From M.AntonyJoyson at spi-global.com Fri Mar 1 07:50:32 2019
From: M.AntonyJoyson at spi-global.com (AntonyJoyson, MariyaGeorge)
Date: Fri, 1 Mar 2019 12:50:32 +0000
Subject: [Apiman-user] Please reply : API Curl call login authentication for
multiple applications in a single login
Message-ID: <35BF860D49E8C54D91F23CC256E942824912B2A4@PCHNVSMB01.spi-global.com>
Hi team,
I am new to keycloak sso login while authentication the application with keycloak server application directly it will authenticating both the applications. While authenticating with curl api each time its authenticating as a new login I have to provide username and password for login from both the application. Am I missing any parameters to keep the session state in a synced way Please reply.
url
/protocol/openid-connect/token
Params
'grant_type' => 'password',
'response_type' => 'code',
'username' => $username,
'password' => $password,
Headers
'Content-type: application/x-www-form-urlencoded'
'Authorization: Basic ' . base64_encode($this->client_id . ':' . $this->secret)
Authentication is working for single application I need to access another application also with this single login
Thanks and Regards
Joyson Anto ~ Aj
Antony Joyson M
Software Engineer
TSG
SPi Global
M +91 9551347970
M.AntonyJoyson at spi-global.com
www.spi-global.com
SPi Global - Philippines Best Employer 2018, 13th Employer Branding Awards, Employer Branding Institute - India and 2018's Top 25 AI Companies in APAC by CIO Advisor
CONFIDENTIALITY NOTICE: This email, including its attachments, is intended for the use of the person/s it is addressed to. It may contain personal data, or information that is protected or privileged, which are protected from unauthorized use or disclosure by law.
If you are not the intended recipient, any dissemination, retention or use of any information contained in this email is prohibited. If you have received this email in error, please promptly notify the sender by reply email and delete the original email and any backup copies without reading them.
If you have questions or clarifications regarding any matter relating to data protection, you may write to the SPi Global Data Protection Office at dpo at spi-global.com. You may also file a complaint or report a security incident involving personal data by writing to: dpo at spi-global.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/apiman-user/attachments/20190301/104fdc40/attachment-0001.html
From eric.wittmann at redhat.com Fri Mar 1 09:05:54 2019
From: eric.wittmann at redhat.com (Eric Wittmann)
Date: Fri, 1 Mar 2019 09:05:54 -0500
Subject: [Apiman-user] [APIMAN] Failed to retire apis after docker
restart
In-Reply-To:
References:
Message-ID:
Is your Gateway also configured to use MySQL? The Manager and Gateway
layers can have different storage mechanisms. For example, one can use SQL
and the other can use Elasticsearch. If the gateway is not configured to
use some sort of external persistence storage, then every time the docker
image is restarted you will lose all of your published APIs. It is
possible that is what's happening here.
On Fri, Mar 1, 2019 at 8:32 AM Shubham Navale
wrote:
> So, I am using apiman 1.5.1 which is using MYSQL 8 as a database, along
> with external keycloak with client status public. The whole thing is
> running in docker. So, I have configured the gateway in apiman. And
> registered some apis. Now when I restart my docker of apiman, the gateway
> resets itself to its old setting. So, I reconfigured the gateway with my
> settings. But now when I am trying to retire my registered apis, it's
> throwing me some error.
>
> Error:-
> https://gist.github.com/ElavanResu/985ff4349ae81888581d320eb17e1f88
> _______________________________________________
> Apiman-user mailing list
> Apiman-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/apiman-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/apiman-user/attachments/20190301/07d4373a/attachment.html
From eric.wittmann at redhat.com Fri Mar 1 09:13:34 2019
From: eric.wittmann at redhat.com (Eric Wittmann)
Date: Fri, 1 Mar 2019 09:13:34 -0500
Subject: [Apiman-user] Apiman 1.2.9 Wildfly - How to capture bodies
In-Reply-To:
References:
Message-ID:
I don't think there is a way to log the full request/response payloads at
the moment, mainly because of the performance implications. However, you
could pretty easily implement a custom policy for this.
http://www.apiman.io/latest/developer-guide.html#_plugins
http://www.apiman.io/latest/developer-guide.html#_contributing_a_policy
On Fri, Mar 1, 2019 at 8:32 AM J?r?my HAURAY
wrote:
> Hello,
>
>
>
> I encounter some errors that don?t throw stack in response. It concern
> Transformation policy (json ? xml).
