95 lines
4.1 KiB
JSON
95 lines
4.1 KiB
JSON
{
|
|
"id": "kerberos-demo",
|
|
"realm": "kerberos-demo",
|
|
"enabled": true,
|
|
"sslRequired": "external",
|
|
"privateKey": "MIICXAIBAAKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQABAoGAfmO8gVhyBxdqlxmIuglbz8bcjQbhXJLR2EoS8ngTXmN1bo2L90M0mUKSdc7qF10LgETBzqL8jYlQIbt+e6TH8fcEpKCjUlyq0Mf/vVbfZSNaVycY13nTzo27iPyWQHK5NLuJzn1xvxxrUeXI6A2WFpGEBLbHjwpx5WQG9A+2scECQQDvdn9NE75HPTVPxBqsEd2z10TKkl9CZxu10Qby3iQQmWLEJ9LNmy3acvKrE3gMiYNWb6xHPKiIqOR1as7L24aTAkEAtyvQOlCvr5kAjVqrEKXalj0Tzewjweuxc0pskvArTI2Oo070h65GpoIKLc9jf+UA69cRtquwP93aZKtW06U8dQJAF2Y44ks/mK5+eyDqik3koCI08qaC8HYq2wVl7G2QkJ6sbAaILtcvD92ToOvyGyeE0flvmDZxMYlvaZnaQ0lcSQJBAKZU6umJi3/xeEbkJqMfeLclD27XGEFoPeNrmdx0q10Azp4NfJAY+Z8KRyQCR2BEG+oNitBOZ+YXF9KCpH3cdmECQHEigJhYg+ykOvr1aiZUMFT72HU0jnmQe2FVekuG+LJUt2Tm7GtMjTFoGpf0JwrVuZN39fOYAlo+nTixgeW7X8Y=",
|
|
"publicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
|
"requiredCredentials": [ "password", "kerberos" ],
|
|
"defaultRoles": [ "user" ],
|
|
"scopeMappings": [
|
|
{
|
|
"client": "kerberos-app",
|
|
"roles": [ "user" ]
|
|
}
|
|
],
|
|
"clients": [
|
|
{
|
|
"clientId": "kerberos-app",
|
|
"enabled": true,
|
|
"baseUrl": "/kerberos-portal",
|
|
"redirectUris": [
|
|
"/kerberos-portal/*"
|
|
],
|
|
"adminUrl": "/kerberos-portal",
|
|
"secret": "password",
|
|
"protocolMappers": [
|
|
{
|
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
|
"protocol" : "openid-connect",
|
|
"name" : "username",
|
|
"consentText" : "username",
|
|
"consentRequired" : true,
|
|
"config" : {
|
|
"Claim JSON Type" : "String",
|
|
"user.attribute" : "username",
|
|
"claim.name" : "preferred_username",
|
|
"id.token.claim" : "true",
|
|
"access.token.claim" : "true"
|
|
}
|
|
},
|
|
{
|
|
"protocolMapper" : "oidc-usersessionmodel-note-mapper",
|
|
"protocol" : "openid-connect",
|
|
"name" : "gss delegation credential",
|
|
"consentText" : "gss delegation credential",
|
|
"consentRequired" : true,
|
|
"config" : {
|
|
"user.session.note" : "gss_delegation_credential",
|
|
"claim.name" : "gss_delegation_credential",
|
|
"id.token.claim" : "false",
|
|
"access.token.claim" : "true"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"roles" : {
|
|
"realm" : [
|
|
{
|
|
"name": "user",
|
|
"description": "Have User privileges"
|
|
}
|
|
]
|
|
},
|
|
"userFederationProviders": [
|
|
{
|
|
"displayName": "kerberos-ldap-provider",
|
|
"providerName": "ldap",
|
|
"priority": 1,
|
|
"fullSyncPeriod": -1,
|
|
"changedSyncPeriod": -1,
|
|
"config": {
|
|
"syncRegistrations" : "false",
|
|
"connectionPooling" : "true",
|
|
"pagination" : "true",
|
|
"allowKerberosAuthentication" : "true",
|
|
"debug" : "true",
|
|
"editMode" : "WRITABLE",
|
|
"vendor" : "other",
|
|
"usernameLDAPAttribute" : "uid",
|
|
"rdnLDAPAttribute" : "uid",
|
|
"uuidLDAPAttribute" : "entryUUID",
|
|
"userObjectClasses" : "inetOrgPerson, organizationalPerson",
|
|
"connectionUrl" : "ldap://localhost:10389",
|
|
"usersDn" : "ou=People,dc=keycloak,dc=org",
|
|
"bindDn" : "uid=admin,ou=system",
|
|
"bindCredential" : "secret",
|
|
"kerberosRealm" : "KEYCLOAK.ORG",
|
|
"serverPrincipal" : "HTTP/localhost@KEYCLOAK.ORG",
|
|
"useKerberosForPasswordAuthentication": "true",
|
|
"keyTab" : "http.keytab"
|
|
}
|
|
}
|
|
]
|
|
}
|