6:15 a.m.
There's a domain option:
bin/add-user-keycloak.[sh|bat] -r master -u <username> -p <password>
--domain
On 19 April 2016 at 13:09, Andrej Prievalsky <ado.boj.83(a)gmail.com> wrote:
Hi all,
@Marek: I am using H2 database. I can't delete /opt/wildfly/standalone/data,
because this folder is not present.
But, for our domain mode we have to move created /opt/wildfly/standalone/
configuration/keycloak-add-user.json to
/opt/wildfly/domain/servers/{server-name}/configuration
and after we could login to keycloak admin console.
So in summary we have to in domain mode for create admin user:
1.) bin/add-user-keycloak.[sh|bat] -r master -u <username> -p <password>
2.) copy /opt/wildfly/standalone/configuration/keycloak-add-user.json to
/opt/wildfly/domain/servers/{server-name}/configuration
3.) restart server
Are this steps correctly and expected from your side?
On Tue, Apr 19, 2016 at 8:40 AM, Andrej Prievalsky <ado.boj.83(a)gmail.com>
wrote:
> Thanks Marek, I will try your hint.
> @Stian: I am trying login to Keycloak admin console.
>
> On Mon, Apr 18, 2016 at 1:59 PM, Stian Thorgersen <sthorger(a)redhat.com>
> wrote:
>
>> Just to confirm are you trying to login to Keycloak admin console or
>> WildFly console?
>>
>> On 18 April 2016 at 10:04, Andrej Prievalsky <ado.boj.83(a)gmail.com>
>> wrote:
>>
>>> OK, but when we created user with add-user-keycloak.sh:
>>>
>>> [sab@idm69 wildfly]$ ./bin/add-user-keycloak.sh -r master -u admin -p
>>> admin
>>> Added 'admin' to
>>> '/opt/wildfly/standalone/configuration/keycloak-add-user.json',
restart
>>> server to load user
>>>
>>> After restart server, we can't login with admin user and password admin.
>>> We got Error message: Invalid username or password.
>>>
>>>
>>> Can be problem on your side or in our setup and configuration?
>>>
>>> On Fri, Apr 15, 2016 at 3:25 PM, Stian Thorgersen
<sthorger(a)redhat.com>
>>> wrote:
>>>
>>>> With server overlay use add-user-keycloak and restart the server
>>>>
>>>> On 15 April 2016 at 14:43, Andrej Prievalsky
<ado.boj.83(a)gmail.com>
>>>> wrote:
>>>>
>>>>> Hi All,
>>>>>
>>>>> in setup Wildfly-10 in domain mode + keycloak-overlay-1.9.2.Final I
>>>>> tried to create Admin User in two ways like in guide:
>>>>>
>>>>> 1.) via bin/add-user.[sh|bat] -r master -u <username> -p
<password>
>>>>> I got this ERROR:
>>>>>
>>>>> *[sab@idm69 wildfly]$ ./bin/add-user.sh -r master -u admin -p
>>>>> tmo46713*
>>>>>
>>>>>
>>>>>
>>>>> ** Error **
>>>>>
>>>>> *WFLYDM0065: The user supplied realm name 'master' does not
match the
>>>>> realm name discovered from the property file(s)
'ManagementRealm'.*
>>>>>
>>>>>
>>>>>
>>>>> *Exception in thread "main"
>>>>>
org.jboss.as.domain.management.security.adduser.AddUserFailedException:
>>>>> WFLYDM0065: The user supplied realm name 'master' does not
match the realm
>>>>> name discovered from the property file(s)
'ManagementRealm'.*
>>>>>
>>>>> * at
>>>>>
org.jboss.as.domain.management.security.adduser.ErrorState.execute(ErrorState.java:72)*
>>>>>
>>>>> * at
>>>>>
org.jboss.as.domain.management.security.adduser.AddUser.run(AddUser.java:130)*
>>>>>
>>>>> * at
>>>>>
org.jboss.as.domain.management.security.adduser.AddUser.main(AddUser.java:223)*
>>>>>
>>>>> * at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
>>>>> Method)*
>>>>>
>>>>> * at
>>>>>
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)*
>>>>>
>>>>> * at
>>>>>
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)*
>>>>>
>>>>> * at java.lang.reflect.Method.invoke(Method.java:497)*
>>>>>
>>>>> * at org.jboss.modules.Module.run(Module.java:329)*
>>>>>
>>>>> * at org.jboss.modules.Main.main(Main.java:507)*
>>>>>
>>>>>
>>>>> 2.) via bin/add-user-keycloak.[sh|bat] -r master -u <username>
-p
>>>>> <password>
>>>>>
>>>>> User was created under standalone path.