>
>
> I have no access to exposed api.
>
>
>
> To find the root cause, I need to compare inbound and outbound request
> bodies. Responses bodies could be interesting too.
>
>
> Do you know a method to capture bodies ?
>
>
> Thanks by advance.
>
>
> Best regards.
>
>
> J?r?my HAURAY
>
> _______________________________________________
> Apiman-user mailing list
> Apiman-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/apiman-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/apiman-user/attachments/20190301/f4a42b3c/attachment.html
From M.AntonyJoyson at spi-global.com Tue Mar 5 02:08:16 2019
From: M.AntonyJoyson at spi-global.com (AntonyJoyson, MariyaGeorge)
Date: Tue, 5 Mar 2019 07:08:16 +0000
Subject: [Apiman-user] Please reply : API Curl call user registration
Message-ID: <35BF860D49E8C54D91F23CC256E942824912B464@PCHNVSMB01.spi-global.com>
Hi team,
I am new to keycloak sso. I need to integerate user registration with keycloak in a curl method can you please send me / guide me to register the users in curl api method, Please reply.
url
http://{keycloak}/auth/admin/realms/{realm}/users
Params
{"enabled":true,"attributes":{},"username":"test123aj","emailVerified":"","email":"test at test.in1","firstName":"test1","lastName":"test1","requiredActions":["UPDATE_PROFILE"]}
Headers
'Content-type: application/x-www-form-urlencoded'
'Authorization: Basic ' . base64_encode($this->client_id . ':' . $this->secret)
Thanks and Regards
Joyson Anto ~ Aj
Antony Joyson M
Software Engineer
TSG
SPi Global
M +91 9551347970
M.AntonyJoyson at spi-global.com
www.spi-global.com
SPi Global - Philippines Best Employer 2018, 13th Employer Branding Awards, Employer Branding Institute - India and 2018's Top 25 AI Companies in APAC by CIO Advisor
CONFIDENTIALITY NOTICE: This email, including its attachments, is intended for the use of the person/s it is addressed to. It may contain personal data, or information that is protected or privileged, which are protected from unauthorized use or disclosure by law.
If you are not the intended recipient, any dissemination, retention or use of any information contained in this email is prohibited. If you have received this email in error, please promptly notify the sender by reply email and delete the original email and any backup copies without reading them.
If you have questions or clarifications regarding any matter relating to data protection, you may write to the SPi Global Data Protection Office at dpo at spi-global.com. You may also file a complaint or report a security incident involving personal data by writing to: dpo at spi-global.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/apiman-user/attachments/20190305/3c7c9016/attachment-0001.html
From Melih.Ozdemirkan at avivasa.com.tr Tue Mar 5 02:19:14 2019
From: Melih.Ozdemirkan at avivasa.com.tr (Melih Ozdemirkan)
Date: Tue, 5 Mar 2019 07:19:14 +0000
Subject: [Apiman-user] Please reply : API Curl call user registration
In-Reply-To: <35BF860D49E8C54D91F23CC256E942824912B464@PCHNVSMB01.spi-global.com>
References: <35BF860D49E8C54D91F23CC256E942824912B464@PCHNVSMB01.spi-global.com>
Message-ID:
Hi Antony,
User Federation might help you to resolve your issue. It has out of the box support with LDAP and Active Directory. It is also possible to write your own adapter to integrate with any custom Database.
https://www.keycloak.org/docs/3.2/server_admin/topics/user-federation.html
Melih
From: apiman-user-bounces at lists.jboss.org On Behalf Of AntonyJoyson, MariyaGeorge
Sent: Tuesday, March 5, 2019 10:08 AM
To: apiman-user at lists.jboss.org
Subject: [Apiman-user] Please reply : API Curl call user registration
Hi team,
I am new to keycloak sso. I need to integerate user registration with keycloak in a curl method can you please send me / guide me to register the users in curl api method, Please reply.
