I am trying to impersonate user(system user) using admin session.
For admin session, I am using repository.loginAdministrative which is now deprecated. I dont want to use this.
Is there any other way I can replicate admin user and save the node under desired location and use the same.
http://www.wemblog.com/2014/08/how-to-use-sessions-and-resource.html?m=1 shows how to do this on version 6 and above.
Please try to create a system user with proper permissions and use the system user.
Related
On keycloak, I want to add some users from external storage but not some.
For those who will use an external database, spi works fine, but when I want to add users who do not know about the external database directly to the local database of keyclok, I get stuck on spi and get an error.
It succeeds to add user from other use to disable spi. But i need more efective solution.
Can you help, please?
Thank you
In Keycloak you can have users both using the user spi(external data-source) and also the users directly managed by keycloak in parallel.
You don't have to disable User SPI to add keycloak managed users.
Of-course this depends on how you have implemented your SPI, but it's possible and I have tried it.
If you share more details on your user SPI implementation and error logs, it would help in suggesting a solution.
I using back4app service and as admin I would like to fetch PFUser records and delete some of them if needed.
Currently I am getting error:
User cannot be deleted unless they have been authenticated.
I logged in as a PFUser. Is are any possibilities to do it via masterKey or smth like this?
The best option I see here is to use cloud code as you would not want to give authenticated users permission to delete other users.
So basically you would have to write a Cloud code function where you retrieve users and delete them.
Have a look at this guide below
https://help.back4app.com/hc/en-us/articles/360045500871-How-to-update-a-user-
I am planning to give user access programmatically. So, I want to add users to keycloak groups. Is there any way to automate this?
You can define some groups as default groups, then they will be added to any created users automatically. You can do this in the admin console.
I'm investigating a migration process from a legacy system into keycloak. Based on some of the ideas here: https://github.com/Smartling/keycloak-user-migration-provider we're looking to create user accounts in keycloak at the point of login by looking up user credentials from some dedicated endpoints on our legacy system.
As part of this, I need the user ID to remain the same as it was in the legacy system.
Is it possible to create a user with a specified ID rather than relying on keycloak to auto-generate it?
Running into this issue when attempting to create users via the API, I looked into the code for the users service. It looks like it is currently not possible to set the user id due to how the user is created.
From the code in https://github.com/keycloak/keycloak/blob/master/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java specifically on line https://github.com/keycloak/keycloak/blob/7cfe6addf01676939206e034a87c791460031032/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java#L115 the user is first created using the username, then updated. I believe id is not an updatable field. Thus it is not currently possible.
Checking the api I see it is now possible to add an optional "id" field in the userRepresentation object that you pass to create a new user in keycloak.
Find more information here: https://www.keycloak.org/docs-api/5.0/rest-api/index.html#_userrepresentation
I want to implement database authentication in mongodb.
In order to do that, I found out that I need to first create an admin user and then create separate users for each of my database through mongodb client shell (manually or using a javascript file).
I was wondering if it is possible to add user to the individual databases from the spring application itself but did not get any useful pointers to do this. Is it that this approach is wrong because if this possible the application will always be able to access the database because it itself is creating the user, but external access will still be blocked.
Please let me know how this can be achieved or if it is an incorrect approach.
After you add a normal user via the MongoShell, you can then connect via your application and create either normal users, or read only users.
Note that a normal user can also add users, so the users your application adds may need to be down as read only users depending on your use case and needs.
In the MongoShell, adding a read only user can be done via
use myAppDB
db.addUser("JohnSmith", "CheddarCheese", true)