I'm stuck on some of the following steps in Keycloak's basic-auth example:
"Build and deploy this sample's WAR file" - How do I deploy the war file?
"Simply change the username" - What username? There wasn't any username in the curl example :(
Can you help me out? Thanks.
Related
Given below is my command to install bitnami keycloak on my kubernetes cluster
helm install kc --set auth.adminPassword=admin,auth.adminUser=admin,service.httpPort=8180 bitnami/keycloak -n my-namespace
I want to import realms(contains users,groups,clients and roles) into my keycloak but before i do that i need to enable upload scripts flag , most of you might already know that we can do that in using standalone.sh as given below
on standalone keycloak installation
bin/standalone.bat -Djboss.socket.binding.port-offset=10 -Dkeycloak.profile.featur
e.upload_scripts=enabled
can someone help me how can I do this using helm install command by passing flags just as I am doing for auth.adminPassword=admin,auth.adminUser=admin,service.httpPort=8180
thanks in advance
In your Keycloak yaml file you need to add the field extraEnvVars and set the KEYCLOAK_EXTRA_ARGS environment variable as shown in the example below:
keycloak:
enabled: true
auth:
adminUser: admin
adminPassword: secret
extraEnvVars:
- name: KEYCLOAK_EXTRA_ARGS
value: -Dkeycloak.profile.feature.upload_scripts=enabled
extraVolumeMounts:
...
Bear in mind, however, that the feature upload_scripts will be remove from Keycloak in the future.
From Keycloak Documentation:
Ability to upload scripts through the admin console is deprecated and
will be removed in a future version of Keycloak
As dreamcrash said, the upload_scripts feature is deprecated. As to what is the replacement, the Keycloak documentation says:
Administrators should always deploy scripts directly to the server using a JAR file to prevent attacks when you run scripts at runtime.
Meaning that you should upload your scripts as a JAR file into a specific folder (/opt/jboss/keycloak/standalone/deployments/ in case of a docker container?), and avoid putting them into the real import file. More info in the Keycloak documentation.
i try to add security to my Api defined in Gravitee.io with a keycloaK apikey .
I've tried to add resource in my api conf but i not found resource "Keycloak provider" to paste my keycloak json file. like in the last screenshot of this readme :
https://github.com/gravitee-io/breizhcamp-2018-tia
I use Gravitee.io 1.24 (last docker image) and keycloak 5.0.0
please help me ;-)
You need to download the keycloak resource plugin and drag & drop the zip file into the both directories 'plugin' of your instances (gateway and management) :) You can found it at this link : https://download.gravitee.io/graviteeio-apim/plugins/resources/gravitee-resource-oauth2-provider-keycloak/
Have a good day :)
I have my username and password stored in Vault server. While using jenkins pipeline I want to use those credentials in my jenkinspipeline file to run adn ansible play that will use those credentials on the target machine to log in and perform tasks. How can i do that in jenkinsfile ?
Well I could figure out... the official documentation itself is wrong.
Correct usage is described here: https://issues.jenkins-ci.org/browse/JENKINS-45685
Openshift gives a login command for oc upon clicking copy login command but Eclipse asks for a server url and a token.
I tried putting server url and token from the copied command but it shows login error.
It shows "The server type, credentials, or auth scheme might be incorrect."
Openshift login
Where can I find these details for login?
Please help me login to openshift using eclipse.
if you look at what "Copy Login Command" in the Web-UI for OpenShift gives you you'll see something similar to this:
oc login https://192.168.64.39:8443 --token=XXXXXXXXXXXXXXXXXXXXXXXX
There are all informations that you need to connect via Eclipse. You have the server url https://192.168.64.39:8443 and the token that you can give Eclipse when switching the authentication to OAuth.
I'm using the cf CLI to deploy a spring boot application to Bluemix. I'm getting an error 'RSA premaster secret error' as can be seen here: RSA premaster secret error when using webHDFS from BigInsights on cloud
I'm deploying my application like this:
# Create a Liberty application in Blumemix.
# Set APPNAME (below) to the name of the application.
APPNAME=<<theappname>>
cf login -u cf_username -p cf_password
cf push $APPNAME -p build/libs/myapp.jar
It seems that I need to add a certificate to the truststore - what are the additional steps for doing this? From what I can tell I need to repackage the liberty server to do this.
The above code snippet encapsulates my entire knowledge about liberty, please take that into account when providing an answer. For instance, I have seen some answers suggesting that I need to edit server.xml, but I don't have this file, so presumably I need to create it from scratch, or generate it some how?
I have seen similar questions, but the workflow I'm specifically asking about to add a certificate is when I'm using the cf CLI tools.
There's no one thing to do to accomplish this task, it will require several steps:
1) Ensure Liberty & Spring app works locally. The data below will guide you through ensuring Liberty & Spring are setup correctly:
How to use Websphere liberty in spring boot application
http://www.adeveloperdiary.com/java/spring-boot/deploy-spring-boot-application-ibm-liberty-8-5/
2) Configure security for your app in Liberty:
https://www.ibm.com/support/knowledgecenter/SSAW57_9.0.0/com.ibm.websphere.nd.multiplatform.doc/ae/tsec_7add_signercert.html
3) Deploy a packaged server to Bluemix from the CF command line:
https://console.ng.bluemix.net/docs/runtimes/liberty/optionsForPushing.html