Initial commit

account/account.ftl

@@ -0,0 +1,88 @@
+<#import "template.ftl" as layout>
+<@layout.mainLayout active='account' bodyClass='user'; section>
+
+    <div class="row">
+		<div class="col-md-10">
+			<h2>${msg("account")}</h2>
+		</div>
+		<div class="col-md-2 subtitle">
+			<span class="subtitle"><span class="required">*</span> ${msg("requiredFields")}</span>
+		</div>
+	</div>
+
+    <form action="${url.accountUrl}" class="form-horizontal" method="post">
+
+		<input type="hidden" id="stateChecker" name="stateChecker" value="${stateChecker}">
+
+        <#if !realm.registrationEmailAsUsername>
+            <div class="form-group ${messagesPerField.printIfExists('username','has-error')}">
+				<div class="col-sm-2 col-md-2">
+					<label for="username" class="control-label">${msg("username")}<#if realm.editUsernameAllowed> <span
+							class="required">*</span></#if></label>
+				</div>
+
+				<div class="col-sm-10 col-md-10">
+					<input type="text" class="form-control" id="username" name="username"
+                           <#if !realm.editUsernameAllowed>disabled="disabled"</#if> value="${(account.username!'')}"/>
+				</div>
+			</div>
+        </#if>
+
+		<div class="form-group ${messagesPerField.printIfExists('email','has-error')}">
+			<div class="col-sm-2 col-md-2">
+				<label for="email" class="control-label">${msg("email")} <span class="required">*</span></label>
+			</div>
+
+			<div class="col-sm-10 col-md-10">
+				<input type="text" class="form-control" id="email" name="email" autofocus
+					   value="${(account.email!'')}"/>
+			</div>
+		</div>
+
+		<div class="form-group ${messagesPerField.printIfExists('firstName','has-error')}">
+			<div class="col-sm-2 col-md-2">
+				<label for="firstName" class="control-label">${msg("firstName")} <span class="required">*</span></label>
+			</div>
+
+			<div class="col-sm-10 col-md-10">
+				<input type="text" class="form-control" id="firstName" name="firstName"
+					   value="${(account.firstName!'')}"/>
+			</div>
+		</div>
+
+		<div class="form-group ${messagesPerField.printIfExists('lastName','has-error')}">
+			<div class="col-sm-2 col-md-2">
+				<label for="lastName" class="control-label">${msg("lastName")} <span class="required">*</span></label>
+			</div>
+
+			<div class="col-sm-10 col-md-10">
+				<input type="text" class="form-control" id="lastName" name="lastName" value="${(account.lastName!'')}"/>
+			</div>
+		</div>
+
+		<#switch account.attributes.type!>
+            <#case "member">
+		<div class="form-group">
+			<div class="col-sm-2 col-md-2">
+				<label for="user.attributes.postcode" class="control-label">PSČ <span class="required">*</span></label>
+			</div>
+
+			<div class="col-sm-10 col-md-10">
+				<input type="text" class="form-control" id="user.attributes.postcode" name="user.attributes.postcode" value="${(account.attributes.postcode!'')}"/>
+			</div>
+		</div>
+                <#break>
+        </#switch>
+
+		<div class="sso-form-buttons">
+                    <#if url.referrerURI??><a href="${url.referrerURI}">${msg("backToApplication")?no_esc}/a></#if>
+			<button type="submit"
+					class="sso-form-button sso-form-button-primary"
+					name="submitAction" value="Save">${msg("doSave")}</button>
+			<button type="submit"
+					class="sso-form-button"
+					name="submitAction" value="Cancel">${msg("doCancel")}</button>
+		</div>
+	</form>
+
+</@layout.mainLayout>

