11:30 a.m.
ok, i had to go to : User1 | ROLE MAPPING | APPLICATION ROLES | select the
application : realm-management | add the role : realm-admin to my user and
now it is working !
Questions :
# 1 / Why is the application : realm-management involved in this ? In the
example am using the application : examples-admin-client which is
completely different !
# 2 / When someone needs to administer a realm via the admin client which
client id do you recommend using ? do we have to create a new client id (i
mean application) or should we use some application created by default
within the realm such as : realm-management on or : security-admin-console ?
On Tue, Dec 30, 2014 at 6:08 PM, Alexander Chriztopher <
alexander.chriztopher(a)gmail.com> wrote:
Yes that option was activated for the realm !!
On Tue, Dec 30, 2014 at 1:31 PM, Stian Thorgersen <stian(a)redhat.com>
wrote:
> Did you enable 'Direct Grant API' for your realm? If not open the admin
> console click on the realm -> settings -> login and toggle 'Direct Grant
> API' to ON
>
> ----- Original Message -----
> > From: "Alexander Chriztopher" <alexander.chriztopher(a)gmail.com>
> > To: keycloak-user(a)lists.jboss.org
> > Sent: Friday, 19 December, 2014 4:06:56 PM
> > Subject: [keycloak-user] HTTP 403 Forbidden on Keycloak.getInstance
> >
> > Hi,
> >
> > I have a realm with an application called : examples-admin-client and
> would
> > like to use it to manage my realm but i get an error :
> > javax.ws.rs.ClientErrorException: HTTP 403 Forbidden every time i make
> the
> > following call :
> >
> > Keycloak keycloak = Keycloak.getInstance(authServer, "realm-name",
> "User1",
> > "password", "examples-admin-client",
> > "a5890cdf-e1df-40c0-9d50-26ad2f7badde");
> >
> > When i try to do the same thing with the example realm (i use the json
> > example-realm.json provided by the keycloak project) this works nicely
> > actually !
> >
> > Btw, i can successfully login with the user : User1 with that password.
> >
> > This is the json for my realm :
> >
> > {
> > "realm": "realm-name",
> > "realm-public-key":
> >
>
"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCxwUIE6W3BZYlSxDPpwkknb2ObnrEsGMUJGy3HfNEfkfu9rcY5bxkllLsW32KlR78++xtuI11IE2nuh6nJmUsIKMb55Ez9n7/E9kPmSF6lxavZlQY0HfBnR3ZWgzsoUUz4n7pOhmqHIAGXeuxnMDQ5/upwcolFIZRor1v7oT/H8QIDAQAB",
> > "auth-server-url": " http://localhost:8080/auth ",
> > "ssl-required": "none",
> > "resource": "examples-admin-client",
> > "credentials": {
> > "secret": "a5890cdf-e1df-40c0-9d50-26ad2f7badde"
> > }
> > }
> >
> > Thanks for any help on this one !
> >
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user(a)lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>
1:36 a.m.
New subject: HTTP 403 Forbidden on Keycloak.getInstance
----- Original Message -----
From: "Alexander Chriztopher"
<alexander.chriztopher(a)gmail.com>
To: keycloak-user(a)lists.jboss.org
Sent: Tuesday, 30 December, 2014 6:30:04 PM
Subject: Re: [keycloak-user] HTTP 403 Forbidden on Keycloak.getInstance
ok, i had to go to : User1 | ROLE MAPPING | APPLICATION ROLES | select the
application : realm-management | add the role : realm-admin to my user and
now it is working !
Questions :
# 1 / Why is the application : realm-management involved in this ? In the
example am using the application : examples-admin-client which is completely
different !
The application realm-management is a bit artificial, we only use it to represent the
roles for managing the realm. It works, but maybe not the most elegant.
# 2 / When someone needs to administer a realm via the admin client
which
client id do you recommend using ? do we have to create a new client id (i
mean application) or should we use some application created by default
within the realm such as : realm-management on or : security-admin-console ?
Your own
On Tue, Dec 30, 2014 at 6:08 PM, Alexander Chriztopher <
alexander.chriztopher(a)gmail.com > wrote:
Yes that option was activated for the realm !!
On Tue, Dec 30, 2014 at 1:31 PM, Stian Thorgersen < stian(a)redhat.com > wrote:
Did you enable 'Direct Grant API' for your realm? If not open the admin
console click on the realm -> settings -> login and toggle 'Direct Grant
API' to ON
----- Original Message -----
> From: "Alexander Chriztopher" < alexander.chriztopher(a)gmail.com >
> To: keycloak-user(a)lists.jboss.org
> Sent: Friday, 19 December, 2014 4:06:56 PM
> Subject: [keycloak-user] HTTP 403 Forbidden on Keycloak.getInstance
>
> Hi,
>
> I have a realm with an application called : examples-admin-client and would
> like to use it to manage my realm but i get an error :
> javax.ws.rs.ClientErrorException: HTTP 403 Forbidden every time i make the
> following call :
>
> Keycloak keycloak = Keycloak.getInstance(authServer, "realm-name",
"User1",
> "password", "examples-admin-client",
> "a5890cdf-e1df-40c0-9d50-26ad2f7badde");
>
> When i try to do the same thing with the example realm (i use the json
> example-realm.json provided by the keycloak project) this works nicely
> actually !
>
> Btw, i can successfully login with the user : User1 with that password.
>
> This is the json for my realm :
>
> {
> "realm": "realm-name",
> "realm-public-key":
>
"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCxwUIE6W3BZYlSxDPpwkknb2ObnrEsGMUJGy3HfNEfkfu9rcY5bxkllLsW32KlR78++xtuI11IE2nuh6nJmUsIKMb55Ez9n7/E9kPmSF6lxavZlQY0HfBnR3ZWgzsoUUz4n7pOhmqHIAGXeuxnMDQ5/upwcolFIZRor1v7oT/H8QIDAQAB",
> "auth-server-url": " http://localhost:8080/auth ",
> "ssl-required": "none",
> "resource": "examples-admin-client",
> "credentials": {
> "secret": "a5890cdf-e1df-40c0-9d50-26ad2f7badde"
> }
> }
>
> Thanks for any help on this one !
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
3658
days inactive
3661
days old
1 comments
2 participants
participants (2)
-
Alexander Chriztopher -
Stian Thorgersen