[keycloak-user] User-Federation

Renann Prado prado.renann at gmail.com
Thu Feb 11 08:16:29 EST 2016


Is there any recommended way to make sure these endpoints won't be spammed
by an attacker? Looks like these endpoints need to be open to anyone.

Thanks
On Feb 3, 2016 11:18, "Reed Lewis" <RLewis at carbonite.com> wrote:

> If you use the federation provider listed here:
>
> [0]: http://tech.smartling.com/migrate-to-keycloak-with-zero-downtime/
> [1]: https://github.com/Smartling/keycloak-user-migration-provider
>
> You can specify a URL that will be called when a user needs to be
> validated.
>
> There are three requests that need to be implemented in your sever.
>
> GET <baseURL>/api/users/<username>/
> If the user exists, it should return a 200 with a json object with the
> return type “application/json” with the following fields:
> username
> email
> emailVerified
> firstName
> lastName
> roles [“user”]
>
> If the user does not exist, return a 404
>
> HEAD <baseURL>/api/users/<username>/
> Always return 200
>
> POST <baseURL>/api/users/<username>/
> The password is posted to you in a json object.
> Return 200 if the password is OK, 401 if not.  In both cases return no
> data.
>
> I wrote a small python module which implements these methods which works
> quite well.
>
> Reed
>
> From: <keycloak-user-bounces at lists.jboss.org> on behalf of Stuart Jacobs <
> stuart.jacobs at symbiotics.co.za>
> Date: Wednesday, February 3, 2016 at 2:40 AM
> To: "keycloak-user at lists.jboss.org" <keycloak-user at lists.jboss.org>
> Subject: [keycloak-user] User-Federation
>
> Hi Everyone,
>
> I have an application that runs on a postgresql database, keycloak has
> been configured and has created all the required tables/columns in my
> schema using liquibase on start up of the keycloak server.
>
> I need to authenticate users using the projects existing user table
> obtaining the username and password from this table.
>
> I have had a look at the federation provider project under the example
> projects but this still eludes me as to how I change the keycloak mapping
> to use my own tables in postgress?
>
> Can someone please point me in the right direction or if someone has
> implemented such a solution please share how you have done it?
>
> Thanks everyone.
>
>   Regards,
>   Stuart Jacobs
>
>
>
>
>
>
>
> www.symbiotics.co.za
>
> ********************************************************************************
> This email and any accompanying attachments may contain confidential and
> proprietary information. This information is private and protected by law
> and, accordingly, if you are not the intended recipient, you are requested
> to delete this entire communication immediately and are notified that any
> disclosure, copying or distribution of or taking any action based on this
> information is prohibited.
>
> Emails cannot be guaranteed to be secure or free of errors or viruses. The
> sender does not accept any liability or responsibility for any
> interception, corruption, destruction, loss, late arrival or incompleteness
> of or tampering or interference with any of the information contained in
> this email or for its incorrect delivery or non-delivery for whatsoever
> reason or for its effect on any electronic device of the recipient.
>
> ********************************************************************************
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160211/d777c2bf/attachment.html 


More information about the keycloak-user mailing list