5:50 a.m.
Hi all !
My problem is described in the KEYCLOAK-4989 issue, titled < add optional LDAP
userPassword hashing >
I'm in the worst case scenario as I use OpenLDAP that doesn't hash password by
default and the way it has been installed, I don't have the < ppolicy overlay >
available.
So Keycloak sends password in clear text and I thought that I could add specific OpenLDAP
configuration to hash the password before.
The LDAP administration has already some specific configuration for AD and I thought that
I could start from here. (org.keycloak.storage.ldap.mappers.msad.
MSADUserAccountControlStorageMapperFactory for example)
So, I've written my own StorageMapperFactory :
public class OpenLDAPUserAccountControlStorageMapperFactory implements
LDAPStorageMapperFactory<LDAPStorageMapper>
That needs these dependencies :
<dependencies>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-core</artifactId>
<version>${version.keycloak}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-services</artifactId>
<version>${version.keycloak}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-server-spi</artifactId>
<version>${version.keycloak}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-ldap-federation</artifactId>
<version>${version.keycloak}</version>
<scope>provided</scope>
</dependency>
</dependencies>
But whenever I try to deploy the jar, I get :
cat hash-password-openldap-provider.jar.failed
{"WFLYCTL0080: Failed services" =>
{"jboss.deployment.unit.\"hash-password-openldap-provider.jar\".POST_MODULE"
=> "WFLYSRV0153: Failed to process phase POST_MODULE of deployment
\"hash-password-openldap-provider.jar\"
Caused by: java.lang.NoClassDefFoundError: Failed to link
fr/calvados/keycloak/storage/ldap/mappers/openldap/OpenLDAPUserAccountControlStorageMapperFactory
(Module \"deployment.hash-password-openldap-provider.jar\" from Service Module
Loader): org/keycloak/storage/ldap/mappers/LDAPStorageMapperFactory"}}
I probably lack one dependence but I can't find which one as the error message
doesn't give a clue and my maven project compiles.
Could you help me to find out what is wrong ?
Regards,
Jean-Damien Bouvier
<a href="http://www.calvados.fr" target="_blank"><img
src="https://www.calvados.fr/files/live/sites/calvados/files/signature-departement-calvados.gif"
alt="Calvados Département - www.calvados.fr" border=0/></a>
**************************************************************************************************
« Cette transmission contient des informations confidentielles et/ou personnelles
appartenant au conseil départemental du Calvados pour être utilisées exclusivement par
le
destinataire. Toute utilisation, reproduction, publication, diffusion en l'état ou
partiellement par une autre personne que le destinataire est interdite, sauf
autorisation
expresse du conseil départemental du Calvados. En cas d'erreur de transmission, merci
de
détruire le(s) document(s) reçu(s). Le conseil départemental du Calvados n'est pas
responsable des virus, altérations, falsifications.
Droits réservés - conseil départemental du Calvados».
**************************************************************************************************
2:13 p.m.
Hello Jean-Damien,
When deploying via the standalone/deployments dir, you'll need to provide a
META-INF/jboss-deployment-structure.xml similar to this:
<?xml version="1.0" encoding="UTF-8"?>
<jboss-deployment-structure>
<deployment>
<dependencies>
<module name="org.keycloak.keycloak-ldap-federation" />
</dependencies>
</deployment>
</jboss-deployment-structure>
AFAIK other dependencies (keycloak-core, keycloak-services, keycloak-server-spi) should be
provided implicitly, so no need to declare them.
Good luck,
Dmitry Telegin
CTO, Acutus s.r.o.
Keycloak Consulting and Training
Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
+42 (022) 888-30-71
E-mail: info(a)acutus.pro
On Wed, 2019-01-30 at 11:50 +0000, BOUVIER Jean-Damien wrote:
Hi all !
My problem is described in the KEYCLOAK-4989 issue, titled < add optional LDAP
userPassword hashing >
I'm in the worst case scenario as I use OpenLDAP that doesn't hash password by
default and the way it has been installed, I don't have the < ppolicy overlay >
available.
So Keycloak sends password in clear text and I thought that I could add specific OpenLDAP
configuration to hash the password before.
The LDAP administration has already some specific configuration for AD and I thought that
I could start from here. (org.keycloak.storage.ldap.mappers.msad.
MSADUserAccountControlStorageMapperFactory for example)
So, I've written my own StorageMapperFactory :
public class OpenLDAPUserAccountControlStorageMapperFactory implements
LDAPStorageMapperFactory<LDAPStorageMapper>
That needs these dependencies :
<dependencies>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-core</artifactId>
<version>${version.keycloak}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-services</artifactId>
<version>${version.keycloak}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-server-spi</artifactId>
<version>${version.keycloak}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-ldap-federation</artifactId>
<version>${version.keycloak}</version>
<scope>provided</scope>
</dependency>
</dependencies>
But whenever I try to deploy the jar, I get :
cat hash-password-openldap-provider.jar.failed
{"WFLYCTL0080: Failed services" =>
{"jboss.deployment.unit.\"hash-password-openldap-provider.jar\".POST_MODULE"
=> "WFLYSRV0153: Failed to process phase POST_MODULE of deployment
\"hash-password-openldap-provider.jar\"
Caused by: java.lang.NoClassDefFoundError: Failed to link
fr/calvados/keycloak/storage/ldap/mappers/openldap/OpenLDAPUserAccountControlStorageMapperFactory
(Module \"deployment.hash-password-openldap-provider.jar\" from Service Module
Loader): org/keycloak/storage/ldap/mappers/LDAPStorageMapperFactory"}}
I probably lack one dependence but I can't find which one as the error message
doesn't give a clue and my maven project compiles.
Could you help me to find out what is wrong ?
Regards,
Jean-Damien Bouvier
> <a href="http://www.calvados.fr" target="_blank"><img
src="https://www.calvados.fr/files/live/sites/calvados/files/signature-departement-calvados.gif"
alt="Calvados Département - www.calvados.fr" border=0/></a>
**************************************************************************************************
« Cette transmission contient des informations confidentielles et/ou personnelles
appartenant au conseil départemental du Calvados pour être utilisées exclusivement par
le
destinataire. Toute utilisation, reproduction, publication, diffusion en l'état ou
partiellement par une autre personne que le destinataire est interdite, sauf
autorisation
expresse du conseil départemental du Calvados. En cas d'erreur de transmission, merci
de
détruire le(s) document(s) reçu(s). Le conseil départemental du Calvados n'est pas
responsable des virus, altérations, falsifications.
Droits réservés - conseil départemental du Calvados».
**************************************************************************************************
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
2168
days inactive
2170
days old
1 comments
2 participants
participants (2)
-
BOUVIER Jean-Damien -
Dmitry Telegin