account/applications.ftl

@@ -0,0 +1,96 @@
+<#import "template.ftl" as layout>
+<@layout.mainLayout active='applications' bodyClass='applications'; section>
+
+    <div class="row">
+        <div class="col-md-10">
+            <h2>${msg("applications")}</h2>
+        </div>
+    </div>
+
+    <form action="${url.applicationsUrl}" method="post">
+        <input type="hidden" id="stateChecker" name="stateChecker" value="${stateChecker}">
+        <input type="hidden" id="referrer" name="referrer" value="${stateChecker}">
+
+        <table class="table table-striped table-bordered">
+            <thead>
+              <tr>
+                <td>${msg("application")}</td>
+                <td>${msg("availablePermissions")}</td>
+                <td>${msg("grantedPermissions")}</td>
+                <td>${msg("grantedPersonalInfo")}</td>
+                <td>${msg("additionalGrants")}</td>
+                <td>${msg("action")}</td>
+              </tr>
+            </thead>
+
+            <tbody>
+              <#list applications.applications as application>
+                <tr>
+                    <td>
+                        <#if application.effectiveUrl?has_content><a href="${application.effectiveUrl}"></#if>
+                            <#if application.client.name??>${advancedMsg(application.client.name)}<#else>${application.client.clientId}</#if>
+                        <#if application.effectiveUrl?has_content></a></#if>
+                    </td>
+
+                    <td>
+                        <#list application.realmRolesAvailable as role>
+                            <#if role.description??>${advancedMsg(role.description)}<#else>${advancedMsg(role.name)}</#if>
+                            <#if role_has_next>, </#if>
+                        </#list>
+                        <#list application.resourceRolesAvailable?keys as resource>
+                            <#if application.realmRolesAvailable?has_content>, </#if>
+                            <#list application.resourceRolesAvailable[resource] as clientRole>
+                                <#if clientRole.roleDescription??>${advancedMsg(clientRole.roleDescription)}<#else>${advancedMsg(clientRole.roleName)}</#if>
+                                ${msg("inResource")} <strong><#if clientRole.clientName??>${advancedMsg(clientRole.clientName)}<#else>${clientRole.clientId}</#if></strong>
+                                <#if clientRole_has_next>, </#if>
+                            </#list>
+                        </#list>
+                    </td>
+
+                    <td>
+                        <#if application.client.consentRequired>
+                            <#list application.realmRolesGranted as role>
+                                <#if role.description??>${advancedMsg(role.description)}<#else>${advancedMsg(role.name)}</#if>
+                                <#if role_has_next>, </#if>
+                            </#list>
+                            <#list application.resourceRolesGranted?keys as resource>
+                                <#if application.realmRolesGranted?has_content>, </#if>
+                                <#list application.resourceRolesGranted[resource] as clientRole>
+                                    <#if clientRole.roleDescription??>${advancedMsg(clientRole.roleDescription)}<#else>${advancedMsg(clientRole.roleName)}</#if>
+                                    ${msg("inResource")} <strong><#if clientRole.clientName??>${advancedMsg(clientRole.clientName)}<#else>${clientRole.clientId}</#if></strong>
+                                    <#if clientRole_has_next>, </#if>
+                                </#list>
+                            </#list>
+                        <#else>
+                            <strong>${msg("fullAccess")}</strong>
+                        </#if>
+                    </td>
+
+                    <td>
+                        <#if application.client.consentRequired>
+                            <#list application.claimsGranted as claim>
+                                ${advancedMsg(claim)}<#if claim_has_next>, </#if>
+                            </#list>
+                        <#else>
+                            <strong>${msg("fullAccess")}</strong>
+                        </#if>
+                    </td>
+
+                    <td>
+                       <#list application.additionalGrants as grant>
+                            ${advancedMsg(grant)}<#if grant_has_next>, </#if>
+                        </#list>
+                    </td>
+
+                    <td>
+                        <#if (application.client.consentRequired && application.claimsGranted?has_content) || application.additionalGrants?has_content>
+                            <button type='submit' class='${properties.kcButtonClass!} ${properties.kcButtonPrimaryClass!}' id='revoke-${application.client.clientId}' name='clientId' value="${application.client.id}">${msg("revoke")}</button>
+                        </#if>
+                    </td>
+                </tr>
+              </#list>
+            </tbody>
+        </table>
+    </form>
+
+</@layout.mainLayout>

account/federatedIdentity.ftl

@@ -0,0 +1,44 @@
+<#import "template.ftl" as layout>
+<@layout.mainLayout active='social' bodyClass='social'; section>
+
+    <div class="row">
+        <div class="col-md-10">
+            <h2>${msg("federatedIdentitiesHtmlTitle")}</h2>
+        </div>
+    </div>
+
+    <div id="federated-identities">
+    <#list federatedIdentity.identities as identity>
+        <div class="row margin-bottom">
+            <div class="col-sm-2 col-md-2">
+                <label for="${identity.providerId!}" class="control-label">${identity.displayName!}</label>
+            </div>
+            <div class="col-sm-5 col-md-5">
+                <input disabled="true" class="form-control" value="${identity.userName!}">
+            </div>
+            <div class="col-sm-5 col-md-5">
+                <#if identity.connected>
+                    <#if federatedIdentity.removeLinkPossible>
+                        <form action="${url.socialUrl}" method="post" class="form-inline">
+                            <input type="hidden" id="stateChecker" name="stateChecker" value="${stateChecker}">
+                            <input type="hidden" id="action" name="action" value="remove">
+                            <input type="hidden" id="providerId" name="providerId" value="${identity.providerId!}">
+                            <button id="remove-link-${identity.providerId!}" class="btn btn-default">${msg("doRemove")}</button>
+                        </form>
+                    </#if>
+                <#else>
+                    <form action="${url.socialUrl}" method="post" class="form-inline">
+                        <input type="hidden" id="stateChecker" name="stateChecker" value="${stateChecker}">
+                        <input type="hidden" id="action" name="action" value="add">
+                        <input type="hidden" id="providerId" name="providerId" value="${identity.providerId!}">
+                        <div class="sso-form-buttons sso-form-buttons-flexibile">
+                            <button id="add-link-${identity.providerId!}" class="sso-form-button sso-form-button-primary">${msg("doAdd")}</button>
+						</div>
+                    </form>
+                </#if>
+            </div>
+        </div>
+    </#list>
+    </div>
+
+</@layout.mainLayout>

account/log.ftl

@@ -0,0 +1,35 @@
+<#import "template.ftl" as layout>
+<@layout.mainLayout active='log' bodyClass='log'; section>
+
+    <div class="row">
+        <div class="col-md-10">
+            <h2>${msg("accountLogHtmlTitle")}</h2>
+        </div>
+    </div>
+
+    <table class="table table-striped table-bordered">
+        <thead>
+        <tr>
+            <td>${msg("date")}</td>
+            <td>${msg("event")}</td>
+            <td>${msg("ip")}</td>
+            <td>${msg("client")}</td>
+            <td>${msg("details")}</td>
+        </tr>
+        </thead>
+
+        <tbody>
+        <#list log.events as event>
+            <tr>
+                <td>${event.date?datetime}</td>
+                <td>${event.event}</td>
+                <td>${event.ipAddress}</td>
+                <td>${event.client!}</td>
+                <td><#list event.details as detail>${detail.key} = ${detail.value} <#if detail_has_next>, </#if></#list></td>
+            </tr>
+        </#list>
+        </tbody>
+
+    </table>
+
+</@layout.mainLayout>