url
http://{keycloak}/auth/admin/realms/{realm}/users
Params
{"enabled":true,"attributes":{},"username":"test123aj","emailVerified":"","email":"test at test.in1","firstName":"test1","lastName":"test1","requiredActions":["UPDATE_PROFILE"]}
Headers
'Content-type: application/x-www-form-urlencoded'
'Authorization: Basic ' . base64_encode($this->client_id . ':' . $this->secret)
Thanks and Regards
Joyson Anto ~ Aj
Antony Joyson M
Software Engineer
TSG
SPi Global
M +91 9551347970
M.AntonyJoyson at spi-global.com
www.spi-global.com
SPi Global - Philippines Best Employer 2018, 13th Employer Branding Awards, Employer Branding Institute - India and 2018's Top 25 AI Companies in APAC by CIO Advisor
CONFIDENTIALITY NOTICE: This email, including its attachments, is intended for the use of the person/s it is addressed to. It may contain personal data, or information that is protected or privileged, which are protected from unauthorized use or disclosure by law.
If you are not the intended recipient, any dissemination, retention or use of any information contained in this email is prohibited. If you have received this email in error, please promptly notify the sender by reply email and delete the original email and any backup copies without reading them.
If you have questions or clarifications regarding any matter relating to data protection, you may write to the SPi Global Data Protection Office at dpo at spi-global.com. You may also file a complaint or report a security incident involving personal data by writing to: dpo at spi-global.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/apiman-user/attachments/20190305/1113973f/attachment.html
From M.AntonyJoyson at spi-global.com Tue Mar 5 07:40:53 2019
From: M.AntonyJoyson at spi-global.com (AntonyJoyson, MariyaGeorge)
Date: Tue, 5 Mar 2019 12:40:53 +0000
Subject: [Apiman-user] Please reply : API Curl call user registration
In-Reply-To:
References: <35BF860D49E8C54D91F23CC256E942824912B464@PCHNVSMB01.spi-global.com>
Message-ID: <35BF860D49E8C54D91F23CC256E942824912B524@PCHNVSMB01.spi-global.com>
Can I get the sample/example how to configure user federation for checking users at another projects database from keycloak.
Thanks and Regards
Joyson Anto ~ Aj
Antony Joyson M
Software Engineer
TSG
SPi Global
M +91 9551347970
M.AntonyJoyson at spi-global.com
www.spi-global.com
SPi Global - Philippines Best Employer 2018, 13th Employer Branding Awards, Employer Branding Institute - India and 2018's Top 25 AI Companies in APAC by CIO Advisor
CONFIDENTIALITY NOTICE: This email, including its attachments, is intended for the use of the person/s it is addressed to. It may contain personal data, or information that is protected or privileged, which are protected from unauthorized use or disclosure by law.
If you are not the intended recipient, any dissemination, retention or use of any information contained in this email is prohibited. If you have received this email in error, please promptly notify the sender by reply email and delete the original email and any backup copies without reading them.
If you have questions or clarifications regarding any matter relating to data protection, you may write to the SPi Global Data Protection Office at dpo at spi-global.com. You may also file a complaint or report a security incident involving personal data by writing to: dpo at spi-global.com.
From: Melih Ozdemirkan [mailto:Melih.Ozdemirkan at avivasa.com.tr]
Sent: Tuesday, March 5, 2019 12:49 PM
To: AntonyJoyson, MariyaGeorge ; apiman-user at lists.jboss.org
Subject: RE: Please reply : API Curl call user registration
Hi Antony,
User Federation might help you to resolve your issue. It has out of the box support with LDAP and Active Directory. It is also possible to write your own adapter to integrate with any custom Database.
https://www.keycloak.org/docs/3.2/server_admin/topics/user-federation.html
Melih
From: apiman-user-bounces at lists.jboss.org > On Behalf Of AntonyJoyson, MariyaGeorge
Sent: Tuesday, March 5, 2019 10:08 AM
To: apiman-user at lists.jboss.org
Subject: [Apiman-user] Please reply : API Curl call user registration
Hi team,
I am new to keycloak sso. I need to integerate user registration with keycloak in a curl method can you please send me / guide me to register the users in curl api method, Please reply.
