I have a Windows Server 2012 running Couchbase Server and Sync Gateway. I am able to access the Sync Gateway locally, but am unsure how to reset a user account password. I have been able to add a new user via the Admin API on port 4985.
To change a user account password send PUT to the user account.
$ curl -iX PUT http://localhost:4985/default/_user/myuser --data
'{"email":"myuser#gmail.com", "name":"myuser", "password":"NEW_password",
"admin_channels":["myuser", "public", "NEW_channel"]}'
Couchbase Fourms - Update user info with Admin REST API
Related
I have configured OpenLDAP with my keycloak, so that user management is taken care by LDAP. I have successfully sync the users from LDAP and I can see the user details in my List of users in Keycloak.I am using master realm only.
But when I try to generate token giving admin-cli client it gives this error.
Even the Authorization code flow it doesn't work.Tried to log in via keycloak UI it gives Invalid Credentials.
How can we use LDAP users for authentication in Keycloak ?
I'm using the Rocket.Chat REST API for some automated user management. This was working great after I installed Rocket.Chat and my admin user had a username/password combo. Then, I activated the "iframe authentication" system in the admin panel. Now, when I try to use the REST API "login" endpoint, I get the error "User has no password set". Any ideas why this is happening? When I look at the user document in the MongoDB for Rocket.Chat, there is no "password" field (seems to have been deleted when I activated the iframe authentication).
UPDATE: I disabled the "iframe authentication" system and set a new password on my account. Looking at the DB now, that user has a "password" entry, so the password is there. But, now I can't log in because it says my password is incorrect. In summary, this software has a lot of bugs, it seems.
I am trying to setup a Gcloud Auth Login for an account on a server that will cover all users.
i.e.
I login using an administrator account and issue the command..
e.g.
gcloud auth login auser#anemail.com
go through the steps required and when I issue the issue the Gcloud Auth List command I get the right result.
But other users cannot see it.
i.e. we use sap data services that use a proxy account on the server when it is running
e.g.
proxyaccount#mail.com
but that user cannot see the the authorized user I authorized using the administrator account.
I get error "you do not currently have an active account selected"
The "other" accounts do not have administration access nor do we want them to, and besides I don't want to have to go through this process for each and every account that connects to the server.
Ian
Each user gets its own gcloud configuration folder. You can see which configuration folder is used by gcloud by running gcloud info.
Note that if your server is a VM on GCP you do not need to configure credentials as they are obtained from metadata server for the VM.
Sharing user credentials is not a good practice. If you need to do this your users can set CLOUDSDK_CONFIG environment variable to point to one shared configuration folder. Also you should at least use service account for this purpose and activate it via gcloud auth activate-service-account instead of using credentials obtained via gcloud auth login.
I see that I can publish a message through HTTP using RabbitMQ Manager plugin. My problem is that it exposes the exchanges and operations but requires an administrator user to perform the operations. Is that correct
I tryed to publish to this exchange using a user that I configured with write permission:
http://localhost:15672/api/exchanges/%2f/amq.default/publish
And the server returns:
{
"error": "not_authorised",
"reason": "Not management user"
}
But if I try to perform the same operation with the user guest I get the following response:
{
"routed": true
}
Is this correct? Do I need to have an administrator user to consume the HTTP publish API (even with a user that has write permissions)? Are there any other options to have an exchanged published accepting requests based on RabbitMQ User permissions?
Actually this feature is part of the management console and exposes functionalities related to this module. There are no options to configure users without administration role and access the HTTP api.
You have to add the tag to your user:
sudo rabbitmqctl set_user_tags youruser management
I got it from here
I'm implementing an Ouath2 authentication with Spring for our mobile API. So far it works but I don't know how I should keep the resource server separate. So I have an auth server which gives out tokens and refresh tokens using the password grant-type. Meaning the user would log into the mobile app, which sends the auth server the client id/client secret along with the user's
credentials, which results in an access token and a refresh token for the user with the appropriate (ROLE_USER) privileges. Another web based client is for the admins who do the same and get the ROLE_ADMIN privilege etc.
This works well so far.
Now if any client sends a request to the resource server what should happen? Should the resource server check the token's validity? If so in what way? Or should the auth server copy the token into the resource-server's database?
If you #EnableResourceServer you get a filter that checks access tokens. It needs to share a TokenStore with the auth server. That's about it to get something working.