Can you please help me with some insight on using my own User repository/ database table for Identity server (IdentityServer3) to authenticate against?
I know other people have done it, but can’t seem to figure out how?
You need to write a user service. The docs and samples have very good coverage of that.
https://identityserver.github.io/Documentation/docs/advanced/userService.html
Related
I am using keycloak on one of my projects. On the backend I am using sringboot and calling Keycloak REST API.
I would love to have info about roles (better would be client's roles, but realm roles will be sufficient) of each users, when fetching it's profile.
URL where I am trying to fetch user: <host>/admin/realms/<realm>/users/<id>
At this moment, I have to programmatically loop over each user and fetch his roles. Which means many and many additional requests. Imagine having 500 users... And yes, I know I could paginate them etc.
I have been trying to find something on the internet for sooo long time, but nothing works. I am able to add them to the access token, but I can't add them to the user info.
If there is anyone who knows how to enrich user info, just point me the right directions. I have been messing with client scopes for so long and I still don't understand them at all. I could not even find a good tutorial on this topic..
You should develop your own KeyCloak extension:
https://www.keycloak.org/docs/latest/server_development/#_extensions_rest
You need java and nhibernate skills.
Checked from this answer that, in case of tableau redirected you too many times, we first have to login to the tableau manually so that the logged in session in stored and then refresh the HTML page in which the tableau is embedded to load the tableau in HTML.
This seems to be little absurd/inconvenient. Is there a way to achieve that without any such efforts?
Check on other sites which says to clear cache/change content settings etc. My concern is that, when my application (which contains this embedded tableau) is hosted in a server, it would required all the application users to do all these manual processes. Which is not recommended.
Kindly help on a suitable suggestion on this. Thanks
I hope this will help someone in the near future.
The only thing to check on encountering this error is to know, whether you use a domain server/you have created your tableau credentials with a domain server.
The generic https://tableau/views/.. URL will not work, since the UI in which you are trying to embed the code, will hold the credentials that belongs to your domain and not the common domain of tableau. So, the tableau will be retrying you credentials in its common domain.
What you have to do is to concatenate the tableau with your domain like: https://tableau.ent.domain.lld.com/views/..
This will use your credentials to the tableau used on your domain server.
Hope this will help.
Let's assume I have a project similar to the google sample code:
https://github.com/googlesamples/android-architecture-components
I want to add an account system to the app. How can I persist data and make the following scenario work:
go to persistent-data-fragment and load data from backend
log out
log into a different account
go to that same fragment
As a result, I should not be able to see the first user's data and instead load them from backend for the second user. How to use Room for that?
It a generic question, so I can answer with a generic answer :).
1 - on the server side you need to authenticate a user that access to REST services. There are many ways to do this. JWT is a good solution. Start reading this article.
2 - on the client side, probably you need to introduce in your database a user table and link other database's entities to user identity. Using Room you have to declare a user bean and then link them to other room entities.
I hope it helps.
I want to use mongolab from client js. I aware that reading data from db will be accessible for anyone who knows my API key. But I must to forbid modifying of database. I can't search for actual information. Only old posts, that could be already outdated (I hope guys from mongolab improving their product). I think that it may be possible because we have different API keys for each account user.
So, is it possible at current time to set read only access for account user?
It seems that basic functionality such as user login, can not be done in simple manner: to have username and password field in form on client and based on that to create store.readPathAccess model access rights. Also, how to check if user is logged in to implement access rights on routes?
Based on examples and (poor) DerbyJS documentation, if I understood it correctly, you have to implement login in server module (lib/server/*) because:
store.readPathAccess must be used in server side
you want to store data in model session (which can be read only on server side)
But many questions arise:
if it has to be done on server side, how to get and store client form data on server side without having problem with second item below on the list (I have done it with manually submitting data to server-only route, but can not then save it in model with local key because I have to redirect to client route after that and local model data is lost)
how to read later that data if it must be stored in session?
even if the store access rights for model is managed, how to check if this specific user is logged in when in client routes?
I'm quite confused at the moment... liked Derby principles, but this authentication problems are playing with my nerves seriously.
I know I may not be quite clear, but there are many points to go in details and if anyone can help I'll gladly give more required info.
Thank you,
Eddie
I found this library today called derby-auth.
It uses passport for signing in and has a good example using a simple register and login form.
What it does is to set some routes on the server for logging the user, and a middleware to tell the client if it's logged or not.
It does have some bugs (a few callback calls missing that break some things), so i wrote my own based on that, but must clean a lot of things before uploading anywhere.
i'd be glad to send it to you if you want to, though.
The most current library is https://github.com/derbyparty/derby-login
It has been updated pretty regularly and works with derbyjs 0.6