account/messages/messages_ca.properties

@@ -0,0 +1,147 @@
+doSave=Desa
+doCancel=Cancel\u00B7la
+doLogOutAllSessions=Desconnecta de totes les sessions
+doRemove=Elimina
+doAdd=Afegeix
+doSignOut=Desconnectar
+
+editAccountHtmlTitle=Edita compte
+federatedIdentitiesHtmlTitle=Identitats federades
+accountLogHtmlTitle=Registre del compte
+changePasswordHtmlTitle=Canvia contrasenya
+sessionsHtmlTitle=Sessions
+accountManagementTitle=Gesti\u00F3 de Compte Keycloak
+authenticatorTitle=Autenticador
+applicationsHtmlTitle=Aplicacions
+
+authenticatorCode=Codi d''un sol \u00FAs
+email=Email
+firstName=Nom
+givenName=Nom de pila
+fullName=Nom complet
+lastName=Cognoms
+familyName=Cognom
+password=Contrasenya
+passwordConfirm=Confirma la contrasenya
+passwordNew=Nova contrasenya
+username=Usuari
+address=Adre\u00E7a
+street=Carrer
+locality=Ciutat o Municipi
+region=Estat, Prov\u00EDncia, o Regi\u00F3
+postal_code=Postal code
+country=Pa\u00EDs
+emailVerified=Email verificat
+gssDelegationCredential=GSS Delegation Credential
+
+role_admin=Administrador
+role_realm-admin=Administrador del domini
+role_create-realm=Crear domini
+role_view-realm=Veure domini
+role_view-users=Veure usuaris
+role_view-applications=Veure aplicacions
+role_view-clients=Veure clients
+role_view-events=Veure events
+role_view-identity-providers=Veure prove\u00EFdors d''identitat
+role_manage-realm=Gestionar domini
+role_manage-users=Gestinar usuaris
+role_manage-applications=Gestionar aplicacions
+role_manage-identity-providers=Gestionar prove\u00EFdors d''identitat
+role_manage-clients=Gestionar clients
+role_manage-events=Gestionar events
+role_view-profile=Veure perfil
+role_manage-account=Gestionar compte
+role_read-token=Llegir token
+role_offline-access=Acc\u00E9s sense connexi\u00F3
+client_account=Compte
+client_security-admin-console=Consola d''Administraci\u00F3 de Seguretat
+client_realm-management=Gesti\u00F3 de domini
+client_broker=Broker
+
+
+requiredFields=Camps obligatoris
+allFieldsRequired=Tots els camps obligatoris
+
+backToApplication=« Torna a l''aplicaci\u00F3
+backTo=Torna a {0}
+
+date=Data
+event=Event
+ip=IP
+client=Client
+clients=Clients
+details=Detalls
+started=Iniciat
+lastAccess=\u00DAltim acc\u00E9s
+expires=Expira
+applications=Aplicacions
+
+account=Compte
+federatedIdentity=Identitat federada
+authenticator=Autenticador
+sessions=Sessions
+log=Registre
+
+application=Aplicaci\u00F3
+availablePermissions=Permisos disponibles
+grantedPermissions=Permisos concedits
+grantedPersonalInfo=Informaci\u00F3 personal concedida
+additionalGrants=Permisos addicionals
+action=Acci\u00F3
+inResource=a
+fullAccess=Acc\u00E9s total
+offlineToken=Codi d''autoritzaci\u00F3 offline
+revoke=Revocar perm\u00EDs
+
+configureAuthenticators=Autenticadors configurats
+mobile=M\u00F2bil
+totpStep1=Instal\u00B7la <a href=\"https://freeotp.github.io/\" target=\"_blank\">FreeOTP</a> o Google Authenticator al teu tel\u00E8fon m\u00F2bil. Les dues aplicacions estan disponibles a <a href=\"https://play.google.com\">Google Play</a> i en l''App Store d''Apple.
+totpStep2=Obre l''aplicaci\u00F3 i escaneja el codi o introdueix la clau.
+totpStep3=Introdueix el codi \u00FAnic que et mostra l''aplicaci\u00F3 d''autenticaci\u00F3 i fes clic a Envia per finalitzar la configuraci\u00F3
+
+missingUsernameMessage=Si us plau indica el teu usuari.
+missingFirstNameMessage=Si us plau indica el nom.
+invalidEmailMessage=Email no v\u00E0lid
+missingLastNameMessage=Si us plau indica els teus cognoms.
+missingEmailMessage=Si us plau indica l''email.
+missingPasswordMessage=Si us plau indica la contrasenya.
+notMatchPasswordMessage=Les contrasenyes no coincideixen.
+
+missingTotpMessage=Si us plau indica el teu codi d''autenticaci\u00F3
+invalidPasswordExistingMessage=La contrasenya actual no \u00E9s correcta.
+invalidPasswordConfirmMessage=La confirmaci\u00F3 de contrasenya no coincideix.
+invalidTotpMessage=El c\u00F3digo de autenticaci\u00F3n no es v\u00E1lido.
+
+usernameExistsMessage=L''usuari ja existeix
+emailExistsMessage=L''email ja existeix
+
+readOnlyUserMessage=No pots actualitzar el teu usuari perqu\u00E8 el teu compte \u00E9s de nom\u00E9s lectura.
+readOnlyPasswordMessage=No pots actualitzar la contrasenya perqu\u00E8 el teu compte \u00E9s de nom\u00E9s lectura.
+
+successTotpMessage=Aplicaci\u00F3 d''autenticaci\u00F3 m\u00F2bil configurada.
+successTotpRemovedMessage=Aplicaci\u00F3 d''autenticaci\u00F3 m\u00F2bil eliminada.
+
+successGrantRevokedMessage=Perm\u00EDs revocat correctament
+
+accountUpdatedMessage=El teu compte s''ha actualitzat.
+accountPasswordUpdatedMessage=La contrasenya s''ha actualitzat.
+
+missingIdentityProviderMessage=Prove\u00EFdor d''identitat no indicat.
+invalidFederatedIdentityActionMessage=Acci\u00F3 no v\u00E0lida o no indicada.
+identityProviderNotFoundMessage=No s''ha trobat un prove\u00EFdor d''identitat.
+federatedIdentityLinkNotActiveMessage=Aquesta identitat ja no est\u00E0 activa
+federatedIdentityRemovingLastProviderMessage=No pots eliminar l''\u00FAltima identitat federada perqu\u00E8 no tens fixada una contrasenya.
+identityProviderRedirectErrorMessage=Error en la redirecci\u00F3 al prove\u00EFdor d''identitat
+identityProviderRemovedMessage=Prove\u00EFdor d''identitat esborrat correctament.
+
+accountDisabledMessage=El compte est\u00E0 desactivada, contacteu amb l''administrador.
+
+accountTemporarilyDisabledMessage=El compte est\u00E0 temporalment desactivat, contacta amb l''administrador o intenta-ho de nou m\u00E9s tard.
+invalidPasswordMinLengthMessage=Contrasenya incorrecta: longitud m\u00EDnima {0}.
+invalidPasswordMinLowerCaseCharsMessage=Contrasenya incorrecta: ha de contenir almenys {0} lletres min\u00FAscules.
+invalidPasswordMinDigitsMessage=Contrase\u00F1a incorrecta: debe contener al menos {0} caracteres num\u00E9ricos.
+invalidPasswordMinUpperCaseCharsMessage=Contrasenya incorrecta: ha de contenir almenys {0} lletres maj\u00FAscules.
+invalidPasswordMinSpecialCharsMessage=Contrasenya incorrecta: ha de contenir almenys {0} car\u00E0cters especials.
+invalidPasswordNotUsernameMessage=Contrasenya incorrecta: no pot ser igual al nom d''usuari.
+invalidPasswordRegexPatternMessage=Contrasenya incorrecta: no compleix l''expressi\u00F3 regular.
+invalidPasswordHistoryMessage=Contrasenya incorrecta: no pot ser igual a cap de les \u00FAltimes {0} contrasenyes.

