如何注册Keycloak密码哈希服务提供商SPI(How to Register Keycloak Password Hash Service Provider SPI)
背景
我需要将定制应用程序的用户数据库迁移到Keycloak。 我创建了一个成功导入用户的
keycloak-add-user.json
文件。 迁移的用户密码在原始系统中进行哈希处理,但是我实现了Keycloak Password Hash SPI服务类,该服务类使用现有算法来验证迁移用户的哈希值和salt值。 Hash SPI类从Keycloak SPI实现PasswordHashProviderFactory
和PasswordHashProvider
,并基于`Pbkdf2PasswordHashProvider'。public class MyPasswordHashProvider implements PasswordHashProviderFactory, PasswordHashProvider { public static final String ID = "XXXX";
问题
当迁移的用户尝试使用keycloak进行身份验证时,org.keycloak.hash.PasswordHashManager会记录错误
Could not find hash provider XXXX for password
我的jar包含一个初始化文件
META-INF/services/org.keycloak.models.PasswordHashProviderFactory
,其中一行包含HashProvider实现的完整类名。my.folder.MyPasswordHashProvider
这是基于联邦SPI doco,但Keycloak Password Hash SPI的文档似乎不存在。 我错过了什么,或者我需要做些什么来注册和使用我的Hash Provider与Keycloak?
Background
I need to migrate a user database for a bespoke app into Keycloak. I have created a
keycloak-add-user.json
file that imports the users successfully. Migrated user passwords are hashed in the original system, however I've implemented a Keycloak Password Hash SPI service class that uses the existing algorithm to validate the hash and salt value of a migrated user. The Hash SPI class implementsPasswordHashProviderFactory
andPasswordHashProvider
from the Keycloak SPI and is based on `Pbkdf2PasswordHashProvider'.public class MyPasswordHashProvider implements PasswordHashProviderFactory, PasswordHashProvider { public static final String ID = "XXXX";
The issue
When a migrated user tries to authenticate with keycloak an error is logged by
org.keycloak.hash.PasswordHashManager
Could not find hash provider XXXX for password
My jar contains an initialisation file
META-INF/services/org.keycloak.models.PasswordHashProviderFactory
with a single line containing the full classname of the HashProvider implementation.my.folder.MyPasswordHashProvider
This was based on the Federation SPI doco, but documentation for the Keycloak Password Hash SPI seems to be non-existent. What am I missing, or what do I need to do to register and use my Hash Provider with Keycloak?
原文:https://stackoverflow.com/questions/38693674
最满意答案
您可以利用sqlcmd的脚本变量 。 这些可以在脚本文件中使用,并用
$()
标记。 像这样,-- Sql script file use $(db); select someting from somewhere;
调用
sqlcmd
,使用-v
参数分配变量。 像这样,sqlcmd -S server\instance -E -v db ="MyDatabase" -i s.sql
编辑
设置变量时要注意Sql语法。 考虑下面的脚本:
DECLARE @dbName varchar(255) SET @dbName = $(db) select 'val' = @dbName
传递给Sql Server时,它看起来像这样(Profiler在这里帮助):
use master; DECLARE @dbName varchar(255) SET @dbName = foo select 'val' = @dbName
这显然是无效的语法,因为
SET @dbName = foo
没有多大意义。 价值应该在单引号内,像这样,sqlcmd -S server\instance -E -v db ="'foo'" -i s.sql
Just in case someone else needs to do this... here is a working example.
Power Shell Script:
sqlcmd -S uk-ldn-dt270 -U sa -P 1NetNasdf£! -v db = "'DatabaseNameHere'" -i $scriptFile -b | Tee-Object -filepath $sqlLog
Note the -v switch to assign the variables
And here is the MS SQL:
USE MASTER GO if db_id($(db)) is null BEGIN EXEC(' RESTORE DATABASE ' + $(db) + ' FROM DISK = ''D:\DB Backup\EmptyLiveV5.bak'' WITH MOVE ''LiveV5_Data'' TO ''C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\DATA\LiveV5_' + $(db) + '.MDF'', MOVE ''LiveV5_Log'' To ''C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\DATA\LiveV5_' + $(db) + '_log.LDF'', REPLACE, STATS =10') END
Note: You do not have to assign the scripting varible to a normal sql varible like this.
