Keycloak doesn't seem to provide an easy UI for users to change their own passwords. An admin can add the "update password" required action to force a password change on next login, or users can reset their passwords with the forgotten password flow. A solution to this is:
Knowing that:
- Hackhub knows the username of the logged in user
- User passwords come from LDAP
- 389ds (the LDAP server) supports LDAP password changes
Hackhub can be extended with a password change page:
- Hackhub asks for the current password and the new password
- LDAP bind with the username and current password to ldaps://ldap.57north.org.uk/
- Do the change password over LDAP
- Forget all the password details as Hackhub has no need for them
Keycloak doesn't seem to provide an easy UI for users to change their own passwords. An admin can add the "update password" required action to force a password change on next login, or users can reset their passwords with the forgotten password flow. A solution to this is:
Knowing that:
Hackhub can be extended with a password change page: