[keycloak-user] Keycloak User Storage SPI with external data base based on Spring Security
Alvaro Abella
alvaro.abella at bluetab.net
Tue Jul 3 10:33:55 EDT 2018
Thanks Dmitry for your orientation.
I found this project https://github.com/leroyguillaume/keycloak-bcrypt
looking about PasswordHashProvider.
I'm a little lost about how to configure my User Storage SPI to connect
with my database. The first approach is trying to use BCryp to cipher the
password and compare it with the password stored on the database, but I
don't know the salt. I'm trying to discover how Spring Security works.
The only way that I found to connect with an user from this data base, is
to change password from keycloak, and then due the password is stored in
plain text, I can login successfully.
Thanks!
On Mon, Jul 2, 2018 at 11:13 PM, Dmitry Telegin <dt at acutus.pro> wrote:
> Hi Alvaro,
>
> In addition to user storage provider, you'll need to implement a
> org.keycloak.credential.hash.PasswordHashProvider. Use
> Pbkdf2PasswordHashProvider as a reference.
>
> Cheers,
> Dmitry Telegin
> CTO, Acutus s.r.o.
> Keycloak Consulting and Training
>
> Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
> + 42 (022) 888-30-71
> E-mail: info at acutus.pro
>
> On Mon, 2018-07-02 at 18:12 +0200, Alvaro Abella wrote:
> > Hi,
> > I followed this example https://github.com/keycloak/keycloak-quicksta
> > rts/
> > tree/latest/user-storage-jpa and I modified to connect with my Oracle
> > database after a little work with Jboss.
> > Now, I can view all users on my Keycloak admin panel, but I can't
> > login
> > with them into his account because password are cyphered with Bcrypt.
> > How do you usually deal with this situations? Has anyone integrated a
> > Spring-Security-based database with keycloak?
> >
> > Thanks!
> >
> >
>
--
*Álvaro Abella González*
[image: bluetab.net] <http://www.bluetab.net/>alvaro.abella at bluetab.net
More information about the keycloak-user
mailing list