url
http://{keycloak}/auth/admin/realms/{realm}/users
Params
{"enabled":true,"attributes":{},"username":"test123aj","emailVerified":"","email":"test at test.in1","firstName":"test1","lastName":"test1","requiredActions":["UPDATE_PROFILE"]}
Headers
'Content-type: application/x-www-form-urlencoded'
'Authorization: Basic ' . base64_encode($this->client_id . ':' . $this->secret)
Thanks and Regards
Joyson Anto ~ Aj
Antony Joyson M
Software Engineer
TSG
SPi Global
M +91 9551347970
M.AntonyJoyson at spi-global.com
www.spi-global.com
SPi Global - Philippines Best Employer 2018, 13th Employer Branding Awards, Employer Branding Institute - India and 2018's Top 25 AI Companies in APAC by CIO Advisor
CONFIDENTIALITY NOTICE: This email, including its attachments, is intended for the use of the person/s it is addressed to. It may contain personal data, or information that is protected or privileged, which are protected from unauthorized use or disclosure by law.
If you are not the intended recipient, any dissemination, retention or use of any information contained in this email is prohibited. If you have received this email in error, please promptly notify the sender by reply email and delete the original email and any backup copies without reading them.
If you have questions or clarifications regarding any matter relating to data protection, you may write to the SPi Global Data Protection Office at dpo at spi-global.com. You may also file a complaint or report a security incident involving personal data by writing to: dpo at spi-global.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/apiman-user/attachments/20190305/85d6d4e8/attachment-0001.html
From Melih.Ozdemirkan at avivasa.com.tr Tue Mar 5 07:49:13 2019
From: Melih.Ozdemirkan at avivasa.com.tr (Melih Ozdemirkan)
Date: Tue, 5 Mar 2019 12:49:13 +0000
Subject: [Apiman-user] Please reply : API Curl call user registration
In-Reply-To: <35BF860D49E8C54D91F23CC256E942824912B524@PCHNVSMB01.spi-global.com>
References: <35BF860D49E8C54D91F23CC256E942824912B464@PCHNVSMB01.spi-global.com>
<35BF860D49E8C54D91F23CC256E942824912B524@PCHNVSMB01.spi-global.com>
Message-ID:
Please check following samples;
https://github.com/keycloak/keycloak-quickstarts/tree/latest/user-storage-simple
https://github.com/keycloak/keycloak-quickstarts/tree/latest/user-storage-jpa
Melih
From: AntonyJoyson, MariyaGeorge
Sent: Tuesday, March 5, 2019 3:41 PM
To: Melih Ozdemirkan ; apiman-user at lists.jboss.org
Subject: RE: Please reply : API Curl call user registration
Can I get the sample/example how to configure user federation for checking users at another projects database from keycloak.
Thanks and Regards
Joyson Anto ~ Aj
Antony Joyson M
Software Engineer
TSG
SPi Global
M +91 9551347970
M.AntonyJoyson at spi-global.com
www.spi-global.com
SPi Global - Philippines Best Employer 2018, 13th Employer Branding Awards, Employer Branding Institute - India and 2018's Top 25 AI Companies in APAC by CIO Advisor
CONFIDENTIALITY NOTICE: This email, including its attachments, is intended for the use of the person/s it is addressed to. It may contain personal data, or information that is protected or privileged, which are protected from unauthorized use or disclosure by law.
If you are not the intended recipient, any dissemination, retention or use of any information contained in this email is prohibited. If you have received this email in error, please promptly notify the sender by reply email and delete the original email and any backup copies without reading them.
If you have questions or clarifications regarding any matter relating to data protection, you may write to the SPi Global Data Protection Office at dpo at spi-global.com. You may also file a complaint or report a security incident involving personal data by writing to: dpo at spi-global.com.
