[keycloak-user] Admin's password override

Juraci Paixão Kröhling juraci at kroehling.de
Wed Mar 18 05:07:07 EDT 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 03/18/2015 09:31 AM, Stian Thorgersen wrote:
>> Interesting, who can create a tenant then? Do you not need an
>> admin for that?

Self-registration is active for the "Hawkular" realm and we decided to
perform authorizations on our side. So, each user on the realm is
considered a tenant in our side (not 100% true, but it's a good
approximation, I can send you more details if you are interested).

>> Do you reckon that users of Hawkular will use the KC admin
>> console at all? If not then just set the password to something
>> random with the mechanism Marek pointed out.

Hawkular users will not have access to the "admin console". Nothing
forbids, of course, a system administrator with access to the KC
"admin" account to have a Hawkular account though. But those are
independent: an admin on "master" realm is not a privileged user on
"hawkular" realm. This *may* change in the future, though, if/when we
end up having an admin console on Hawkular.

- - Juca.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJVCUA7AAoJEDnJtskdmzLMvr4H/24+3CHM6HXw/BjMWx5gFzCj
vYgtJYsUEM9bzxHDUcgFcLdS/0Y9TbVpoT2XB8VZC0ZimIMb7DgNuTKBEWdbYri3
1rZxCDeWEbm03Dyy8zuF3iddjTqjP3FwTrEIhQu4A6a6py3xffwIicwISFFYr7UG
gUoGy/VOp7ZHEfCarvfnJYYjgXZXJgIzsoRaYkIRf+zfIpw2/H2zYzIBnJxMI1x4
5ciPQMYDRO8Dei3nwRU7lE47MHF4oWkm+d89Qc7pucOkcOpbjo0A3l9ctSOEXur+
ZkkhYFNgIO31AwT7audQF4owLiALrclN0gPTHpMB4hK0D5dY/q7692sKbMd/hCg=
=4DOJ
-----END PGP SIGNATURE-----


More information about the keycloak-user mailing list