Prosoft Git

keycloak-uncached

Merge pull request #1436 from patriot1burke/master recaptcha

7/8/2015 8:47:45 PM
Bill Burke

Bill Burke

Commit: 485df59

Tree: 1583b92

Parents: 43308b3
6c9708c

Changes

docbook/reference/en/en-US/master.xml 2(+2 -0)

docbook/reference/en/en-US/modules/recaptcha.xml 26(+26 -0)

Details

docbook/reference/en/en-US/master.xml 2(+2 -0) 

diff --git a/docbook/reference/en/en-US/master.xml b/docbook/reference/en/en-US/master.xml
index d379ac8..59b2be1 100755
--- a/docbook/reference/en/en-US/master.xml
+++ b/docbook/reference/en/en-US/master.xml
@@ -44,6 +44,7 @@
                 <!ENTITY Proxy SYSTEM "modules/proxy.xml">
                 <!ENTITY CustomAttributes SYSTEM "modules/custom-attributes.xml">
                 <!ENTITY ProtocolMappers SYSTEM "modules/protocol-mappers.xml">
+                <!ENTITY Recaptcha SYSTEM "modules/recaptcha.xml">
                 ]>
 
 <book>
@@ -108,6 +109,7 @@ This one is short
 
     &IdentityBroker;
     &Themes;
+    &Recaptcha;
 
     <chapter>
         <title>Email</title>

docbook/reference/en/en-US/modules/recaptcha.xml 26(+26 -0) 

diff --git a/docbook/reference/en/en-US/modules/recaptcha.xml b/docbook/reference/en/en-US/modules/recaptcha.xml
new file mode 100755
index 0000000..27f9177
--- /dev/null
+++ b/docbook/reference/en/en-US/modules/recaptcha.xml
@@ -0,0 +1,26 @@
+<chapter id="recaptcha">
+    <title>Recaptcha Support on Registration</title>
+
+    <para>
+        To safeguard registration against bots, Keycloak has integration with Google Recaptcha.  To enable this you
+        need to first go to <ulink url="https://developers.google.com/recaptcha/">Google Recaptcha</ulink>
+        and create an API key so that you can get your recaptcha site key and secret.  (FYI, localhost works by default
+        so you don't have to specify a domain).
+     </para>
+    <para>Next, go to the Keycloak Admin Console.  Go to
+        Authentication->Flows page.  Select the 'registration' flow.  Set the 'Recaptcha' requirement to 'Required'.  Click
+        on the 'Configure' button and enter in the Recaptcha site key and secret.
+    </para>
+    <para>
+        Finally, you have to change Keycloak's default security headers.  In the Admin Console, go to Settings->Security Defenses
+        of your realm.  Add a space and <literal>https://www.google.com</literal> to the values of both the <literal>X-Frame-Options</literal>
+        and <literal>Content-Security-Policy</literal> headers.  i.e.
+        <programlisting>
+            frame-src 'self' https://www.google.com
+        </programlisting>
+    </para>
+    <para>
+        That's it!  You may want to edit register.ftl in your login theme to muck around with the placement and styling
+        of the recaptcha button.  Up to you.
+    </para>
+</chapter>

Bonobo Git Server (6.3.0.632) © 2015 Jakub Chodounský · Official Page · Github