From: Melih Ozdemirkan [mailto:Melih.Ozdemirkan at avivasa.com.tr]
Sent: Tuesday, March 5, 2019 12:49 PM
To: AntonyJoyson, MariyaGeorge >; apiman-user at lists.jboss.org
Subject: RE: Please reply : API Curl call user registration
Hi Antony,
User Federation might help you to resolve your issue. It has out of the box support with LDAP and Active Directory. It is also possible to write your own adapter to integrate with any custom Database.
https://www.keycloak.org/docs/3.2/server_admin/topics/user-federation.html
Melih
From: apiman-user-bounces at lists.jboss.org > On Behalf Of AntonyJoyson, MariyaGeorge
Sent: Tuesday, March 5, 2019 10:08 AM
To: apiman-user at lists.jboss.org
Subject: [Apiman-user] Please reply : API Curl call user registration
Hi team,
I am new to keycloak sso. I need to integerate user registration with keycloak in a curl method can you please send me / guide me to register the users in curl api method, Please reply.
url
http://{keycloak}/auth/admin/realms/{realm}/users
Params
{"enabled":true,"attributes":{},"username":"test123aj","emailVerified":"","email":"test at test.in1","firstName":"test1","lastName":"test1","requiredActions":["UPDATE_PROFILE"]}
Headers
'Content-type: application/x-www-form-urlencoded'
'Authorization: Basic ' . base64_encode($this->client_id . ':' . $this->secret)
Thanks and Regards
Joyson Anto ~ Aj
Antony Joyson M
Software Engineer
TSG
SPi Global
M +91 9551347970
M.AntonyJoyson at spi-global.com
www.spi-global.com
SPi Global - Philippines Best Employer 2018, 13th Employer Branding Awards, Employer Branding Institute - India and 2018's Top 25 AI Companies in APAC by CIO Advisor
CONFIDENTIALITY NOTICE: This email, including its attachments, is intended for the use of the person/s it is addressed to. It may contain personal data, or information that is protected or privileged, which are protected from unauthorized use or disclosure by law.
If you are not the intended recipient, any dissemination, retention or use of any information contained in this email is prohibited. If you have received this email in error, please promptly notify the sender by reply email and delete the original email and any backup copies without reading them.
If you have questions or clarifications regarding any matter relating to data protection, you may write to the SPi Global Data Protection Office at dpo at spi-global.com. You may also file a complaint or report a security incident involving personal data by writing to: dpo at spi-global.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/apiman-user/attachments/20190305/f8026024/attachment-0001.html
From M.AntonyJoyson at spi-global.com Tue Mar 5 08:13:08 2019
From: M.AntonyJoyson at spi-global.com (AntonyJoyson, MariyaGeorge)
Date: Tue, 5 Mar 2019 13:13:08 +0000
Subject: [Apiman-user] Please reply : API Curl call user registration
In-Reply-To:
References: <35BF860D49E8C54D91F23CC256E942824912B464@PCHNVSMB01.spi-global.com>
<35BF860D49E8C54D91F23CC256E942824912B524@PCHNVSMB01.spi-global.com>
Message-ID: <35BF860D49E8C54D91F23CC256E942824912B538@PCHNVSMB01.spi-global.com>
I am using php applications, I don't know java technologies is there any way to create a user by curl api.
url
http://{keycloak}/auth/admin/realms/{realm}/users
Required params and headers
- for User_creation
- for user_updation
Thanks and Regards
Joyson Anto ~ Aj
Antony Joyson M
Software Engineer
TSG
SPi Global
M +91 9551347970
M.AntonyJoyson at spi-global.com
www.spi-global.com
SPi Global - Philippines Best Employer 2018, 13th Employer Branding Awards, Employer Branding Institute - India and 2018's Top 25 AI Companies in APAC by CIO Advisor
CONFIDENTIALITY NOTICE: This email, including its attachments, is intended for the use of the person/s it is addressed to. It may contain personal data, or information that is protected or privileged, which are protected from unauthorized use or disclosure by law.
If you are not the intended recipient, any dissemination, retention or use of any information contained in this email is prohibited. If you have received this email in error, please promptly notify the sender by reply email and delete the original email and any backup copies without reading them.
If you have questions or clarifications regarding any matter relating to data protection, you may write to the SPi Global Data Protection Office at dpo at spi-global.com. You may also file a complaint or report a security incident involving personal data by writing to: dpo at spi-global.com.
