Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Motivation

Find a user mangement system for ONAP to use which

  • provides a GUI
  • allows setup via REST
  • doubles as oauth provider

Based on the requirements, Keycloak was chosen.

Version

Keycloak version 11.0.3 is used.

Setup

Execute this script to get a keycloak container up and running and setup default users.

Setup-Workflow

  1. Checks if keycloak docker image is available
    1. get image if not available
  2. starts container on default port with default admin-user (see Script variables)
  3. gets admin bearer-token
  4. creates "onap" realm
  5. adds default users

Script Variables

At the start of the script, several variables are defined. Update accordingly. 

VariableDefault value
ADMIN_USERNAMEadmin
ADMIN_PASSadmin
IP172.18.0.101
PORT8080


Known problems - regenerate/change secret


The "odlux.app" client in the "onap" realm, which is used for authentification from onap, gets created as a 'public' client.

To access the secret via the GUI, the access-type must be changed to 'confidential' and saved. Following, the 'credentials' tab gets visible in the GUI.

On the credentials tab, the current secret can be copied or a new one created.

Currently, the client can not be created as confidential via the REST api.


  • No labels