>>>>>
>>>>>
>>>>> Thanks and Best Regards
>>>>>
>>>>> Andrej.
>>>>>
>>>>>
>>>>>
>>>>> On Thu, Mar 3, 2016 at 7:18 PM, Stian Thorgersen
<sthorger(a)redhat.com
>>>>> > wrote:
>>>>>
>>>>>> Please read the documentation it explains it all
>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>
>>>>>> On 3 March 2016 at 16:24, Andrej Prievalsky
<ado.boj.83(a)gmail.com>
>>>>>> wrote:
>>>>>>
>>>>>>> Hi all,
>>>>>>>
>>>>>>> 1.) meantime I tried on keycloak-overlay-1.7.0.Final via
>>>>>>> add-user-keycloak.sh script in wildfly domain mode create
Admin user and I
>>>>>>> got:
>>>>>>>
>>>>>>> [root@keycloakoverlay /opt/wildfly/bin]$
./add-user-keycloak.sh -u
>>>>>>> admin -p admin
>>>>>>> Added 'admin' to '
>>>>>>>
*/opt/wildfly/standalone/configuration/keycloak-add-user.json*',
>>>>>>> restart server to load user
>>>>>>>
>>>>>>> Is it correct, that user is created in standalone path?
>>>>>>>
>>>>>>>
>>>>>>>
----------------------------------------------------------------------------
>>>>>>>
>>>>>>> 2.) can I in version 1.7.0.Final create or replace Admin user
for
>>>>>>> Master realm with permanent password, which could be created
automatically
>>>>>>> via command line and not needed change password manually
after first login?
>>>>>>>
>>>>>>> Thanks,
>>>>>>> Andrej.
>>>>>>>
>>>>>>>
>>>>>>> On Thu, Mar 3, 2016 at 1:50 PM, Stian Thorgersen <
>>>>>>> sthorger(a)redhat.com> wrote:
>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On 3 March 2016 at 13:48, Stan Silvert
<ssilvert(a)redhat.com>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>> On 3/3/2016 12:09 AM, Stian Thorgersen wrote:
>>>>>>>>>
>>>>>>>>> The standard add-user script adds WildFly users, we
want the
>>>>>>>>> standard script to add Keycloak users. It's a
Keycloak server after all.
>>>>>>>>>
>>>>>>>>> You still need WildFly users if you want to use CLI
(remotely) or
>>>>>>>>> web console. As far as I know, we can't secure
those things with Keycloak
>>>>>>>>> yet.
>>>>>>>>>
>>>>>>>>
>>>>>>>> In the future we will secure it with Keycloak, in the
mean time
>>>>>>>> the add-user has a '--container' option.
>>>>>>>>
>>>>>>>>
>>>>>>>>>
>>>>>>>>> There are workarounds, but I'm just saying,
WildFly add-user.sh
>>>>>>>>> is a useful tool that we might want to still ship in
some form until such
>>>>>>>>> time that CLI and web console is fully integrated
with Keycloak.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On 2 March 2016 at 20:00, Stan Silvert
<ssilvert(a)redhat.com>
>>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>>> On 3/2/2016 1:50 PM, Stian Thorgersen wrote:
>>>>>>>>>>
>>>>>>>>>> Not a chance. In server dist we want to hide
WildFly's add-user
>>>>>>>>>> script.
>>>>>>>>>>
>>>>>>>>>> I could guess, but I have to ask, why?
