrote:
>>>
>>> Hi Andrej, answers inline
>>>
>>> On Wed, Mar 2, 2016 at
>>> 6:13 AM Andrej
>>> Prievalsky
>>> <ado.boj.83(a)gmail.com
>>>
<mailto:ado.boj.83@gmail.com>>
>>> wrote:
>>>
>>> Hi,
>>>
>>> I would like to
>>> summary information
>>> about How to add
>>> Admin User -
>>> chapter 3.2.1.
>>>
>>> My questions are:
>>> 1.) From which
>>> version (including)
>>> is new concept,
>>> that there is no
>>> built in user?
>>>
>>>
>>> 1.8.0 See:
>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/Migration_f...
>>>
>>> 2a.) What is exact
>>> command via
>>> add-user script
>>> (add-user.sh) for
>>> create admin user ?
>>>
>>>
>>> See:
>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>
>>> 2b.) Same question
>>> like in 2a, but in
>>> keycloak-overlay
>>> (add-user-keycloak.sh)?
>>>
>>>
>>> You are correct. Maybe
>>> this is an
>>> inconsistency to be fixed.
>>>
>>>
>>> Thanks and Best
>>> Regards,
>>> Andrej.
>>>
_______________________________________________
>>> keycloak-user
>>> mailing list
>>>
keycloak-user(a)lists.jboss.org
>>>
<mailto:keycloak-user@lists.jboss.org>
>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>>
>>>
>>>
_______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user(a)lists.jboss.org
>>>
<mailto:keycloak-user@lists.jboss.org>
>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>>
>>>
>>>
>>>
_______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user(a)lists.jboss.org
>>> <mailto:keycloak-user@lists.jboss.org>
>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user(a)lists.jboss.org
>> <mailto:keycloak-user@lists.jboss.org>
>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>>
>
>
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
<mailto:keycloak-user@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user