[keycloak-user] Admin's password override

Juraci Paixão Kröhling juraci at kroehling.de
Wed Mar 18 04:15:55 EDT 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 03/18/2015 05:07 AM, Stian Thorgersen wrote:
>> Sounds a bit hackish to me ;)

Indeed :)

>> Why not just use the same user for the Hawkular admin console?
>> That way they'll change the password when they login to Hawkular
>> for the first time.

Each Hawkular user is an "account", that have "tenancy" semantics. So,
there's no notion of "admin" for Hawkular yet, and we are not
convinced we need one. Perhaps that will change in the future, and if
so, this would certainly be an option.

But I'm not sure what you are suggesting: to use the "master" realm as
the realm for Hawkular? Or to create an user on "hawkular" realm and
assign this user as an "admin" on the master realm? Wouldn't it mean
that there would be two users?

>> An alternative is that we need to support a way to recover the
>> admin password if it's lost. Would be a script or something that
>> can only be used locally. With that you could just set the
>> Keycloak admin password to something random.

Agree on the first two parts, but what would be a good way to
accomplish the third part (when to do it, and how to do it)? On first
boot?

- - Juca.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJVCTQ7AAoJEDnJtskdmzLMHF0H/0m5fokXt/IgyOd3Bu6+y5i4
BR8hXU0bziKtwHdLOnfgmOKGNd5cxrlvwY07Udo6IAqvuvwgvmoz470l87XEKfW5
GwiRT3HXoSbh+0kZRCBQgJaThH7k0PVbGRM5DzeoL+zsl6U6uqkZ47oLSgrL2dO8
6d0epTcg5PdAyJcFbDGi5SYa/PW6TkPQrR3wsA78IIippDP4FtrUPQzWVRdVaq+E
GITYoVovWgGkuzm/WzaP58YyihxDXyO8t8MDDoyV/QAq5rJjWKbXhN6kM28Jtv02
toizoDyvr4sVW25qCqaHjOYzfEsUYw4KCNugAfYoXrfnNNfzrk93dEh+/2j+SRU=
=J7vu
-----END PGP SIGNATURE-----


More information about the keycloak-user mailing list