Beside having some roles from database (using org.jboss.security.mapping.providers.role.DatabaseRolesMappingProvider), I would like to assign some fixed role for all authenticated user. How could I achieve that in JBoss 7?
Thanks
You can make authentication with basic or digest method. Here the guide:
[http://docs.jboss.org/exojcr/1.14.7-GA/developer/en-US/html/ch82.html
Related
What can it be for, what logic can be there?
I suppose there should be a connection to keycloak, maybe checking access to create roles and users, am I right or wrong?
It may mean that you need to deploy Keycloak in its own container, separate from the apps.
we are using keycloak in our product. I am trying to find a way to integrate root user of the machine hosting the keycloak as keycloak admin. Main criteria is on the machine in which keycloak is installed root should be able to access keycloak functions as keycloak admin without providing password. Is it possible now, if possible how to do this.
Let me know if you need more information.
Thanks,
Naga
You can use admin CLI on the server https://www.keycloak.org/docs/latest/server_admin/index.html#the-admin-cli
I have an application which uses LDAP authentication against AD, which works fine. However the UserDN and password for accessing LDAP are in clear text in the config files, and I would like to avoid clear text passwords.
In Softerra LDAP browser you have the option to authenticate with "Currently logged in user", does anyone know if this type of Windows Authentication is possible with Spring LDAP? Or is there perhaps another way to avoid credentials in config files (like using the credentials of the user trying to authenticate)?
With Microsoft SQL server, it is possible to do Windows Authentication via JDBC, since Microsoft provides some native code, has anyone heard about a similar functionality when using LDAP against AD?
"Currently logged in user"
this may mean that Kerberos based SASL authentication is used
You may check
https://docs.spring.io/spring-security-kerberos/docs/current/reference/htmlsingle/#ssk-kerberosldap
and
https://docs.spring.io/autorepo/docs/spring-security-kerberos/1.0.1.RELEASE/api/org/springframework/security/kerberos/client/ldap/KerberosLdapContextSource.html
The latter shows how the Kerberos ticket cache can be used.
I configured LDAP as User Federation (with role-ldap-mapper) and successfully imported users with their roles to Keycloak.
When I go to Users->{user}->Role Mappings I see every roles that are signed to a user (imported from LDAP), but when I go to Roles->{role}->Users In Role I see nothing.
Is it a bug or a feature? Or maybe I configure something wrong?
Users roles
Empty Users in Roles
LDPA Role mapper configuration
I faced the same issue. I changed the Mode (inside LDAP role mapper) to Import instead of READ_ONLY and I was able to see users under a role.
Please create mapper of type msad-lds-user-account-control-mapper.
It works for me.
I have a JBoss Application server on which i deployed a primefaces app. I would like to give the user an address like:
"username.mysite.com"
"jondoe.mysite.com"
"user2.mysite.com"
and username would be its account. So he juste would have to put his password and not username. Is that possible?
Yes, it's possible. You can read on mapping subdomains on this thread, after that is in place it's just about asking a password and doing the auth based on that.