[keycloak-user] How to add Admin User

Stian Thorgersen sthorger at redhat.com
Thu Mar 3 07:50:17 EST 2016


On 3 March 2016 at 13:48, Stan Silvert <ssilvert at redhat.com> wrote:

> On 3/3/2016 12:09 AM, Stian Thorgersen wrote:
>
> The standard add-user script adds WildFly users, we want the standard
> script to add Keycloak users. It's a Keycloak server after all.
>
> You still need WildFly users if you want to use CLI (remotely) or web
> console.   As far as I know, we can't secure those things with Keycloak yet.
>

In the future we will secure it with Keycloak, in the mean time the
add-user has a '--container' option.


>
> There are workarounds, but I'm just saying, WildFly add-user.sh is a
> useful tool that we might want to still ship in some form until such time
> that CLI and web console is fully integrated with Keycloak.
>
>
> On 2 March 2016 at 20:00, Stan Silvert <ssilvert at redhat.com> wrote:
>
>> On 3/2/2016 1:50 PM, Stian Thorgersen wrote:
>>
>> Not a chance. In server dist we want to hide WildFly's add-user script.
>>
>> I could guess, but I have to ask, why?
>>
>>
>>
>> On 2 March 2016 at 14:12, Stan Silvert <ssilvert at redhat.com> wrote:
>>
>>> On 3/2/2016 7:02 AM, Stian Thorgersen wrote:
>>>
>>> In overlay the script should be add-user-keycloak. The overlay adds
>>> Keycloak server to an existing WildFly installation so we don't want to
>>> overwrite any existing files. I appreciate this may be confusing and
>>> inconsistent, but at the same time if we did overwrite people would
>>> probably complain about us overwriting the existing script.
>>>
>>> In the server dist this doesn't apply as the server is purely a Keycloak
>>> server, not a WildFly server.
>>>
>>> I guess the solution would be to make server dist consistent with
>>> overlay, so both are add-user-keycloak.  Not sure how I feel about that.
>>>
>>>
>>>
>>>
>>> On 2 March 2016 at 11:10, Bruno Oliveira <bruno at abstractj.org> wrote:
>>>
>>>> I'm not sure if I follow your question but './add-user.sh -u admin -p
>>>> admin' or './add-user.sh -u admin' should work.
>>>>
>>>> On Wed, Mar 2, 2016 at 7:03 AM Andrej Prievalsky <ado.boj.83 at gmail.com>
>>>> wrote:
>>>>
>>>>> Hi Bruno,
>>>>>
>>>>> thanks for answer.
>>>>> But from
>>>>> http://keycloak.github.io/docs/userguide/keycloak-server/html/server-installation.html#d4e116
>>>>> and section: *...you can use the add-user script from the
>>>>> command-line.*
>>>>> is my question is how exactly should looks like command with add-user
>>>>> script?
>>>>> Because in past we used this command: add-user.sh –container -u admin
>>>>> -p admin
>>>>>
>>>>> Andrej.
>>>>>
>>>>>
>>>>> On Wed, Mar 2, 2016 at 10:38 AM, Bruno Oliveira <bruno at abstractj.org>
>>>>> wrote:
>>>>>
>>>>>> Hi Andrej, answers inline
>>>>>>
>>>>>> On Wed, Mar 2, 2016 at 6:13 AM Andrej Prievalsky <
>>>>>> ado.boj.83 at gmail.com> wrote:
>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> I would like to summary information about How to add Admin User -
>>>>>>> chapter 3.2.1.
>>>>>>>
>>>>>>> My questions are:
>>>>>>> 1.) From which version (including) is new concept, that there is no
>>>>>>> built in user?
>>>>>>>
>>>>>>
>>>>>> 1.8.0 See:
>>>>>> http://keycloak.github.io/docs/userguide/keycloak-server/html/Migration_from_older_versions.html#d4e4031
>>>>>>
>>>>>>
>>>>>>> 2a.) What is exact command via add-user script (add-user.sh) for
>>>>>>> create admin user ?
>>>>>>>
>>>>>>
>>>>>> See:
>>>>>> http://keycloak.github.io/docs/userguide/keycloak-server/html/server-installation.html#d4e116
>>>>>>
>>>>>>
>>>>>>> 2b.) Same question like in 2a, but in keycloak-overlay (
>>>>>>> add-user-keycloak.sh)?
>>>>>>>
>>>>>>
>>>>>> You are correct. Maybe this is an inconsistency to be fixed.
>>>>>>
>>>>>>>
>>>>>>> Thanks and Best Regards,
>>>>>>> Andrej.
>>>>>>> _______________________________________________
>>>>>>> keycloak-user mailing list
>>>>>>> keycloak-user at lists.jboss.org
>>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>
>>>>>>
>>>>>
>>>> _______________________________________________
>>>> keycloak-user mailing list
>>>> keycloak-user at lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> keycloak-user mailing listkeycloak-user at lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>>
>>>
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>
>>
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160303/3a93a880/attachment.html 


More information about the keycloak-user mailing list