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On 2 March 2016 at 14:12, Stan Silvert
<ssilvert(a)redhat.com>
>>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>>> On 3/2/2016 7:02 AM, Stian Thorgersen wrote:
>>>>>>>>>>>
>>>>>>>>>>> In overlay the script should be
add-user-keycloak. The overlay
>>>>>>>>>>> adds Keycloak server to an existing WildFly
installation so we don't want
>>>>>>>>>>> to overwrite any existing files. I appreciate
this may be confusing and
>>>>>>>>>>> inconsistent, but at the same time if we did
overwrite people would
>>>>>>>>>>> probably complain about us overwriting the
existing script.
>>>>>>>>>>>
>>>>>>>>>>> In the server dist this doesn't apply as
the server is purely a
>>>>>>>>>>> Keycloak server, not a WildFly server.
>>>>>>>>>>>
>>>>>>>>>>> I guess the solution would be to make server
dist consistent
>>>>>>>>>>> with overlay, so both are add-user-keycloak.
Not sure how I feel about
>>>>>>>>>>> that.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On 2 March 2016 at 11:10, Bruno Oliveira
<bruno(a)abstractj.org>
>>>>>>>>>>> wrote:
>>>>>>>>>>>
>>>>>>>>>>>> I'm not sure if I follow your
question but './add-user.sh -u
>>>>>>>>>>>> admin -p admin' or './add-user.sh
-u admin' should work.
>>>>>>>>>>>>
>>>>>>>>>>>> On Wed, Mar 2, 2016 at 7:03 AM Andrej
Prievalsky <
>>>>>>>>>>>> ado.boj.83(a)gmail.com> wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> Hi Bruno,
>>>>>>>>>>>>>
>>>>>>>>>>>>> thanks for answer.
>>>>>>>>>>>>> But from
>>>>>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>>>>>>>> and section: *...you can use the
add-user script from the
>>>>>>>>>>>>> command-line.*
>>>>>>>>>>>>> is my question is how exactly should
looks like command with
>>>>>>>>>>>>> add-user script?
>>>>>>>>>>>>> Because in past we used this command:
add-user.sh –container
>>>>>>>>>>>>> -u admin -p admin
>>>>>>>>>>>>>
>>>>>>>>>>>>> Andrej.
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> On Wed, Mar 2, 2016 at 10:38 AM,
Bruno Oliveira <
>>>>>>>>>>>>> bruno(a)abstractj.org> wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> Hi Andrej, answers inline
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> On Wed, Mar 2, 2016 at 6:13 AM
Andrej Prievalsky <
>>>>>>>>>>>>>> ado.boj.83(a)gmail.com> wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Hi,
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> I would like to summary
information about How to add Admin
>>>>>>>>>>>>>>> User - chapter 3.2.1.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> My questions are:
>>>>>>>>>>>>>>> 1.) From which version
(including) is new concept, that
>>>>>>>>>>>>>>> there is no built in user?
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> 1.8.0 See:
>>>>>>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/Migration_f...
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> 2a.) What is exact command
via add-user script
>>>>>>>>>>>>>>> (add-user.sh) for create
admin user ?
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> See:
>>>>>>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> 2b.) Same question like in
2a, but in keycloak-overlay (
>>>>>>>>>>>>>>> add-user-keycloak.sh)?
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> You are correct. Maybe this is an
inconsistency to be fixed.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Thanks and Best Regards,
>>>>>>>>>>>>>>> Andrej.
>>>>>>>>>>>>>>>
_______________________________________________
>>>>>>>>>>>>>>> keycloak-user mailing list
>>>>>>>>>>>>>>>
keycloak-user(a)lists.jboss.org
>>>>>>>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>
_______________________________________________
>>>>>>>>>>>> keycloak-user mailing list
>>>>>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
_______________________________________________
>>>>>>>>>>> keycloak-user mailing
listkeycloak-user@lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
_______________________________________________
>>>>>>>>>>> keycloak-user mailing list
>>>>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> keycloak-user mailing list
>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>