AnsweredAssumed Answered

How to synchronize Alfresco users with KeyCloak? (share, not APS)

Question asked by 3kwagner on Jul 11, 2019
Latest reply on Jul 12, 2019 by afaust

Hello,

 

I am using Alfresco 6.1 with share in docker containers and want to manage users in KeyCloak only. I already managed to get the possibility of creating users in KeyCloak in loggin in with These credentials in share. Here is my docker-compose.yml:

 

 

version: "3.7"

services:
    alfresco:
        image: alfresco/alfresco-content-repository-community:6.1.2-ga
        environment:
            JAVA_OPTS : "
                -Ddb.driver=org.postgresql.Driver
                -Ddb.username=alfresco
                -Ddb.password=alfresco
                -Ddb.url=jdbc:postgresql://postgres:5432/alfresco
                -Dsolr.host=solr6
                -Dsolr.port=8983
                -Dsolr.secureComms=none
                -Dsolr.base.url=/solr
                -Dindex.subsystem.name=solr6
                -Dshare.host=localhost
                -Dalfresco.port=8082
                -Daos.baseUrlOverwrite=http://localhost:8082/alfresco/aos
                -Dmessaging.broker.url=\"failover:(nio://activemq:61616)?timeout=3000&jms.useCompression=true\"
                -Ddeployment.method=DOCKER_COMPOSE
                -Dcsrf.filter.enabled=false
                -Xms1g -Xmx1g
                -Dauthentication.chain=identity-service1:identity-service,alfrescoNtlm1:alfrescoNtlm
                -Didentity-service.enable-basic-auth=true
                -Didentity-service.authentication.validation.failure.silent=false
                -Didentity-service.auth-server-url=https://mydomainforkeycloak/auth
                -Didentity-service.realm=alfresco
                -Didentity-service.resource=activiti
                -Didentity-service.public-client=true
                -Didentity-service.ssl-required=none
                "
        ports:
            - 8080 #Browser port
        restart: always

    share:
        image: alfresco/alfresco-share:6.1.0
        environment:
            - REPO_HOST=alfresco
            - REPO_PORT=8080
            - "CATALINA_OPTS= -Xms500m -Xmx500m"
        ports:
            - 8080
        restart: always
        links:
           - "alfresco:alfresco"

 

 

After Login a new user will be created in Alfresco, but only with ist username. No email or other Information ist beeing synchronized. Furthermore, when I delete a user in KeyCloak it will be still existent in Alfresco.

 

How can I configure Alfresco to do a full sync with KeyCloak? Thank you!

Outcomes