keycloak

问题 I have a native android client with OAuth2 authentication to my JHipster monolithic app. It worked properly with the JHipster version 5.7.2 , but now I am using version 6.0.1 and I am not been able to get the current user by using getAccount(Principal principal) method in AccountResource class. the object sent by keycloak is not an instance of OAuth2AuthenticationToken class, so I am getting a Exception "User could not be found" In the previous version I used to get a OAuth2Authentication

问题 I have an application that makes use of the use of account linking with keycloak and spring. The account linking works alright but the issue is account unlinking Kindly click here to check out the account linking Keycloak Identity Broker API Now i want to create similar one for account UNLINKING. I couldn't get around it 来源： https://stackoverflow.com/questions/57877569/unlinking-social-provider-from-user-keycloak

问题 I am running a keycloak instance connected to Amazon RDS Postgres with this docker command: docker run --rm --name keycloak \ -p 9090:8080 -e KEYCLOAK_USER=xxx \ -e KEYCLOAK_PASSWORD=xxx \ -e DB_VENDOR=postgres \ -e DB_ADDR=mydb2.xxx.rds.amazonaws.com:5432 \ -e DB_USER=xxx \ -e DB_PASSWORD=xxx \ -e DB_DATABASE=keycloak \ jboss/keycloak:latest But it cannot connect to the DB: 05:18:54,776 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add

问题 I try to implement a simple OAuth2 "Client Authentication with Signed JWT" Demo App using Spring Boot and Keycloak as AuthService. The idea is: one secured REST service "The Producer" offering an endpoint GET /person for all users/principals with the role "read_person" offering an endpoint POST /person for all users/principals with the role "write_person" another (unsecured) REST service "The Consumer" offering an enpoint /api open for everybody calling internal the "producer" via Feign

问题 Hi I have a problem with send email to reset password. I using Keycloak 4.8. In documencation I found: Send a update account email to the user An email contains a link the user can click to perform a set of required actions. PUT /{realm}/users/{id}/execute-actions-email And required params: id , realm and actions . I write method using Guzzle: $client = new \GuzzleHttp\Client(); $response = $client->request('put', 'https://myserwerkeycloak.com/auth/admin/realms/testrealm/users/a98e...00d1

问题 I'm using keycloak 3.4.3 Server and 3.4.3 springboot adapter. The login is done with the Java Adapter using the following json configurations: { "realm": "real name", "auth-server-url": "http://172.21.34.65/auth", "ssl-required": "external", "resource": "appName", "public-client": true, "use-resource-role-mappings": true } The token is refreshed with non ajax calls but when the request contains the header X-Requested-With: XMLHttpRequest the token is not refreshed. Is there a problem with my

问题 I configured LDAP as User Federation (with role-ldap-mapper) and successfully imported users with their roles to Keycloak. When I go to Users->{user}->Role Mappings I see every roles that are signed to a user (imported from LDAP), but when I go to Roles->{role}->Users In Role I see nothing. Is it a bug or a feature? Or maybe I configure something wrong? Users roles Empty Users in Roles LDPA Role mapper configuration 回答1: Please create mapper of type msad-lds-user-account-control-mapper. It

问题 Somehow I'm lost with Spring Security and Keycloak. In an application I successfully receive an access token from my Keycloak instance. I then use this token for a request against my Spring Security server (which uses the same Keycloak instance). But all I get are 403 errors. Here are code excerpts (written in kotlin): Security Config: @KeycloakConfiguration abstract class MyConfig : KeycloakWebSecurityConfigurerAdapter() { @Autowired lateinit var keycloakClientRequestFactory:

问题 So i have a client which consumes an api. The API is secured with keycloak. Users signs in normally, but i want to allow users to sign in user without having to go keycloak's login page with their social media accounts like facebook or google. I need a rest API with an implementation of how to get a url generated so when user click on this url in a button, it will take the user to the respective social login page to login while keycloak still serves as the broker. Below is my implementation,

问题 I'm trying to deploy the Keycloak image Keycloak HA Postgres in openshift 3.6. As precondition I have to say I can't run docker on my local machine, so I have to create the image from oc new-app command. When I try to call oc new-app jboss/keycloak-ha-postgres then the image is downloaded but I have errors when the server starts: Cannot start embedded server: Failed to instantiate class "org.jboss.logmanager.handlers.PeriodicRotatingFileHandler" for handler "FILE": java.lang.reflect