account/messages/messages_cs.properties

@@ -0,0 +1,171 @@
+# encoding: UTF-8
+doSave=Uložit
+doCancel=Zrušit
+doLogOutAllSessions=Odhlásit ze všech zařízení
+doRemove=Odebrat
+doAdd=Přidat
+doSignOut=Odhlásit se
+
+editAccountHtmlTitle=Edit Account
+federatedIdentitiesHtmlTitle=Propojené identity
+accountLogHtmlTitle=Account Log
+changePasswordHtmlTitle=Změna hesla
+sessionsHtmlTitle=Zařízení
+accountManagementTitle=Účet u Pirátské strany
+authenticatorTitle=Dvoufaktorové ověření
+
+authenticatorCode=Jednorázový kód
+email=E-mail
+firstName=Jméno
+givenName=Křestní jméno
+fullName=Celé jméno
+lastName=Příjmení
+familyName=Rodinné jméno
+password=Heslo
+passwordConfirm=Potvrzení hesla
+passwordNew=Nové heslo
+username=Uživatelské jméno
+address=Adresa
+street=Ulice
+locality=Město
+region=Stát
+postal_code=PSČ
+country=Země
+emailVerified=E-mail ověřený
+gssDelegationCredential=GSS Delegation Credential
+
+role_admin=Admin
+role_realm-admin=Realm Admin
+role_create-realm=Create realm
+role_view-realm=View realm
+role_view-users=View users
+role_view-applications=View applications
+role_view-clients=View clients
+role_view-events=View events
+role_view-identity-providers=View identity providers
+role_manage-realm=Manage realm
+role_manage-users=Manage users
+role_manage-applications=Manage applications
+role_manage-identity-providers=Manage identity providers
+role_manage-clients=Manage clients
+role_manage-events=Manage events
+role_view-profile=Zobrazit profil
+role_manage-account=Spravovat účet
+role_manage-account-links=Spravovat odkazy účtu
+role_read-token=Číst token
+role_offline-access=Offline přístup
+role_uma_authorization=Získávat oprávnění
+client_account=Účet
+client_security-admin-console=Security Admin Console
+client_admin-cli=Admin CLI
+client_realm-management=Realm Management
+client_broker=Broker
+
+
+requiredFields=Povinná pole
+allFieldsRequired=Všechna pole jsou povinná
+
+backToApplication=« Back to application
+backTo=Back to {0}
+
+date=Datum
+event=Událost
+ip=IP adresa
+client=Klient
+clients=Klienti
+details=Details
+started=První přístup
+lastAccess=Poslední přístup
+expires=Vyprší
+applications=Aplikace
+
+account=Účet
+federatedIdentity=Propojené identity
+authenticator=Dvoufaktorové ověření
+sessions=Zařízení
+log=Log
+
+application=Aplikace
+availablePermissions=Dostupná oprávnění
+grantedPermissions=Udělená oprávnění
+grantedPersonalInfo=Udělené osobní informace
+additionalGrants=Additional Grants
+action=Action
+inResource=in
+fullAccess=Plný přístup
+offlineToken=Offline token
+revoke=Zrušit povolení
+
+configureAuthenticators=Nastavené generátory klíčů
+mobile=Telefon
+totpStep1=Nainstalujte si do telefonu <a href="https://freeotp.github.io/" target="_blank">FreeOTP</a> nebo Google Authenticator. Obě aplikace jsou dostupné v <a href="https://play.google.com">Google Play</a> a Apple App Store.
+totpStep2=Otevřete aplikaci a naskenujte čárový kód nebo zadejte klíč.
+totpStep3=Zadejte jednorázový kód poskytnutý aplikací a klikněte na Uložit.
+
+missingUsernameMessage=Please specify username.
+missingFirstNameMessage=Please specify first name.
+invalidEmailMessage=Invalid email address.
+missingLastNameMessage=Please specify last name.
+missingEmailMessage=Please specify email.
+missingPasswordMessage=Please specify password.
+notMatchPasswordMessage=Passwords don''t match.
+
+missingTotpMessage=Please specify authenticator code.
+invalidPasswordExistingMessage=Invalid existing password.
+invalidPasswordConfirmMessage=Password confirmation doesn''t match.
+invalidTotpMessage=Invalid authenticator code.
+
+usernameExistsMessage=Username already exists.
+emailExistsMessage=Email already exists.
+
+readOnlyUserMessage=You can''t update your account as it is read only.
+readOnlyUsernameMessage=You can''t update your username as it is read only.
+readOnlyPasswordMessage=You can''t update your password as your account is read only.
+
+successTotpMessage=Mobile authenticator configured.
+successTotpRemovedMessage=Mobile authenticator removed.
+
+successGrantRevokedMessage=Grant revoked successfully.
+
+accountUpdatedMessage=Your account has been updated.
+accountPasswordUpdatedMessage=Your password has been updated.
+
+missingIdentityProviderMessage=Identity provider not specified.
+invalidFederatedIdentityActionMessage=Invalid or missing action.
+identityProviderNotFoundMessage=Specified identity provider not found.
+federatedIdentityLinkNotActiveMessage=This identity is not active anymore.
+federatedIdentityRemovingLastProviderMessage=You can''t remove last federated identity as you don''t have password.
+identityProviderRedirectErrorMessage=Failed to redirect to identity provider.
+identityProviderRemovedMessage=Identity provider removed successfully.
+identityProviderAlreadyLinkedMessage=Federated identity returned by {0} is already linked to another user.
+staleCodeAccountMessage=The page expired. Please try one more time.
+consentDenied=Consent denied.
+
+accountDisabledMessage=Account is disabled, contact admin.
+
+accountTemporarilyDisabledMessage=Account is temporarily disabled, contact admin or try again later.
+invalidPasswordMinLengthMessage=Invalid password: minimum length {0}.
+invalidPasswordMinLowerCaseCharsMessage=Invalid password: must contain at least {0} lower case characters.
+invalidPasswordMinDigitsMessage=Invalid password: must contain at least {0} numerical digits.
+invalidPasswordMinUpperCaseCharsMessage=Invalid password: must contain at least {0} upper case characters.
+invalidPasswordMinSpecialCharsMessage=Invalid password: must contain at least {0} special characters.
+invalidPasswordNotUsernameMessage=Invalid password: must not be equal to the username.
+invalidPasswordRegexPatternMessage=Invalid password: fails to match regex pattern(s).
+invalidPasswordHistoryMessage=Invalid password: must not be equal to any of last {0} passwords.
+invalidPasswordBlacklistedMessage=Invalid password: password is blacklisted.
+invalidPasswordGenericMessage=Invalid password: new password doesn''t match password policies.
+
+locale_ca=Catal\u00E0
+locale_de=Deutsch
+locale_en=English
+locale_es=Espa\u00F1ol
+locale_fr=Fran\u00e7ais
+locale_it=Italian
+locale_ja=\u65E5\u672C\u8A9E
+locale_nl=Nederlands
+locale_no=Norsk
+locale_lt=Lietuvi\u0173
+locale_pt-BR=Portugu\u00EAs (Brasil)
+locale_ru=\u0420\u0443\u0441\u0441\u043A\u0438\u0439
+locale_sv=Svenska
+locale_zh-CN=\u4e2d\u6587\u7b80\u4f53

