[keycloak-user] User-Federation

Renann Prado prado.renann at gmail.com
Thu Feb 11 08:17:14 EST 2016


Everyone*
On Feb 11, 2016 11:16, "Renann Prado" <prado.renann at gmail.com> wrote:

> Is there any recommended way to make sure these endpoints won't be spammed
> by an attacker? Looks like these endpoints need to be open to anyone.
>
> Thanks
> On Feb 3, 2016 11:18, "Reed Lewis" <RLewis at carbonite.com> wrote:
>
>> If you use the federation provider listed here:
>>
>> [0]: http://tech.smartling.com/migrate-to-keycloak-with-zero-downtime/
>> [1]: https://github.com/Smartling/keycloak-user-migration-provider
>>
>> You can specify a URL that will be called when a user needs to be
>> validated.
>>
>> There are three requests that need to be implemented in your sever.
>>
>> GET <baseURL>/api/users/<username>/
>> If the user exists, it should return a 200 with a json object with the
>> return type “application/json” with the following fields:
>> username
>> email
>> emailVerified
>> firstName
>> lastName
>> roles [“user”]
>>
>> If the user does not exist, return a 404
>>
>> HEAD <baseURL>/api/users/<username>/
>> Always return 200
>>
>> POST <baseURL>/api/users/<username>/
>> The password is posted to you in a json object.
>> Return 200 if the password is OK, 401 if not.  In both cases return no
>> data.
>>
>> I wrote a small python module which implements these methods which works
>> quite well.
>>
>> Reed
>>
>> From: <keycloak-user-bounces at lists.jboss.org> on behalf of Stuart Jacobs
>> <stuart.jacobs at symbiotics.co.za>
>> Date: Wednesday, February 3, 2016 at 2:40 AM
>> To: "keycloak-user at lists.jboss.org" <keycloak-user at lists.jboss.org>
>> Subject: [keycloak-user] User-Federation
>>
>> Hi Everyone,
>>
>> I have an application that runs on a postgresql database, keycloak has
>> been configured and has created all the required tables/columns in my
>> schema using liquibase on start up of the keycloak server.
>>
>> I need to authenticate users using the projects existing user table
>> obtaining the username and password from this table.
>>
>> I have had a look at the federation provider project under the example
>> projects but this still eludes me as to how I change the keycloak mapping
>> to use my own tables in postgress?
>>
>> Can someone please point me in the right direction or if someone has
>> implemented such a solution please share how you have done it?
>>
>> Thanks everyone.
>>
>>   Regards,
>>   Stuart Jacobs
>>
>>
>>
>>
>>
>>
>>
>> www.symbiotics.co.za
>>
>> ********************************************************************************
>> This email and any accompanying attachments may contain confidential and
>> proprietary information. This information is private and protected by law
>> and, accordingly, if you are not the intended recipient, you are requested
>> to delete this entire communication immediately and are notified that any
>> disclosure, copying or distribution of or taking any action based on this
>> information is prohibited.
>>
>> Emails cannot be guaranteed to be secure or free of errors or viruses.
>> The sender does not accept any liability or responsibility for any
>> interception, corruption, destruction, loss, late arrival or incompleteness
>> of or tampering or interference with any of the information contained in
>> this email or for its incorrect delivery or non-delivery for whatsoever
>> reason or for its effect on any electronic device of the recipient.
>>
>> ********************************************************************************
>>
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160211/6164ad32/attachment.html 


More information about the keycloak-user mailing list