SET @dbName = $(db)
you can just use it in your sql code. - Happy coding.
相关问答
更多-
一种选择: $params = @{ P1 = 1 P2 = 2 P3 = 3 } $ScriptPath = 'D:\Test.ps1' $sb = [scriptblock]::create(".{$(get-content $ScriptPath -Raw)} $(&{$args} @params)") Invoke-Command -ComputerName server -ScriptBlock $sb One option: $params = @{ P1 = 1 P2 = 2 P3 ...
-
如何在Powershell ISE中将需要的参数传递给脚本?(How to pass needed parameters to script in Powershell ISE?)[2023-07-09]
使用命令窗格。 在ISE编辑器中打开脚本文件,设置断点(F9)。 然后在命令窗格中,键入一个使用所需参数调用此脚本的命令。 我不认为在ISE中还有另外一种(内置)的方法。 Use the command pane. Open the script file in the ISE editor, set the breakpoints (F9). Then in the command pane type a command invoking this script with required paramet ... -
您的通话错误,多个参数分组为一个。 更好更正确的方法是: set-alias svn "c:\Program Files\TortoiseSVN\bin\svn.exe" svn log -r $RevStart`:$RevEnd $GetSVN 别名是化妆品。 真正的问题是"安置。 Your call is wrong, multiple parameters are grouped as one. Better and correct way to do it is this: set-alias ...
-
您可以使用单一语言完成所有这些操作,而不是同时使用Powershell和批处理,但无论如何,这都是您想要的 @echo off if "%1"=="" ( set /p "pspath=Enter the path to Powershell: " ) else set "pspath=%1" if "%2"=="" ( set /p "sharepath=Enter The share parameter: " ) else set "sharepath=%2" p ...
-
您可以利用sqlcmd的脚本变量 。 这些可以在脚本文件中使用,并用$()标记。 像这样, -- Sql script file use $(db); select someting from somewhere; 调用sqlcmd ,使用-v参数分配变量。 像这样, sqlcmd -S server\instance -E -v db ="MyDatabase" -i s.sql 编辑 设置变量时要注意Sql语法。 考虑下面的脚本: DECLARE @dbName varchar(255) SET @ ...
-
如何从命令行将带括号的参数传递给Powershell?(How to pass a parameter with parentheses to Powershell from command line?)[2024-01-05]
尝试用双引号括起脚本调用,然后用单引号括起每个参数: ".\MSSQLStartStopServices.ps1" 'HOSTNAME\(local)' 'Start' Try enclosing your script-call in double quotes and then each parameter in single quotes: ".\MSSQLStartStopServices.ps1" 'HOSTNAME\(local)' 'Start' -
这将帮助你About_Jobs 获取帮助开始工作 http://sqlblog.com/blogs/aaron_bertrand/archive/2011/01/29/powershell-start-job-scriptblock-sad-panda-face.aspx This will help you About_Jobs Get-Help Start-Job https://sqlblog.org/2011/01/29/powershell-start-job-scriptblock-sad-pa ...
-
您必须将脚本调用包含在命令中,例如: PS> $command = "& '$pwd\login.ps1' -un testuser -pw testpw" PS> $bytes = [Text.Encoding]::Unicode.GetBytes($command) PS> $encodedCommand = [Convert]::ToBase64String($bytes) PS> powershell.exe -noprofile -encodedCommand $encodedCommand Us ...
-
修改您的功能如下: function new { param([string[]] $paramargs) if( $paramargs.length -lt 8 ) { Write-Host "Parameter Missing, requires 8 Parameters. Aborting."! Write-Host $paramargs.length break } } switch ($args[0]) { '--test' { } '--new' ...
-
如何将参数传递给Powershell脚本并在远程计算机上运行它(how to pass parameters to Powershell script and run it on a remote computer)[2019-11-14]
如果您有PowerShell V3或更高版本,则可以使用using前缀将本地变量“传输”到远程主机: Invoke-Command -ComputerName RMTMACHINE -credential $cred -ScriptBlock {$using:Patcher $using:ver $using:inst} 对于olders版本,请查看invoke-command的-argumentlist参数 if you have powershell V3 or higher you can use ...