i try to add security to my Api defined in Gravitee.io with a keycloaK apikey .
I've tried to add resource in my api conf but i not found resource "Keycloak provider" to paste my keycloak json file. like in the last screenshot of this readme :
https://github.com/gravitee-io/breizhcamp-2018-tia
I use Gravitee.io 1.24 (last docker image) and keycloak 5.0.0
please help me ;-)
You need to download the keycloak resource plugin and drag & drop the zip file into the both directories 'plugin' of your instances (gateway and management) :) You can found it at this link : https://download.gravitee.io/graviteeio-apim/plugins/resources/gravitee-resource-oauth2-provider-keycloak/
Have a good day :)
Related
The latest 7.42.0.Final kie-server or kie-server-showcase container is working and deployed but context path /kie-server is forbidden. But, the rest service is working fine. Any reason?
I followed the document mentioned in this repo
https://hub.docker.com/r/jboss/kie-server-showcase/
You can look into web.xml here: https://github.com/kiegroup/droolsjbpm-integration/blob/master/kie-server-parent/kie-server-wars/kie-server/src/main/webc-resources/WEB-INF/web.xml
Except some urls, all of them need kie-server and user roles for authorization.
Best regards,
I have connected the Alibaba Cloud OSS bucket using OSSFS. But now I want to change the OSS Bucket to another URL. But I want to check which URL it is configured now?
I have checked the documentation and also the OSSFS --help But there is no basic info command available.
Thanks
You need to configure and set the custom domain name to the public endpoint of the bucket.
Refer the following link:
https://www.alibabacloud.com/help/doc-detail/31902.htm
I'm trying to configure Community edition Grafana(official docker image) with Okta integration.
After doing Okta configuration, Okta authenticates and redirect request to grafana, where I hosted it,
But, it shows following error:
login.OAuthLogin(missing saved state)
I'm not using any database for storing sessions. I want to save it on local file only.
Please suggest.
I had the same problem, which had to do with the 'email' attribute not being available to Grafana.
Make sure that 'api_url' contains 'email'.
In Grafana OAuth config, set the following:
email_attribute_path
email_attribute_name
Example:
[auth.generic_oauth]
email_attribute_path=email
email_attribute_name=email
Example Grafana Configuration containing these properties can be found here: https://github.com/grafana/grafana/blob/v6.4.0/conf/sample.ini
Thanks for response, I found detailed help at: https://www.gyanblog.com/gyan/how-configure-grafana-dashboard-oauth-okta-ssl-docker-nginx/
I'm trying to setup Rancher to use Keycloak as an authentication provider and following the setups laid out here. The last step says to export the metadata in the SAML Metadata IDPSSODescriptor format but I only see SAML Metadata SPSSODescriptor as an option. I've tried using that but authentication isn't working - it opens another window with the same Keycloak setup page when clicking the Authenticate with Keycloak button to validate the setup. There are no errors in the Docker logs for either the Rancher or Keycloak containers when running docker logs CONTAINER command.
I'm wondering if I need to do something specific to setup Keycloak as an IDP to get the correct metadata option but I can't find anything in their documentation.
For Keycloak 6.0 and up, along with the location of the IDPSSODescriptor even its format has changed. This doc explains how that can be edited to be used by Rancher
From the Installation tab, choose the SAML Metadata IDPSSODescriptor format option and download your file.
Or you can directly visit Keycloak URL with IDPSSODescriptor metadata:
https://<keycloak-domain>/auth/realms/<realm>/protocol/saml/descriptor
I am trying to integrate SAML authentication for SuiteCRM 7.8.5 version. Have set up the Login URL, SLO URL and X509 Certificate in the Password Management page.I also have a Shibboleth IDP installed on another server and need the metadata of the SuiteCRM installtion to configure there. I have been going through the suitecrm forums and also tried to make some connection with the sugarcrm docs to find out the url/location for getting the metadata xml. But so far no luck.
Is there any url that will give the metadata?
Any help is greatly appreciated.
Thanks
There is no metadata xml automatically generated unfortunately, you will need to craft your own but the key information you need is:
AssertionConsumerService = "https://yourcrm.com/index.php?action=Login&module=Users"
SingleLogoutService = "https://yourcrm.com/index.php?action=Login&module=Users"
NameIDFormat = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
nameidattribute = "uid"
The login action handles both login and logout when used with SAML. Note the name id attribute you use is equivalent to the users.user_name database field and that is what SuiteCRM will login as.
This has changed in recent versions of SuiteCRM. Metadata are located here: https://suitecrm-domain.tld/index.php?entryPoint=SAML2Metadata