keycloak

问题 I'm trying to deploy the Keycloak image Keycloak HA Postgres in openshift 3.6. As precondition I have to say I can't run docker on my local machine, so I have to create the image from oc new-app command. When I try to call oc new-app jboss/keycloak-ha-postgres then the image is downloaded but I have errors when the server starts: Cannot start embedded server: Failed to instantiate class "org.jboss.logmanager.handlers.PeriodicRotatingFileHandler" for handler "FILE": java.lang.reflect

问题 I'm using Keycloak to send a forgot password email, and from what I've read on their docs and the FreeMarker docs, it seems like I should be able to use HTML tags just fine. However, when I use them in the password-rest.ftl file, it renders the whole tag like so: <p>Some Text</p> instead of just showing: Some Text I found this (https://issues.jboss.org/browse/KEYCLOAK-681) saying that Keycloak can only send plain text emails, and I just wanted to see if anyone knew for sure since I have found

问题 I'm using Keycloak to send a forgot password email, and from what I've read on their docs and the FreeMarker docs, it seems like I should be able to use HTML tags just fine. However, when I use them in the password-rest.ftl file, it renders the whole tag like so: <p>Some Text</p> instead of just showing: Some Text I found this (https://issues.jboss.org/browse/KEYCLOAK-681) saying that Keycloak can only send plain text emails, and I just wanted to see if anyone knew for sure since I have found

问题 I'm triyng to use keycloak AdminAPI (https://www.keycloak.org/docs-api/3.0/rest-api/index.html#_users_resource) to create user and assign client roles. I'm receiving correct token, and user is created but assigning roles return 404 I'm using Postman to connect with API: /auth/realms/{realmName}/protocol/openid-connect/token Content-Type application/x-www-form-urlencoded <-with parameters ofc /auth/admin/realms/{realmName}/users Content-Type application/json Authorization Bearer {TOKEN} Body:

问题 I need to check that my token is not expired before I send every HTTP request. I'm trying to make injection using Http Interceptor like this: class HttpInterceptor extends Http { constructor(backend: ConnectionBackend, defaultOptions: RequestOptions, private _router: Router) { super(backend, defaultOptions); } get(url: string, options?: RequestOptionsArgs): Observable<Response> { const keycloak$: Observable = KeycloakService.updateToken(); return keycloak$.map((options) => { return super.get

问题 I have been been playing with spring boot and been successful in using Keycloak and Vaadin separately in different projects. Now, I wanted to combine both to avoid having to implement my own security using Vaadin. The result I have so far can be found here: github project. I started from the shared security example given by vaadin4spring. I then added the Keycloak configuration as given by the keycloak-spring-security-adapter and the keycloak-spring-boot-adapter. I have now hit a wall in

问题 I'm struggling with registering a custom ProtocolMapper in Keycloak. I would like to add some data from my database on token request. So i followed the idea given in Keycloak add extra claims from database / external source. I implemented the ProtocolMapper interface and added the file META-INF/services/org.keycloak.protocol.ProtocolMapper containing the reference to my class. So far so good and Keycloak recognizes the new implementation. I'm also able to configure it via the admin console.

问题 My application consists of: backend/resource server UI webapp keycloak The UI is talking with the backend server via RESTful API using the keycloak client with authorization code grant flow. This is working fine. Now, I need the additional possibility to access resource of the backend using a system/service account (with usually more permissions than the user). How would you implement this requirement? I thought the client credentials flow would be useful here. Is it possible to use the

问题 I'm using Keycloak version 1.6.1, newly installed as a standalone application. Keycloak should act as an IdP (Identity provider) for an SP (Service Provider) called Tableau. I have read from this page: http://blog.keycloak.org/2015/03/picketlink-and-keycloak-projects-are.html ... Keycloak from being Identity Broker grew into being fully fledged Identity Provider While it was an Identity Broker, it is now also an Identity Provider. My question is then: I have exported the SP XML Metadata from

问题 My login component briefly displays before being removed by an error message about an undefined object in a promise. Here is the promise definition: static init(): Promise<any> { KeycloakClientService.auth.loggedIn = false; return new Promise((resolve, reject) => { const keycloakConfig = { url: environment.KEYCLOAK_URL, realm: environment.KEYCLOAK_REALM, clientId: environment.KEYCLOAK_CLIENTID, 'ssl-required': 'external', 'public-client': true }; const keycloakAuth: any = new Keycloak