我们可以将用户添加到“主”之外的其他领域的密钥库中吗?

时间:2018-09-23 21:06:14

标签: http exception keycloak

我可以将用户添加到keycloak,但只能在主领域中。有没有办法将用户添加到master以外的其他领域?

我尝试并收到HTTP 401未经授权的异常。

2 个答案:

答案 0 :(得分:1)

听起来像您的用户在其他领域没有manage-users角色。

只需转到管理领域,查找您的用户,导航至Role mappings标签,然后在Client Roles下拉列表中选择正确的领域,然后将manage-users添加为角色。对所有领域重复。

答案 1 :(得分:0)

//Here's how I created a user to my realm using Java 

@Override
public UserDto registerNewUserAccount(final UserDto accountDto) {
    String keycloakPassword = accountDto.getPassword();

    accountDto.setPassword(passwordEncoder.encode(accountDto.getPassword()));
    accountDto.setEnabled(1);
    UserDto user = userRepository.save(accountDto);

    AuthorityDto role = new AuthorityDto();
    role.setUserName(accountDto.getLogin());
    role.setAuthority("ROLE_USER");

    authorityRepository.save(role);

    Keycloak kc = Keycloak.getInstance(
            "https://www.zdslogic.com/keycloak/auth",  /your server
            "zdslogic",  //your realm
            "richard.campion", //user 
            "Changit", //password
            "admin-cli"); //client


    CredentialRepresentation credential = new CredentialRepresentation();
    credential.setType(CredentialRepresentation.PASSWORD);
    credential.setValue(keycloakPassword);

    UserRepresentation keycloakUser = new UserRepresentation();
    keycloakUser.setUsername(accountDto.getLogin());
    keycloakUser.setFirstName(accountDto.getFirstName());
    keycloakUser.setLastName(accountDto.getLastName());
    keycloakUser.setEmail(accountDto.getEmail());
    keycloakUser.setCredentials(Arrays.asList(credential));
    keycloakUser.setEnabled(true);
    keycloakUser.setRealmRoles(Arrays.asList("user"));

    // Get realm
    RealmResource realmResource = kc.realm("zdslogic");
    UsersResource usersRessource = realmResource.users();

    // Create Keycloak user
    Response result = null;
    try {
        result = usersRessource.create(keycloakUser);
    } catch(Exception e) {
        System.out.println(e);
    }

    if (result==null || result.getStatus() != 201) {
        System.err.println("Couldn't create Keycloak user.");
    }else{
        System.out.println("Keycloak user created.... verify in keycloak!");
    }

    return user;

}