User authentication - ACTIVAGE

From CommonsLab
Revision as of 15:32, 3 September 2019 by Dimitris (talk | contribs) (Middleware)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search


  • Set up Raspberry Pi with latest Raspbian


  • Connect RFID-RC522 Reader
  • Connect screen
  • Enable touch on screen



  • Install mysql
  • Download and unzip keycloak server
  • Download JDBC connector
  • Configure classpath
  • Add "JAVA_OPTS="$JAVA_OPTS -XX:+CreateMinidumpOnCrash"" to standalone.conf to fix failed core dumps of JVM
  • Set up SSL
  • After creating jks convert to pem
    • keytool -importkeystore -srckeystore keycloak.jks -destkeystore foo.p12 -srcstoretype jks -deststoretype pkcs12
    • openssl pkcs12 -in keycloak.p12 -out keycloak.pem
    • mkdir /usr/share/ca-certificates/local
    • cp keycloak.crt /usr/share/ca-certificates/local/keycloak.crt
    • cp keycloak.pem /usr/share/ca-certificates/local/keycloak.pem
    • sudo dpkg-reconfigure ca-certificates

Configure keycloak

  • Create new realm "UAH"
  • Create new client "raspberrypi"
  • Add user federation with LDAP


  • pip3 install keycloak [1]
  • install python-ldap dependencies sudo apt-get install libsasl2-dev python-dev libldap2-dev libssl-dev
  • install python-ldap pip install python-ldap
  • Enable touch screen support
  • Copy keycloak.crt to client /etc/ssl/certs then run update-ca-certificates command
  • python

Setup UAH

  • Start keycloak ( on boot
  • Start script for UI (chromium on kiosk mode)

Setup test