Re: [keycloak-user] Configuring Admin Access Control or realm-management client role for LDAP user in keycloak via imported realm.json configuration
12:19 a.m.
Hi Marek,
I was trying to import realm.json which contains following entry, to
include hardcoded-ldap-mapper in keycloak, for realm-management role of
manage-users, but its failing to import, can you give us a small example of
such entry in realm.json which we can follow on.
// snippet of realm.json
* {*
* "name": "administrator",*
*"federationMapperType"**:
"hardcoded-ldap-role-mapper",*
*"**federationProviderDisplayName"*
* : "ldap",*
* "subComponents": {},*
* "config": {*
* "role": [*
* "realm-management.manage-users"*
* ]*
* }*
* }*
*Thanks *
On Thu, Jan 31, 2019 at 11:49 AM kapil joshi <kapilkumarjoshi001(a)gmail.com>
wrote:
Hi Marek,
I was trying to import realm.json which contains following entry, to
include hardcoded-ldap-mapper in keycloak, for realm-management role of
manage-users, but its failing to import, can you give us a small example of
such entry in realm.json which we can follow on.
// snippet of realm.json
* {*
* "name": "administrator",*
*"federationMapperType"**:
"hardcoded-ldap-role-mapper",*
*"**federationProviderDisplayName"*
* : "ldap",*
* "subComponents": {},*
* "config": {*
* "role": [*
* "realm-management.manage-users"*
* ]*
* }*
* }*
*Thanks *
*Kapil*
On Tue, Jan 29, 2019 at 2:38 PM kapil joshi <kapilkumarjoshi001(a)gmail.com>
wrote:
> Hi Marek,
>
> First of all thanks for your response, it works !!! . I tried mapping a
> client role (i.e realm-management roles), few observations:
> 1) I was not able to save the configuration was getting below attached
> error message.
> [image: image.png]
>
> But then i saw there is already a bug filed on this issue.
> So applied the work around, and was able to get the client role added for
> LDAP imported user.
>
> Thanks again,
> Kapil
>
>
>
> On Tue, Jan 29, 2019 at 1:43 AM Marek Posolda <mposolda(a)redhat.com>
> wrote:
>
>> Yes, this should be doable with hardcoded-ldap-role-mapper if I
>> understand your use-case correctly (See tab "mappers" in the admin
console
>> when you're on the page with the details of LDAP provider).
>>
>> Marek
>>
>> On 28/01/2019 10:24, kapil joshi wrote:
>>
>> Hi All,
>>
>> Can we assign realm-management client roles for users imported from LDAP in
>> Keycloak.
>> Currently we are trying to set up LDAP based user federation using by
>> importing a realm.json, configured with LDAP related configuration. Have
>> attached it to this email.
>> Basically the requirement is when we login to the client using the LDAP
>> credentials, the user should be able to access user-management and
>> view-realm client(i.e accessing the admin console) from client side.
>>
>> Thanks
>> Kapil
>>
>>
>> _______________________________________________
>> keycloak-user mailing
listkeycloak-user@lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>>
>>
2469
days inactive
2469
days old
0 comments
1 participants
participants (1)
-
kapil joshi