account/messages/messages_de.properties

@@ -0,0 +1,147 @@
+doLogOutAllSessions=Alle Sitzungen abmelden
+doSave=Speichern
+doCancel=Abbrechen
+doRemove=Entfernen
+doAdd=Hinzuf\u00FCgen
+doSignOut=Abmelden
+
+editAccountHtmlTitle=Benutzerkonto bearbeiten
+federatedIdentitiesHtmlTitle=F\u00F6derierte Identit\u00E4ten
+accountLogHtmlTitle=Benutzerkonto Log
+changePasswordHtmlTitle=Passwort \u00C4ndern
+sessionsHtmlTitle=Sitzungen
+accountManagementTitle=Keycloak Benutzerkontoverwaltung
+authenticatorTitle=Authenticator
+applicationsHtmlTitle=Applikationen
+
+authenticatorCode=One-time Code
+email=E-Mail
+firstName=Vorname
+givenName=Vorname
+fullName=Voller Name
+lastName=Nachname
+familyName=Nachname
+password=Passwort
+passwordConfirm=Passwortbest\u00E4tigung
+passwordNew=Neues Passwort
+username=Benutzernamen
+address=Adresse
+street=Stra\u00DFe
+region=Staat, Provinz, Region
+postal_code=PLZ
+locality=Stadt oder Ortschaft
+country=Land
+emailVerified=E-Mail verifiziert
+gssDelegationCredential=GSS delegierte Berechtigung
+
+role_admin=Admin
+role_realm-admin=Realm Admin
+role_create-realm=Realm erstellen
+role_view-realm=Realm ansehen
+role_view-users=Benutzer ansehen
+role_view-applications=Applikationen ansehen
+role_view-clients=Clients ansehen
+role_view-events=Events ansehen
+role_view-identity-providers=Identity Provider ansehen
+role_manage-realm=Realm verwalten
+role_manage-users=Benutzer verwalten
+role_manage-applications=Applikationen verwalten
+role_manage-identity-providers=Identity Provider verwalten
+role_manage-clients=Clients verwalten
+role_manage-events=Events verwalten
+role_view-profile=Profile ansehen
+role_manage-account=Profile verwalten
+role_read-token=Token lesen
+role_offline-access=Offline-Zugriff
+client_account=Konto
+client_realm-management=Realm-Management
+client_broker=Broker
+
+
+requiredFields=Erforderliche Felder
+allFieldsRequired=Alle Felder sind erforderlich
+
+backToApplication=« Zur\u00FCck zur Applikation
+backTo=Zur\u00FCck zu {0}
+
+date=Datum
+event=Ereignis
+ip=IP
+client=Client
+clients=Clients
+details=Details
+started=Startdatum
+lastAccess=Letzter Zugriff
+expires=Ablaufdatum
+applications=Applikationen
+
+account=Benutzerkonto
+federatedIdentity=F\u00F6derierte Identit\u00E4t
+authenticator=Authenticator
+sessions=Sitzungen
+log=Log
+
+application=Applikation
+availablePermissions=verf\u00FCgbare Berechtigungen
+grantedPermissions=gew\u00E4hrte Berechtigungen
+grantedPersonalInfo=gew\u00E4hrte pers\u00F6nliche Informationen
+additionalGrants=zus\u00E4tzliche Berechtigungen
+action=Aktion
+inResource=in
+fullAccess=Vollzugriff
+offlineToken=Offline-Token
+revoke=Berechtigung widerrufen
+
+configureAuthenticators=Authenticatoren konfigurieren
+mobile=Mobile
+totpStep1=Installieren Sie <a href="https://freeotp.github.io/" target="_blank">FreeOTP</a> oder <a href="http://code.google.com/p/google-authenticator/" target="_blank">Google Authenticator</a> auf Ihrem Smartphone.
+totpStep2=\u00D6ffnen Sie die Applikation und scannen Sie den Barcode oder geben Sie den Code ein.
+totpStep3=Geben Sie den von der Applikation generierten One-time Code ein und klicken Sie auf Speichern.
