I was wondering if the same password on keycloak can have different secrets.
I am asking this because I had a pod with postgres and one with keycloak and the admin password was not working when accessing the keycloak admin page on the browser.
The reason for this was because on the sql dump file I used to restore the DB, there was already an admin user with a secret.
When I removed all the entries for the user admin on the DB dump it worked.
I assume the password for that user was admin and as such was wondering if my keycloak instance would add a different salt and as such the secret created on my machine be different than the secret stored in the DB dump, even for the same password.
Related
Ran this while trying to manage some permissions with Cloud SQL IAM users:
GRANT "****#*****.iam" to postgres;
Now it appears that my postgres account is an IAM user in the DB. And I can't change it back because I can't log in with my original postgres user password. This was also my only superuser account, so I can't get the proper access to change anything back. GCP dashboard also does not let me modify the password because now it's a "System User". Very strange... how do I resolve this?
Tried logging in with the IAM role that I granted to postgres, that does not work... Not sure what to do beyond file a support ticket with GCP
I'm trying to get authentication working using kerberos in Windows instead of username and password when connecting to PostgreSQL. Very new to this area and would appreciate any thoughts. In essence what I want to achieve is not having the password in the app configuration. Maybe there are other options apart from using kerberos?
Will the following work?
configure Postgres for SSPI authentication
create a user in Postgres with the same user name as the SPN of the user in the AD
pre-create kerberos authentication tickets (somehow magically) for the created user
connect to postgres using psql with the above user without providing the password
If this is at all possible I'm interested in how to achieve that magical part above ^^^
Thanks.
I have a sonarqube instance running in a Kubernetes cluster, connected to postgres rds database. I'm trying to reset the admin password after Keycloak realm change disabled OIDC authentication and now I cannot log in to the instance. Running version 8.9.7.52159 CE, I followed the docs (https://docs.sonarqube.org/8.9/instance-administration/security/) and reset the password via sql query.
I checked the admin user in the database and user has been updated, But when attempting to login via admin username and admin password I get error authentication failed.
Checking logs of pod I can see following errors after realm change:
Caused by: com.nimbusds.oauth2.sdk.GeneralException: The returned issuer doesn't match the expected: https:/keycloak-realm-url
WARN [o.s.s.a.AuthenticationError] Fail to initialize authentication with provider 'oidc'
I can't login to the instance to modify security settings/realm etc. Any ideas why the password reset for admin user isn't working and how can I resolve. Thanks
I created azure active directory admin and give role to pgadmin by using access token I everytime I need to access token whenever I log in but I didnot want to generate access token I want to access role to login postgre by using my own created password what should I do?
So, I've been looking around for more details, but can't find it.
I have a AWS RDS Postgresql cluster. In the typical sense, when I want to add a login to my database, I use the
create user xxxx with password 'yyy'
then I grant that user access to the tables and other rights.
Now, I tried to add another user with secrets manager linked to this RDS database.
I'm not sure what to do next....should that new user I only created in secrets, appear in the login for the database, because I don't see it? How would we grant access to the tables and other things for that user?