3:39 a.m.
HI Everyone,
I am looking for some example to integrate LDAP via keycloak admin client
api..
Any help is appreciated.
Regards,
Nabeel Ahmed
Cell # +92 333 540 5542
2:10 a.m.
Do you want to update LDAP provider with admin client? That's possible
as everything, which is doable in admin console, is doable with admin
client too.
Or do you want to authenticate as LDAP user with the admin client? Admin
client supports authenticating of Keycloak users or service accounts. So
you will need to add LDAP user storage provider in one of your realms
(either master or some other) and put some LDAP users into admin roles
(or configure role mappings from LDAP with LDAP role mappers) and then
you can authenticate to adminClient with username/password from LDAP.
Marek
On 20/03/17 09:39, Nabeel Ahmed wrote:
HI Everyone,
I am looking for some example to integrate LDAP via keycloak admin client
api..
Any help is appreciated.
Regards,
Nabeel Ahmed
Cell # +92 333 540 5542
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
2:25 a.m.
I want to add LDAP storage provider using admin client api.
On 21 Mar 2017 12:10 p.m., "Marek Posolda" <mposolda(a)redhat.com> wrote:
Do you want to update LDAP provider with admin client? That's
possible as
everything, which is doable in admin console, is doable with admin client
too.
Or do you want to authenticate as LDAP user with the admin client? Admin
client supports authenticating of Keycloak users or service accounts. So
you will need to add LDAP user storage provider in one of your realms
(either master or some other) and put some LDAP users into admin roles (or
configure role mappings from LDAP with LDAP role mappers) and then you can
authenticate to adminClient with username/password from LDAP.
Marek
On 20/03/17 09:39, Nabeel Ahmed wrote:
> HI Everyone,
>
> I am looking for some example to integrate LDAP via keycloak admin client
> api..
> Any help is appreciated.
>
> Regards,
>
> Nabeel Ahmed
> Cell # +92 333 540 5542
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
2:41 a.m.
since i am using 2.4.0.Final version and i guess it has been changed to
UserFederationProvider now.
Regards,
Nabeel Ahmed
Cell # +92 333 540 5542
On Tue, Mar 21, 2017 at 12:25 PM, Nabeel Ahmed <mr.beel(a)gmail.com> wrote:
I want to add LDAP storage provider using admin client api.
On 21 Mar 2017 12:10 p.m., "Marek Posolda" <mposolda(a)redhat.com> wrote:
> Do you want to update LDAP provider with admin client? That's possible as
> everything, which is doable in admin console, is doable with admin client
> too.
>
> Or do you want to authenticate as LDAP user with the admin client? Admin
> client supports authenticating of Keycloak users or service accounts. So
> you will need to add LDAP user storage provider in one of your realms
> (either master or some other) and put some LDAP users into admin roles (or
> configure role mappings from LDAP with LDAP role mappers) and then you can
> authenticate to adminClient with username/password from LDAP.
>
> Marek
>
> On 20/03/17 09:39, Nabeel Ahmed wrote:
>
>> HI Everyone,
>>
>> I am looking for some example to integrate LDAP via keycloak admin client
>> api..
>> Any help is appreciated.
>>
>> Regards,
>>
>> Nabeel Ahmed
>> Cell # +92 333 540 5542
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user(a)lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>
>
3:09 a.m.
So following is the code that i am trying execute but getting response 404.
UserFederationProviderRepresentation uf = new
UserFederationProviderRepresentation();
uf.setDisplayName("ldap-NP1FSM0991V");
uf.setProviderName("ldap");
uf.setPriority(1);
uf.setFullSyncPeriod(-1);
uf.setChangedSyncPeriod(-1);
Map<String, String> config = new HashMap<String, String>();
config.put("pagination", "true");
config.put("debug", "false");
config.put("searchScope", "1");
config.put("connectionPooling", "true");
// config.put("syncRegistrations", "true");
config.put("usersDn", "CN=Users,DC=rdx,DC=lgc,DC=com");
config.put("userObjectClasses", "person, organizationalPerson,
user");
config.put("usernameLDAPAttribute", "cn");
config.put("rdnLDAPAttribute", "cn");
config.put("uuidLDAPAttribute", "objectGUID");
config.put("baseCtxDN", "CN=Users,DC=rdx,DC=lgc,DC=com");
config.put("rolesCtxDN", "CN=Users,DC=rdx,DC=lgc,DC=com");
config.put("bindDn", "CN=Data Server,CN=Users,DC=rdx,DC=lgc,DC=com");
config.put("bindCredential", "123456");
config.put("vendor", "Active Directory");
config.put("editMode", "READ_ONLY");
config.put("connectionUrl", "ldap://[someserver]:389");
config.put("authType", "simple");
uf.setConfig(config);
Response response = kc.realm("DSISRealm").userFederation().create(uf);
Response Status: 404
Please help
Regards,
Nabeel Ahmed
Cell # +92 333 540 5542
On Tue, Mar 21, 2017 at 12:41 PM, Nabeel Ahmed <mr.beel(a)gmail.com> wrote:
since i am using 2.4.0.Final version and i guess it has been changed
to
UserFederationProvider now.