From: Melih Ozdemirkan [mailto:Melih.Ozdemirkan at avivasa.com.tr]
Sent: Tuesday, March 5, 2019 6:19 PM
To: AntonyJoyson, MariyaGeorge ; apiman-user at lists.jboss.org
Subject: RE: Please reply : API Curl call user registration
Please check following samples;
https://github.com/keycloak/keycloak-quickstarts/tree/latest/user-storage-simple
https://github.com/keycloak/keycloak-quickstarts/tree/latest/user-storage-jpa
Melih
From: AntonyJoyson, MariyaGeorge >
Sent: Tuesday, March 5, 2019 3:41 PM
To: Melih Ozdemirkan >; apiman-user at lists.jboss.org
Subject: RE: Please reply : API Curl call user registration
Can I get the sample/example how to configure user federation for checking users at another projects database from keycloak.
Thanks and Regards
Joyson Anto ~ Aj
Antony Joyson M
Software Engineer
TSG
SPi Global
M +91 9551347970
M.AntonyJoyson at spi-global.com
www.spi-global.com
SPi Global - Philippines Best Employer 2018, 13th Employer Branding Awards, Employer Branding Institute - India and 2018's Top 25 AI Companies in APAC by CIO Advisor
CONFIDENTIALITY NOTICE: This email, including its attachments, is intended for the use of the person/s it is addressed to. It may contain personal data, or information that is protected or privileged, which are protected from unauthorized use or disclosure by law.
If you are not the intended recipient, any dissemination, retention or use of any information contained in this email is prohibited. If you have received this email in error, please promptly notify the sender by reply email and delete the original email and any backup copies without reading them.
If you have questions or clarifications regarding any matter relating to data protection, you may write to the SPi Global Data Protection Office at dpo at spi-global.com. You may also file a complaint or report a security incident involving personal data by writing to: dpo at spi-global.com.
From: Melih Ozdemirkan [mailto:Melih.Ozdemirkan at avivasa.com.tr]
Sent: Tuesday, March 5, 2019 12:49 PM
To: AntonyJoyson, MariyaGeorge >; apiman-user at lists.jboss.org
Subject: RE: Please reply : API Curl call user registration
Hi Antony,
User Federation might help you to resolve your issue. It has out of the box support with LDAP and Active Directory. It is also possible to write your own adapter to integrate with any custom Database.
https://www.keycloak.org/docs/3.2/server_admin/topics/user-federation.html
Melih
From: apiman-user-bounces at lists.jboss.org > On Behalf Of AntonyJoyson, MariyaGeorge
Sent: Tuesday, March 5, 2019 10:08 AM
To: apiman-user at lists.jboss.org
Subject: [Apiman-user] Please reply : API Curl call user registration
Hi team,
I am new to keycloak sso. I need to integerate user registration with keycloak in a curl method can you please send me / guide me to register the users in curl api method, Please reply.
url
http://{keycloak}/auth/admin/realms/{realm}/users
Params
{"enabled":true,"attributes":{},"username":"test123aj","emailVerified":"","email":"test at test.in1","firstName":"test1","lastName":"test1","requiredActions":["UPDATE_PROFILE"]}
Headers
'Content-type: application/x-www-form-urlencoded'
'Authorization: Basic ' . base64_encode($this->client_id . ':' . $this->secret)
Thanks and Regards
Joyson Anto ~ Aj
Antony Joyson M
Software Engineer
TSG
SPi Global
M +91 9551347970
M.AntonyJoyson at spi-global.com
www.spi-global.com
SPi Global - Philippines Best Employer 2018, 13th Employer Branding Awards, Employer Branding Institute - India and 2018's Top 25 AI Companies in APAC by CIO Advisor
CONFIDENTIALITY NOTICE: This email, including its attachments, is intended for the use of the person/s it is addressed to. It may contain personal data, or information that is protected or privileged, which are protected from unauthorized use or disclosure by law.
If you are not the intended recipient, any dissemination, retention or use of any information contained in this email is prohibited. If you have received this email in error, please promptly notify the sender by reply email and delete the original email and any backup copies without reading them.