+
+missingUsernameMessage=Bitte geben Sie einen Benutzernamen ein.
+missingFirstNameMessage=Bitte geben Sie einen Vornamen ein.
+missingEmailMessage=Bitte geben Sie eine E-Mail Adresse ein.
+missingLastNameMessage=Bitte geben Sie einen Nachnamen ein.
+missingPasswordMessage=Bitte geben Sie ein Passwort ein.
+notMatchPasswordMessage=Passw\u00F6rter sind nicht identisch.
+
+missingTotpMessage=Bitte geben Sie den One-time Code ein.
+invalidPasswordExistingMessage=Das aktuelle Passwort is ung\u00FCltig.
+invalidPasswordConfirmMessage=Die Passwortbest\u00E4tigung ist nicht identisch.
+invalidTotpMessage=Ung\u00FCltiger One-time Code.
+invalidEmailMessage=Ung\u00FCltige E-Mail Adresse.
+invalidPasswordBlacklistedMessage=Passwort ist nicht erlaubt.
+
+usernameExistsMessage=Der Benutzername existiert bereits.
+emailExistsMessage=Die E-Mail-Adresse existiert bereits.
+
+readOnlyUserMessage=Sie k\u00F6nnen dieses Benutzerkonto nicht \u00E4ndern, da es schreibgesch\u00FCtzt ist.
+readOnlyPasswordMessage=Sie k\u00F6nnen dieses Passwort nicht \u00E4ndern, da es schreibgesch\u00FCtzt ist.
+
+successTotpMessage=Mobile Authentifizierung eingerichtet.
+successTotpRemovedMessage=Mobile Authentifizierung entfernt.
+
+successGrantRevokedMessage=Berechtigung erfolgreich widerrufen.
+
+accountUpdatedMessage=Ihr Benutzerkonto wurde aktualisiert.
+accountPasswordUpdatedMessage=Ihr Passwort wurde aktualisiert.
+
+missingIdentityProviderMessage=Identity Provider nicht angegeben.
+invalidFederatedIdentityActionMessage=Ung\u00FCltige oder fehlende Aktion.
+identityProviderNotFoundMessage=Angegebener Identity Provider nicht gefunden.
+federatedIdentityLinkNotActiveMessage=Diese Identit\u00E4t ist nicht mehr aktiv.
+federatedIdentityRemovingLastProviderMessage=Sie k\u00F6nnen den letzten Eintrag nicht entfernen, da Sie kein Passwort haben.
+identityProviderRedirectErrorMessage=Fehler bei der Weiterleitung zum Identity Provider.
+identityProviderRemovedMessage=Identity Provider erfolgreich entfernt.
+
+accountDisabledMessage=Benutzerkonto ist gesperrt, bitte kontaktieren Sie den Admin.
+
+accountTemporarilyDisabledMessage=Benutzerkonto ist tempor\u00E4r gesperrt, bitte kontaktieren Sie den Admin oder versuchen Sie es sp\u00E4ter noch einmal.
+invalidPasswordMinLengthMessage=Ung\u00FCltiges Passwort\: Minimall\u00E4nge {0}.
+invalidPasswordMinDigitsMessage=Ung\u00FCltiges Passwort\: muss mindestens {0} Zahl(en) beinhalten.
+invalidPasswordMinLowerCaseCharsMessage=Ung\u00FCltiges Passwort\: muss mindestens {0} Kleinbuchstaben beinhalten.
+invalidPasswordMinUpperCaseCharsMessage=Ung\u00FCltiges Passwort\: muss mindestens {0} Grossbuchstaben beinhalten.
+invalidPasswordMinSpecialCharsMessage=Ung\u00FCltiges Passwort\: muss mindestens {0} Spezialzeichen beinhalten.
+invalidPasswordNotUsernameMessage=Ung\u00FCltiges Passwort\: darf nicht gleich sein wie Benutzername.
+invalidPasswordRegexPatternMessage=Ung\u00FCltiges Passwort\: nicht Regex-Muster (n) entsprechen.
+invalidPasswordHistoryMessage=Ung\u00FCltiges Passwort: darf nicht einem der letzten {0} Passw\u00F6rter entsprechen.