Regards,
Nabeel Ahmed
Cell # +92 333 540 5542
On Tue, Mar 21, 2017 at 12:25 PM, Nabeel Ahmed <mr.beel(a)gmail.com> wrote:
> I want to add LDAP storage provider using admin client api.
>
>
> On 21 Mar 2017 12:10 p.m., "Marek Posolda" <mposolda(a)redhat.com>
wrote:
>
>> Do you want to update LDAP provider with admin client? That's possible
>> as everything, which is doable in admin console, is doable with admin
>> client too.
>>
>> Or do you want to authenticate as LDAP user with the admin client? Admin
>> client supports authenticating of Keycloak users or service accounts. So
>> you will need to add LDAP user storage provider in one of your realms
>> (either master or some other) and put some LDAP users into admin roles (or
>> configure role mappings from LDAP with LDAP role mappers) and then you can
>> authenticate to adminClient with username/password from LDAP.
>>
>> Marek
>>
>> On 20/03/17 09:39, Nabeel Ahmed wrote:
>>
>>> HI Everyone,
>>>
>>> I am looking for some example to integrate LDAP via keycloak admin
>>> client
>>> api..
>>> Any help is appreciated.
>>>
>>> Regards,
>>>
>>> Nabeel Ahmed
>>> Cell # +92 333 540 5542
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user(a)lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>
>>
>>
3:21 a.m.
It's the opposite. In latest version there is no userFederationProvider,
but instead there is userStorageProvider. Those are created through
components.
See the admin console and check how the request to create new
userStorage provider should looks like. Or you can look at our testsuite
- for example UserStorageTest.
Marek
On 21/03/17 09:09, Nabeel Ahmed wrote:
So following is the code that i am trying execute but getting
response
404.
UserFederationProviderRepresentation uf = new
UserFederationProviderRepresentation();
uf.setDisplayName("ldap-NP1FSM0991V");
uf.setProviderName("ldap");
uf.setPriority(1);
uf.setFullSyncPeriod(-1);
uf.setChangedSyncPeriod(-1);
Map<String, String> config = new HashMap<String, String>();
config.put("pagination", "true");
config.put("debug", "false");
config.put("searchScope", "1");
config.put("connectionPooling", "true");
//config.put("syncRegistrations", "true");
config.put("usersDn", "CN=Users,DC=rdx,DC=lgc,DC=com");
config.put("userObjectClasses", "person, organizationalPerson,
user");
config.put("usernameLDAPAttribute", "cn");
config.put("rdnLDAPAttribute", "cn");
config.put("uuidLDAPAttribute", "objectGUID");
config.put("baseCtxDN", "CN=Users,DC=rdx,DC=lgc,DC=com");
config.put("rolesCtxDN", "CN=Users,DC=rdx,DC=lgc,DC=com");
config.put("bindDn", "CN=Data
Server,CN=Users,DC=rdx,DC=lgc,DC=com");
config.put("bindCredential", "123456");
config.put("vendor", "Active Directory");
config.put("editMode", "READ_ONLY");
config.put("connectionUrl", "ldap://[someserver]:389");
config.put("authType", "simple");
uf.setConfig(config);
Response response = kc.realm("DSISRealm").userFederation().create(uf);
Response Status: 404
Please help
Regards,
Nabeel Ahmed
Cell # +92 333 540 5542
On Tue, Mar 21, 2017 at 12:41 PM, Nabeel Ahmed <mr.beel(a)gmail.com
<mailto:mr.beel@gmail.com>> wrote:
since i am using 2.4.0.Final version and i guess it has been
changed to UserFederationProvider now.
Regards,
Nabeel Ahmed
Cell # +92 333 540 5542
On Tue, Mar 21, 2017 at 12:25 PM, Nabeel Ahmed <mr.beel(a)gmail.com
<mailto:mr.beel@gmail.com>> wrote:
I want to add LDAP storage provider using admin client api.
On 21 Mar 2017 12:10 p.m., "Marek Posolda"
<mposolda(a)redhat.com <mailto:mposolda@redhat.com>> wrote:
Do you want to update LDAP provider with admin client?
That's possible as everything, which is doable in admin
console, is doable with admin client too.