If you have questions or clarifications regarding any matter relating to data protection, you may write to the SPi Global Data Protection Office at dpo at spi-global.com. You may also file a complaint or report a security incident involving personal data by writing to: dpo at spi-global.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/apiman-user/attachments/20190305/b39a2711/attachment-0001.html
From M.AntonyJoyson at spi-global.com Thu Mar 21 05:30:40 2019
From: M.AntonyJoyson at spi-global.com (AntonyJoyson, MariyaGeorge)
Date: Thu, 21 Mar 2019 09:30:40 +0000
Subject: [Apiman-user] Keycloak client access limitations
Message-ID: <35BF860D49E8C54D91F23CC256E942824912C309@PCHNVSMB01.spi-global.com>
HI Team,
Im new to keycloak, Please help me to limit the users priviliges
I want to validate and restrict the users to login into multiple applications/client with keycloak login page authentication.
I have switched off the (Full Scope Allowed) and removed all the roles and assigned a single role for the client even though keycloak login page allows the user to login for that client even the user doesn't have any roles assigned.
Is there any way to restrict the users to login with restricted application access?
Thanks and Regards
Joyson Anto ~ Aj
Antony Joyson M
Software Engineer
TSG
SPi Global
M +91 9551347970
M.AntonyJoyson at spi-global.com
www.spi-global.com
SPi Global - Philippines Best Employer 2018, 13th Employer Branding Awards, Employer Branding Institute - India and 2018's Top 25 AI Companies in APAC by CIO Advisor
CONFIDENTIALITY NOTICE: This email, including its attachments, is intended for the use of the person/s it is addressed to. It may contain personal data, or information that is protected or privileged, which are protected from unauthorized use or disclosure by law.
If you are not the intended recipient, any dissemination, retention or use of any information contained in this email is prohibited. If you have received this email in error, please promptly notify the sender by reply email and delete the original email and any backup copies without reading them.
If you have questions or clarifications regarding any matter relating to data protection, you may write to the SPi Global Data Protection Office at dpo at spi-global.com. You may also file a complaint or report a security incident involving personal data by writing to: dpo at spi-global.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/apiman-user/attachments/20190321/3266a80b/attachment-0001.html
From M.AntonyJoyson at spi-global.com Fri Mar 22 10:04:15 2019
From: M.AntonyJoyson at spi-global.com (AntonyJoyson, MariyaGeorge)
Date: Fri, 22 Mar 2019 14:04:15 +0000
Subject: [Apiman-user] Keycloak setup and start the application with windows
service
Message-ID: <35BF860D49E8C54D91F23CC256E942824912C567@PCHNVSMB01.spi-global.com>
HI Team,
Im new to keycloak, Please help me to configure and start the keycloak application along with windows service
Thanks and Regards
Joyson Anto ~ Aj
Antony Joyson M
Software Engineer
TSG
SPi Global
M +91 9551347970
M.AntonyJoyson at spi-global.com
www.spi-global.com
SPi Global - Philippines Best Employer 2018, 13th Employer Branding Awards, Employer Branding Institute - India and 2018's Top 25 AI Companies in APAC by CIO Advisor
CONFIDENTIALITY NOTICE: This email, including its attachments, is intended for the use of the person/s it is addressed to. It may contain personal data, or information that is protected or privileged, which are protected from unauthorized use or disclosure by law.
If you are not the intended recipient, any dissemination, retention or use of any information contained in this email is prohibited. If you have received this email in error, please promptly notify the sender by reply email and delete the original email and any backup copies without reading them.
If you have questions or clarifications regarding any matter relating to data protection, you may write to the SPi Global Data Protection Office at dpo at spi-global.com. You may also file a complaint or report a security incident involving personal data by writing to: dpo at spi-global.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/apiman-user/attachments/20190322/a591cb7b/attachment-0001.html
From ruben at xanum.mx Thu Mar 28 20:46:52 2019
From: ruben at xanum.mx (=?UTF-8?Q?Juan_Rub=C3=A9n_Marrero_Vizca=C3=ADno?=)
Date: Thu, 28 Mar 2019 18:46:52 -0600
Subject: [Apiman-user] Apiman behind reverse proxy - help!
