Re: [keycloak-dev] Re: Keycloak Operator how to overwrite default clients

[Václav Muzikář]

Hello,

thank you for reporting this. However, this is not a correct channel for asking questions or reporting bugs. Please see our community channels [1] and if possible, open a new bug in JIRA [2].

[1] https://www.keycloak.org/community

[2] https://issues.jboss.org/browse/KEYCLOAK

On Thu, 23 Sept 2021 at 14:13, Robert <pulz...@gmail.com> wrote:

Sorry forgot to mention that the error says the client already exists.

12:04:14,013 ERROR [org.hibernate.engine.jdbc.spi.SqlExceptionHelper] (default task-41) ERROR: duplicate key value violates unique constraint "uk_b71cjlbenv945rb6gcon438at"
  Detail: Key (realm_id, client_id)=(xxxx, account) already exists.
12:04:14,013 ERROR [org.keycloak.services.resources.admin.RealmsAdminResource] (default task-41) Conflict detected: org.keycloak.models.ModelDuplicateException: javax.persistence.PersistenceException: org.hibernate.exception.ConstraintViolationException: could not execute statement

Robert schrieb am Donnerstag, 23. September 2021 um 14:07:04 UTC+2:

Hello,

I'm trying to deploy a Keycloak realm but want to make changes to the default clients (account, realm-management..). Unfortunately I can't deploy them neither through the KeycloakRealm CRD on realm creation startup nor the KeycloakClient CRD after the default clients are already set. Am I missing the right solution?

--
You received this message because you are subscribed to the Google Groups "Keycloak Dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to keycloak-dev...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/keycloak-dev/f2fb7f0e-af60-4877-ad46-83e912b008bbn%40googlegroups.com.

--

Václav Muzikář
Senior Software Engineer
Keycloak / Red Hat Single Sign-On
Red Hat Czech s.r.o.

[Schuster Sebastian (IOC/PAU1)]

Hi, 

can you elaborate on what changes you want to perform on the clients? You can quite easily break Keycloak if you modify it’s default clients so we were actually thinking about making them immutable so people don’t shoot themselves in the foot.

Best regards,

Sebastian

Von meinem iPhone gesendet

Am 23.09.2021 um 14:13 schrieb Robert <pulz...@gmail.com>:



[Robert]

My goal is to have the complete configuration of my Keycloak instance in Git including the default clients. How can I f.e. set Direct Access Grants Enabled in the security-admin-console default client through the Operator?

[Schuster Sebastian (IOC/PAU1)]

And why would you want to do that? Why not use a separate client for this?

 

Mit freundlichen Grüßen / Best regards

Dr.-Ing. Sebastian Schuster

Product Area User Management (IOC/PAU1)
Robert Bosch GmbH | Postfach 10 60 50 | 70049 Stuttgart | GERMANY | www.bosch.com
Tel. +49 30 726112-485 | Mobil +49 152 02177668 | Telefax +49 30 726112-100 | Sebastian...@bosch.io

Sitz: Stuttgart, Registergericht: Amtsgericht Stuttgart, HRB 14000;
Aufsichtsratsvorsitzender: Franz Fehrenbach; Geschäftsführung: Dr. Volkmar Denner,
Prof. Dr. Stefan Asenkerschbaumer, Filiz Albrecht, Dr. Christian Fischer, Dr. Stefan Hartung,
Dr. Markus Heyn, Harald Kröger, Rolf Najork

To view this discussion on the web visit https://groups.google.com/d/msgid/keycloak-dev/c6c43ee2-db1c-4707-a9c9-f943d27311e0n%40googlegroups.com.