Or do you want to authenticate as LDAP user with the admin
client? Admin client supports authenticating of Keycloak
users or service accounts. So you will need to add LDAP
user storage provider in one of your realms (either master
or some other) and put some LDAP users into admin roles
(or configure role mappings from LDAP with LDAP role
mappers) and then you can authenticate to adminClient with
username/password from LDAP.
Marek
On 20/03/17 09:39, Nabeel Ahmed wrote:
HI Everyone,
I am looking for some example to integrate LDAP via
keycloak admin client
api..
Any help is appreciated.
Regards,
Nabeel Ahmed
Cell # +92 333 540 5542 <tel:%2B92%20333%20540%205542>
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
<mailto:keycloak-user@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user
<https://lists.jboss.org/mailman/listinfo/keycloak-user>
7:12 a.m.
Yes it worked. Thanks for helping
Regards,
Nabeel Ahmed
Cell # +92 333 540 5542
On Tue, Mar 21, 2017 at 1:21 PM, Marek Posolda <mposolda(a)redhat.com> wrote:
It's the opposite. In latest version there is no
userFederationProvider,
but instead there is userStorageProvider. Those are created through
components.
See the admin console and check how the request to create new userStorage
provider should looks like. Or you can look at our testsuite - for example
UserStorageTest.
Marek
On 21/03/17 09:09, Nabeel Ahmed wrote:
So following is the code that i am trying execute but getting response
404.
UserFederationProviderRepresentation uf = new
UserFederationProviderRepresentation();
uf.setDisplayName("ldap-NP1FSM0991V");
uf.setProviderName("ldap");
uf.setPriority(1);
uf.setFullSyncPeriod(-1);
uf.setChangedSyncPeriod(-1);
Map<String, String> config = new HashMap<String, String>();
config.put("pagination", "true");
config.put("debug", "false");
config.put("searchScope", "1");
config.put("connectionPooling", "true");
// config.put("syncRegistrations", "true");
config.put("usersDn", "CN=Users,DC=rdx,DC=lgc,DC=com");
config.put("userObjectClasses", "person, organizationalPerson,
user");
config.put("usernameLDAPAttribute", "cn");
config.put("rdnLDAPAttribute", "cn");
config.put("uuidLDAPAttribute", "objectGUID");
config.put("baseCtxDN", "CN=Users,DC=rdx,DC=lgc,DC=com");
config.put("rolesCtxDN", "CN=Users,DC=rdx,DC=lgc,DC=com");
config.put("bindDn", "CN=Data
Server,CN=Users,DC=rdx,DC=lgc,DC=com");
config.put("bindCredential", "123456");
config.put("vendor", "Active Directory");
config.put("editMode", "READ_ONLY");
config.put("connectionUrl", "ldap://[someserver]:389");
config.put("authType", "simple");
uf.setConfig(config);
Response response = kc.realm("DSISRealm").userFederation().create(uf);
Response Status: 404
Please help
Regards,
Nabeel Ahmed
Cell # +92 333 540 5542
On Tue, Mar 21, 2017 at 12:41 PM, Nabeel Ahmed <mr.beel(a)gmail.com> wrote:
> since i am using 2.4.0.Final version and i guess it has been changed to
> UserFederationProvider now.
>
> Regards,
>
> Nabeel Ahmed
> Cell # +92 333 540 5542
>
> On Tue, Mar 21, 2017 at 12:25 PM, Nabeel Ahmed <mr.beel(a)gmail.com> wrote:
>
>> I want to add LDAP storage provider using admin client api.
>>
>>
>> On 21 Mar 2017 12:10 p.m., "Marek Posolda" <mposolda(a)redhat.com>
wrote:
>>
>>> Do you want to update LDAP provider with admin client? That's possible
>>> as everything, which is doable in admin console, is doable with admin
>>> client too.
>>>
>>> Or do you want to authenticate as LDAP user with the admin client?
>>> Admin client supports authenticating of Keycloak users or service accounts.
>>> So you will need to add LDAP user storage provider in one of your realms
>>> (either master or some other) and put some LDAP users into admin roles (or
>>> configure role mappings from LDAP with LDAP role mappers) and then you can
>>> authenticate to adminClient with username/password from LDAP.
>>>
>>> Marek
>>>
>>> On 20/03/17 09:39, Nabeel Ahmed wrote:
>>>
>>>> HI Everyone,
>>>>
>>>> I am looking for some example to integrate LDAP via keycloak admin
>>>> client
>>>> api..
>>>> Any help is appreciated.
>>>>
>>>> Regards,
>>>>
>>>> Nabeel Ahmed
>>>> Cell # +92 333 540 5542
>>>> _______________________________________________
>>>> keycloak-user mailing list
>>>> keycloak-user(a)lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>
>>>
>>>
>>>
>
2843
days inactive
2844
days old
6 comments
2 participants
participants (2)
-
Marek Posolda -
Nabeel Ahmed