account/messages/messages_en.properties

@@ -0,0 +1,185 @@
+# encoding: UTF-8
+locale_ca=Catal\u00E0
+locale_cs=Česky
+locale_de=Deutsch
+locale_en=English
+locale_es=Espa\u00F1ol
+locale_fr=Fran\u00e7ais
+locale_it=Italian
+locale_ja=\u65E5\u672C\u8A9E
+locale_nl=Nederlands
+locale_no=Norsk
+locale_lt=Lietuvi\u0173
+locale_pt-BR=Portugu\u00EAs (Brasil)
+locale_ru=\u0420\u0443\u0441\u0441\u043A\u0438\u0439
+locale_sv=Svenska
+locale_zh-CN=\u4e2d\u6587\u7b80\u4f53
+doSave=Save
+doCancel=Cancel
+doLogOutAllSessions=Log out all sessions
+doRemove=Remove
+doAdd=Add
+doSignOut=Sign Out
+
+editAccountHtmlTitle=Edit Account
+federatedIdentitiesHtmlTitle=Federated Identities
+accountLogHtmlTitle=Account Log
+changePasswordHtmlTitle=Change Password
+sessionsHtmlTitle=Sessions
+accountManagementTitle=Keycloak Account Management
+authenticatorTitle=Authenticator
+applicationsHtmlTitle=Applications
+
+authenticatorCode=One-time code
+email=Email
+firstName=First name
+givenName=Given name
+fullName=Full name
+lastName=Last name
+familyName=Family name
+password=Password
+passwordConfirm=Confirmation
+passwordNew=New Password
+username=Username
+address=Address
+street=Street
+locality=City or Locality
+region=State, Province, or Region
+postal_code=Zip or Postal code
+country=Country
+emailVerified=Email verified
+gssDelegationCredential=GSS Delegation Credential
+
+role_admin=Admin
+role_realm-admin=Realm Admin
+role_create-realm=Create realm
+role_view-realm=View realm
+role_view-users=View users
+role_view-applications=View applications
+role_view-clients=View clients
+role_view-events=View events
+role_view-identity-providers=View identity providers
+role_manage-realm=Manage realm
+role_manage-users=Manage users
+role_manage-applications=Manage applications
+role_manage-identity-providers=Manage identity providers
+role_manage-clients=Manage clients
+role_manage-events=Manage events
+role_view-profile=View profile
+role_manage-account=Manage account
+role_manage-account-links=Manage account links
+role_read-token=Read token
+role_offline-access=Offline access
+role_uma_authorization=Obtain permissions
+client_account=Account
+client_security-admin-console=Security Admin Console
+client_admin-cli=Admin CLI
+client_realm-management=Realm Management
+client_broker=Broker
+
+
+requiredFields=Required fields
+allFieldsRequired=All fields required
+
+backToApplication=« Back to application
+backTo=Back to {0}
+
+date=Date
+event=Event
+ip=IP
+client=Client
+clients=Clients
+details=Details
+started=Started
+lastAccess=Last Access
+expires=Expires
+applications=Applications
+
+account=Account
+federatedIdentity=Federated Identity
+authenticator=Authenticator
+sessions=Sessions
+log=Log
+
+application=Application
+availablePermissions=Available Permissions
+grantedPermissions=Granted Permissions
+grantedPersonalInfo=Granted Personal Info
+additionalGrants=Additional Grants
+action=Action
+inResource=in
+fullAccess=Full Access
+offlineToken=Offline Token
+revoke=Revoke Grant
+
+configureAuthenticators=Configured Authenticators
+mobile=Mobile
+totpStep1=Install one of the following applications on your mobile
+totpStep2=Open the application and scan the barcode
+totpStep3=Enter the one-time code provided by the application and click Save to finish the setup.
+
+totpManualStep2=Open the application and enter the key
+totpManualStep3=Use the following configuration values if the application allows setting them
+totpUnableToScan=Unable to scan?
+totpScanBarcode=Scan barcode?
+
+totp.totp=Time-based
+totp.hotp=Counter-based
+
+totpType=Type
+totpAlgorithm=Algorithm
+totpDigits=Digits
+totpInterval=Interval
+
+missingUsernameMessage=Please specify username.
+missingFirstNameMessage=Please specify first name.
+invalidEmailMessage=Invalid email address.
+missingLastNameMessage=Please specify last name.
+missingEmailMessage=Please specify email.
+missingPasswordMessage=Please specify password.
+notMatchPasswordMessage=Passwords don''t match.
+
+missingTotpMessage=Please specify authenticator code.
+invalidPasswordExistingMessage=Invalid existing password.
+invalidPasswordConfirmMessage=Password confirmation doesn''t match.
+invalidTotpMessage=Invalid authenticator code.
+
+usernameExistsMessage=Username already exists.
+emailExistsMessage=Email already exists.
+
+readOnlyUserMessage=You can''t update your account as it is read only.
+readOnlyUsernameMessage=You can''t update your username as it is read only.
+readOnlyPasswordMessage=You can''t update your password as your account is read only.
+
+successTotpMessage=Mobile authenticator configured.
+successTotpRemovedMessage=Mobile authenticator removed.
+
+successGrantRevokedMessage=Grant revoked successfully.
+
+accountUpdatedMessage=Your account has been updated.
+accountPasswordUpdatedMessage=Your password has been updated.
+
+missingIdentityProviderMessage=Identity provider not specified.
+invalidFederatedIdentityActionMessage=Invalid or missing action.
+identityProviderNotFoundMessage=Specified identity provider not found.
+federatedIdentityLinkNotActiveMessage=This identity is not active anymore.
+federatedIdentityRemovingLastProviderMessage=You can''t remove last federated identity as you don''t have password.
+identityProviderRedirectErrorMessage=Failed to redirect to identity provider.
+identityProviderRemovedMessage=Identity provider removed successfully.
+identityProviderAlreadyLinkedMessage=Federated identity returned by {0} is already linked to another user.
+staleCodeAccountMessage=The page expired. Please try one more time.
+consentDenied=Consent denied.
+
+accountDisabledMessage=Account is disabled, contact admin.
+
+accountTemporarilyDisabledMessage=Account is temporarily disabled, contact admin or try again later.
+invalidPasswordMinLengthMessage=Invalid password: minimum length {0}.
+invalidPasswordMinLowerCaseCharsMessage=Invalid password: must contain at least {0} lower case characters.
+invalidPasswordMinDigitsMessage=Invalid password: must contain at least {0} numerical digits.
+invalidPasswordMinUpperCaseCharsMessage=Invalid password: must contain at least {0} upper case characters.
+invalidPasswordMinSpecialCharsMessage=Invalid password: must contain at least {0} special characters.
+invalidPasswordNotUsernameMessage=Invalid password: must not be equal to the username.
+invalidPasswordRegexPatternMessage=Invalid password: fails to match regex pattern(s).
+invalidPasswordHistoryMessage=Invalid password: must not be equal to any of last {0} passwords.
+invalidPasswordBlacklistedMessage=Invalid password: password is blacklisted.
+invalidPasswordGenericMessage=Invalid password: new password doesn''t match password policies.

