[keycloak-user] Testing/Integration testing
Marek Posolda
mposolda at redhat.com
Mon Jan 16 15:13:29 EST 2017
You can take a look at the module "testsuite/integration-arquillian" and
the tests inside there. You're right that admin console tests are not
executed by travis by default, but we have lots of tests for invoking
admin REST endpoints (which is defacto what admin-console invokes under
the covers).
You can take a look at some existing tests. For example BruteForceTest .
Marek
On 16/01/17 17:28, Eriksson Fabian wrote:
> Hello!
>
> I am currently implementing this feature described below. The feature is not really relevant for this question but I thought I could include it.
>
> I was wondering, before I make a PR, should I include integration tests even for the UI (the console module, which from what I can tell is not run with Travis)? And is there a way of testing a single arquillian integration test in an IDE (for the console module)?
>
> I don't know if this is the right forum to ask these questions but I thought I'll give it a try
>
> Thanks in advance
> Fabian Eriksson
>
> -----Original Message-----
> From: Bruno Oliveira [mailto:bruno at abstractj.org]
> Sent: den 11 januari 2017 19:18
> To: Eriksson Fabian
> Cc: stian at redhat.com; keycloak-user at lists.jboss.org
> Subject: Re: [keycloak-user] Brute force detector extension
>
> I believe the best is to create Jira as a feature request. And later you can attach your PR to that.
>
> On 2017-01-11, Eriksson Fabian wrote:
>> Do you want me to create a new feature request through the dev mailing list or could I immediately create a Jira-ticket?
>>
>> Best regards
>> Fabian Eriksson
>>
>> From: Stian Thorgersen [mailto:sthorger at redhat.com]
>> Sent: den 2 januari 2017 09:15
>> To: Eriksson Fabian
>> Cc: keycloak-user at lists.jboss.org
>> Subject: Re: [keycloak-user] Brute force detector extension
>>
>> You can implement a custom provider for the brute force protection that would do what you want. It wouldn't be configurable through the admin console though.
>>
>> I don't see why we couldn't add it as an option to the built-in provider though so if you are happy to send a PR for it including tests we could accept it into 3.x.
>>
>> On 21 December 2016 at 11:24, Eriksson Fabian <fabian.eriksson at gi-de.com<mailto:fabian.eriksson at gi-de.com>> wrote:
>> Hi all!
>>
>> We would like to have ability to configure the brute force detector so it can disable a user account after X failed attempts completely and not only lock him/her out for a period of time (setting the lockout-time to a few years is not enough). In the end we would like the admins of KeyCloak to be able to set a timed lockout-period or set a permanent one for different realms. I guess this would also require the detector to reset the failed-login-attempts count on a successful login.
>>
>> Does this sound interesting and could this then be something that we could contribute with to KeyCloak?
>>
>> Or is there a way to substitute the already existing brute force detector?
>>
>> Thanks in advance!
>> Fabian Eriksson
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
> --
>
> abstractj
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list