1:11 a.m.
While implementing a UserFederationFactory I have provided several configuration options
that the keycloak administrator can configure. The available options are returned from
the UserFederationProviderFactory.getConfigurationOptions() method. My use case, which I
think would be fairly common, is to allow configuration of a DataSource which requires a
username and password to be configured. Currently the password is displayed in clear text
in the admin console. It would be nice to be able to specify which configuration options
are passwords and have them at least masked in the admin console using input type of
"password". Encryption would also be another nice feature but maybe just
simply having the ability to mask the password would be a nice first step.
Regards,
Anthony
The content of this e-mail, including any attachments, is a confidential communication
between Virgin Australia Airlines Pty Ltd (Virgin Australia) or its related entities (or
the sender if this email is a private communication) and the intended addressee and is for
the sole use of that intended addressee. If you are not the intended addressee, any use,
interference with, disclosure or copying of this material is unauthorized and prohibited.
If you have received this e-mail in error please contact the sender immediately and then
delete the message and any attachment(s). There is no warranty that this email is error,
virus or defect free. This email is also subject to copyright. No part of it should be
reproduced, adapted or communicated without the written consent of the copyright owner. If
this is a private communication it does not represent the views of Virgin Australia or its
related entities. Please be aware that the contents of any emails sent to or from Virgin
Australia or its related entities may be periodically monitored and reviewed. Virgin
Australia and its related entities respect your privacy. Our privacy policy can be
accessed from our website: www.virginaustralia.com
1:50 a.m.
You can create JIRA to request this, but doesn't look like big priority
(at least to me).
IMO the better way to address this would be that you will add just one
configuration option to UserFederationProvider with JNDI URL of
datasource, and the datasource itself ( connection url, username,
password etc) would be configured in wildfly configuration file (
standalone/configuration/standalone.xml ). That's the approach, which we
itself use in our component for JPA connections (see
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
)
Marek
On 19/04/16 08:11, Anthony Fryer wrote:
While implementing a UserFederationFactory I have provided several
configuration options that the keycloak administrator can configure.
The available options are returned from the
UserFederationProviderFactory.getConfigurationOptions() method. My
use case, which I think would be fairly common, is to allow
configuration of a DataSource which requires a username and password
to be configured. Currently the password is displayed in clear text
in the admin console. It would be nice to be able to specify which
configuration options are passwords and have them at least masked in
the admin console using input type of “password”. Encryption would
also be another nice feature but maybe just simply having the ability
to mask the password would be a nice first step.
Regards,
Anthony
The content of this e-mail, including any attachments, is a
confidential communication between Virgin Australia Airlines Pty Ltd
(Virgin Australia) or its related entities (or the sender if this
email is a private communication) and the intended addressee and is
for the sole use of that intended addressee. If you are not the
intended addressee, any use, interference with, disclosure or copying
of this material is unauthorized and prohibited. If you have received
this e-mail in error please contact the sender immediately and then
delete the message and any attachment(s). There is no warranty that
this email is error, virus or defect free. This email is also subject
to copyright. No part of it should be reproduced, adapted or
communicated without the written consent of the copyright owner. If
this is a private communication it does not represent the views of
Virgin Australia or its related entities. Please be aware that the
contents of any emails sent to or from Virgin Australia or its related
entities may be periodically monitored and reviewed. Virgin Australia
and its related entities respect your privacy. Our privacy policy can
be accessed from our website: www.virginaustralia.com
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
3:25 a.m.
Hi Marek,
Thanks for the suggestion for using a container configured datasource. We also need to
configure username and password for calling web services from the same
UserFederationFactory, so I think it would still be a useful feature.
Regards,
Anthony
From: Marek Posolda [mailto:mposolda@redhat.com]
Sent: Tuesday, 19 April 2016 4:51 PM
To: Anthony Fryer; keycloak-user (keycloak-user(a)lists.jboss.org)
Subject: Re: [keycloak-user] password type configuration options for a
UserFederationFactory
You can create JIRA to request this, but doesn't look like big priority (at least to
me).
IMO the better way to address this would be that you will add just one configuration
option to UserFederationProvider with JNDI URL of datasource, and the datasource itself (
connection url, username, password etc) would be configured in wildfly configuration file
( standalone/configuration/standalone.xml ). That's the approach, which we itself use
in our component for JPA connections (see
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
)
Marek
On 19/04/16 08:11, Anthony Fryer wrote:
While implementing a UserFederationFactory I have provided several configuration options
that the keycloak administrator can configure. The available options are returned from
the UserFederationProviderFactory.getConfigurationOptions() method. My use case, which I
think would be fairly common, is to allow configuration of a DataSource which requires a
username and password to be configured. Currently the password is displayed in clear text
in the admin console. It would be nice to be able to specify which configuration options
are passwords and have them at least masked in the admin console using input type of
"password". Encryption would also be another nice feature but maybe just
simply having the ability to mask the password would be a nice first step.
Regards,
Anthony
The content of this e-mail, including any attachments, is a confidential communication
between Virgin Australia Airlines Pty Ltd (Virgin Australia) or its related entities (or
the sender if this email is a private communication) and the intended addressee and is for
the sole use of that intended addressee. If you are not the intended addressee, any use,
interference with, disclosure or copying of this material is unauthorized and prohibited.
If you have received this e-mail in error please contact the sender immediately and then
delete the message and any attachment(s). There is no warranty that this email is error,
virus or defect free. This email is also subject to copyright. No part of it should be
reproduced, adapted or communicated without the written consent of the copyright owner. If
this is a private communication it does not represent the views of Virgin Australia or its
related entities. Please be aware that the contents of any emails sent to or from Virgin
Australia or its related entities may be periodically monitored and reviewed. Virgin
Australia and its related entities respect your privacy. Our privacy policy can be
accessed from our website: www.virginaustralia.com<http://www.virginaustralia.com>
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user
The content of this e-mail, including any attachments, is a confidential communication
between Virgin Australia Airlines Pty Ltd (Virgin Australia) or its related entities (or
the sender if this email is a private communication) and the intended addressee and is for
the sole use of that intended addressee. If you are not the intended addressee, any use,
interference with, disclosure or copying of this material is unauthorized and prohibited.
If you have received this e-mail in error please contact the sender immediately and then
delete the message and any attachment(s). There is no warranty that this email is error,
virus or defect free. This email is also subject to copyright. No part of it should be
reproduced, adapted or communicated without the written consent of the copyright owner. If
this is a private communication it does not represent the views of Virgin Australia or its
related entities. Please be aware that the contents of any emails sent to or from Virgin
Australia or its related entities may be periodically monitored and reviewed. Virgin
Australia and its related entities respect your privacy. Our privacy policy can be
accessed from our website: www.virginaustralia.com
3168
days inactive
3168
days old
2 comments
2 participants
participants (2)
-
Anthony Fryer -
Marek Posolda