Changes between Version 11 and Version 12 of guiiam2018


Ignore:
Timestamp:
Sep 19, 2018, 8:51:17 AM (6 years ago)
Author:
admin
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • guiiam2018

    v11 v12  
    198198   Users can utilize the function OTP from their profile page. They may use any OTP software such as Google Authenticator, Authy, etc. This will add additional security to the password reset process.
    199199   
    200 
    201 > For further customization you may consult keycloak official guides from https://www.keycloak.org/documentation.html
     200* Customize User Profile page to change ldap attribute values.
     201
     202   By default users are only allowed to change Email, First Name and Last Name. But if you want to provide them access to change their any other details, you need to customize the template from the back end.
     203
     204   Steps in Adding attribute `mobile` to be edited by users: 
     205
     206   * First include the custom attribute by accessing `User Federation --> ldap --> Mappers --> Add`
     207      * Name: mobile
     208      * Mapper Type: user-attribute-ldap-mapper
     209      * User Model Attribute: mobile
     210      * LDAP Attribute: mobile
     211      * Save
     212      * Do to Settings tab and click '''Synchronize All Users'''
     213   * Then you should see mobile values under attributes tab of the User's details page.
     214   * Next we have to customize the User Profile. For that you must log back to your Keycloak server (in this case IDP) and become root.
     215   * Create a custom theme as instXY
     216      {{{
     217          cd KEYCLOAK-DIRECTORY
     218       }}}
     219       {{{
     220          cp -r themes/keycloak themes/instXY
     221          cp themes/base/account/account.ftl themes/instXY/account/account.ftl
     222       }}}
     223   The first cp command will create an exact copy of default keycloak theme as instXY and the second cp will create a copy of user profile page in to our theme.
     224   * Next edit the `themes/instXY/account/account.ftl` and include following just above the form group `<div class="form-group"> <div id="kc-form-buttons" class="col-md-offset-2 col-md-10 submit">`
     225      {{{#!xml
     226            <div class="form-group">
     227               <div class="col-sm-2 col-md-2">
     228                   <label for="user.attributes.mobile" class="control-label">Mobile number</label>
     229               </div>
     230
     231               <div class="col-sm-10 col-md-10">
     232                   <input type="text" class="form-control" id="user.attributes.mobile" name="user.attributes.mobile" value="${(account.attributes.mobile!'')}"/>
     233               </div>
     234            </div>
     235      }}}
     236   * Then we have to restart the keycloak service
     237     {{{
     238         bin/jboss-cli.sh --connect command=:shutdown
     239         bin/standalone.sh &
     240     }}}
     241
     242   * Next log back to the admin console of keycloak and traverse to `Realm Settings --> Themes` and change the value of '''Account Theme''' to `instXY`
     243   * Now you may log in to user profile https://idp.instXY.ac.lk:8443/auth/realms/instXY/account and check whether the settings have applied, remember to use a private window as you needs to be authenticated as an ldapuser
     244
     245> For further customization you may consult keycloak official guides from https://www.keycloak.org/docs/latest/server_development/index.html#_themes