Skip to content
Branch: master
Find file History
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
..
Failed to load latest commit information.
go
java
jupyterhub
node.js
py
react.js
README.md
entries-1.ldif
entries-2.ldif
keycloak.yml

README.md

Datalayer

Keycloak Lab

cd $DLAHOME/lab/apps/keycloak && \
  docker-compose -f keycloak.yml up -d && \
  docker-compose -f keycloak.yml ps && \
  sleep 3s && \
  ldapadd -x -D "cn=admin,dc=datalayer,dc=io" -w admin -H ldap:// -f entries-1.ldif && \
  ldapsearch -x -D "cn=admin,dc=datalayer,dc=io" \
    -w admin -H ldap://localhost:389 \
    -b "ou=users,dc=datalayer,dc=io" \
    -s sub "(uid=*)"
# password is `123`
ldapadd -x -D "cn=admin,dc=datalayer,dc=io" -w admin -H ldap:// -f entries-2.ldif
# Browse and login to keycloak.
open http://localhost:8080 # admin / admin
  • Create a new Realm datalayer.
  • Create the client datalayer with Root URL http://localhost:8080.
    • Valid Redirect URIs to http://localhost:8080/*.
    • Access Type to confidential.
    • Go to Credentials tab an copy the value on Secret field.
  • Create the client jupyterhub the same way.
  • Go to Roles tab and add a user role.
  • Click on the User Federation, select ldap.
  • Set Vendor field to Other.
  • Connection URL type ldap://ldap.
  • Users DN type ou=users,dc=datalayer,dc=io.
  • Bind DN type cn=admin,dc=datalayer,dc=io.
  • Bind Credential set admin.
  • Click on Synchronize all users and check they are available via the Users management menu (view all users).
open http://localhost:8080/auth/admin/master/console
open http://localhost:8080/auth/realms/datalayer/account
export CLIENT_SECRET=$DLA_KEYCLOAK_REALM_CLIENT_SECRET
ACCESS_TOKEN=$(curl -s -X POST \
  "http://localhost:8080/auth/realms/datalayer/protocol/openid-connect/token" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "username=echarles" \
  -d "password=123" \
  -d "grant_type=password" \
  -d "client_secret=$CLIENT_SECRET" \
  -d "client_id=datalayer" | jq -r .access_token)
echo $ACCESS_TOKEN
docker-compose -f keycloak.yml down

Integrations

You are now ready to integrate.

See also question on mailing list.

Info on URLs

About Login

About Theming

You can’t perform that action at this time.