Message-ID:
Hi all!
I'm having trouble getting an Apiman docker instance up and running.
The setup is a docker-compose coordinated set of containers in a single VM,
running on the cloud.
$ docker ps
CONTAINER ID IMAGE COMMAND
CREATED STATUS
PORTS NAMES
59a1047d84bd apiman/on-wildfly11 "/opt/jboss/wildfly/?" 25
minutes ago Up 25 minutes
8080/tcp apiman
ca8bd1e3bb99 traefik "/traefik" About an
hour ago Up 25 minutes 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp,
0.0.0.0:8080->8080/tcp traefik
2a11b776409c nginx:alpine "nginx -g 'daemon of?" About an
hour ago Up 25 minutes
80/tcp nginx
21f8c3d3e14e portainer/portainer "/portainer" 2 hours
ago Up 25 minutes
9000/tcp portainer
Traefik proxies all connections and provides SSL termination. I'm using a
LetsEncrypt wildcard certificate; each service has a DNS subdomain.
- API-project.domain.tld -> apiman
- WEB-project.domain.tld -> nginx (static pages)
- PORTAINER-project.domain.tld -> portainer
- TRAEFIK-project.domain.tld -> traefik
All of this works. I can see on my browser each service including apimanui
The problem starts with the apiman login form. The form itself has a HTTP
and not HTTPS action endpoint.
if I login with the admin/admin123! credentials and hit enter, I'll POST to
the auth backend, receive a 302 REDIRECT, follow the redirect and then just
prints Forbidden to the screen. Refresh or back now fails with Bad request
to the screen. The only way to retry is clearing cookies and local storage.
I tried running the single line docker apiman incantation and it works on
my laptop, but not when mixed with other containers. Here is my
docker-compose file
-------------------
version: '2.4'
services:
portainer:
image: portainer/portainer
container_name: portainer
mem_limit: 1G
restart: always
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /mnt/disks/SSD1/portainer:/data
networks:
- network1
labels:
- "traefik.enable=true"
- "traefik.backend=portainer"
- "traefik.frontend.rule=Host:portainer-project.domain.tld"
- "traefik.port=9000"
- "traefik.protocol=http"
apiman:
image: apiman/on-wildfly11
container_name: apiman
mem_limit: 3G
restart: always
#volumes:
# - /mnt/disks/SSD1/apiman:/opt/jboss/wildfly/standalone:rw
networks:
- network1
labels:
- "traefik.enable=true"
- "traefik.backend=apiman"
- "traefik.frontend.rule=Host:api-project.domain.tld"
- "traefik.port=8080"
- "traefik.protocol=http"
web:
image: nginx:alpine
container_name: nginx
mem_limit: 512M
restart: always
networks:
- network1
labels:
- "traefik.enable=true"
- "traefik.backend=web"
- "traefik.frontend.rule=Host:web-project.domain.tld"
- "traefik.port=80"
- "traefik.protocol=http"
reverse-proxy:
image: traefik # The official Traefik docker image
container_name: traefik
ports:
- "80:80" # The HTTP port
- "8080:8080" # The Web UI (enabled by --api)
- "443:443" # The Web UI (enabled by --api)
networks:
- network1
volumes:
- /var/run/docker.sock:/var/run/docker.sock # So that Traefik can
listen to the Docker events
- /mnt/disks/SSD1/traefik/traefik.toml:/etc/traefik/traefik.toml
- /mnt/disks/SSD1/certs:/certs
labels:
- "traefik.enable=true"
- "traefik.backend=traefik"
- "traefik.frontend.rule=Host:traefik-project.domain.tld"
- "traefik.port=8080"
- "traefik.protocol=http"
networks:
network1:
name: web
--------------------------------
My final questions are:
How can I configure apiman to be aware that it will be called from an https
schema?
In general, What are the caveats of placing Apiman behind a reverse proxy?
Thanks!
--
*J. Rub?n Marrero V.*
GPG: 0x1D7087F7
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/apiman-user/attachments/20190328/68ad963a/attachment.html