account/messages/messages_es.properties

@@ -0,0 +1,147 @@
+doSave=Guardar
+doCancel=Cancelar
+doLogOutAllSessions=Desconectar de todas las sesiones
+doRemove=Eliminar
+doAdd=A\u00F1adir
+doSignOut=Desconectar
+
+editAccountHtmlTitle=Editar cuenta
+federatedIdentitiesHtmlTitle=Identidades federadas
+accountLogHtmlTitle=Registro de la cuenta
+changePasswordHtmlTitle=Cambiar contrase\u00F1a
+sessionsHtmlTitle=Sesiones
+accountManagementTitle=Gesti\u00F3n de Cuenta Keycloak
+authenticatorTitle=Autenticador
+applicationsHtmlTitle=Aplicaciones
+
+authenticatorCode=C\u00F3digo de un solo uso
+email=Email
+firstName=Nombre
+givenName=Nombre de pila
+fullName=Nombre completo
+lastName=Apellidos
+familyName=Apellido
+password=Contrase\u00F1a
+passwordConfirm=Confirma la contrase\u00F1a
+passwordNew=Nueva contrase\u00F1a
+username=Usuario
+address=Direcci\u00F3n
+street=Calle
+locality=Ciudad o Municipio
+region=Estado, Provincia, o Regi\u00F3n
+postal_code=C\u00F3digo Postal
+country=Pa\u00EDs
+emailVerified=Email verificado
+gssDelegationCredential=GSS Delegation Credential
+
+role_admin=Administrador
+role_realm-admin=Administrador del dominio
+role_create-realm=Crear dominio
+role_view-realm=Ver dominio
+role_view-users=Ver usuarios
+role_view-applications=Ver aplicaciones
+role_view-clients=Ver clientes
+role_view-events=Ver eventos
+role_view-identity-providers=Ver proveedores de identidad
+role_manage-realm=Gestionar dominio
+role_manage-users=Gestionar usuarios
+role_manage-applications=Gestionar aplicaciones
+role_manage-identity-providers=Gestionar proveedores de identidad
+role_manage-clients=Gestionar clientes
+role_manage-events=Gestionar eventos
+role_view-profile=Ver perfil
+role_manage-account=Gestionar cuenta
+role_read-token=Leer token
+role_offline-access=Acceso sin conexi\u00F3n
+client_account=Cuenta
+client_security-admin-console=Consola de Administraci\u00F3n de Seguridad
+client_realm-management=Gesti\u00F3n de dominio
+client_broker=Broker
+
+
+requiredFields=Campos obligatorios
+allFieldsRequired=Todos los campos obligatorios
+
+backToApplication=« Volver a la aplicaci\u00F3n
+backTo=Volver a {0}
+
+date=Fecha
+event=Evento
+ip=IP
+client=Cliente
+clients=Clientes
+details=Detalles
+started=Iniciado
+lastAccess=\u00DAltimo acceso
+expires=Expira
+applications=Aplicaciones
+
+account=Cuenta
+federatedIdentity=Identidad federada
+authenticator=Autenticador
+sessions=Sesiones
+log=Regisro
+
+application=Aplicaci\u00F3n
+availablePermissions=Permisos disponibles
+grantedPermissions=Permisos concedidos
+grantedPersonalInfo=Informaci\u00F3n personal concedida
+additionalGrants=Permisos adicionales
+action=Acci\u00F3n
+inResource=en
+fullAccess=Acceso total
+offlineToken=C\u00F3digo de autorizaci\u00F3n offline
+revoke=Revocar permiso
+
+configureAuthenticators=Autenticadores configurados
+mobile=M\u00F3vil
+totpStep1=Instala <a href=\"https://freeotp.github.io/\" target=\"_blank\">FreeOTP</a> o Google Authenticator en tu tel\u00E9fono m\u00F3vil. Ambas aplicaciones est\u00E1n disponibles en <a href=\"https://play.google.com\">Google Play</a> y en la App Store de Apple.
+totpStep2=Abre la aplicaci\u00F3n y escanea el c\u00F3digo o introduce la clave.
+totpStep3=Introduce el c\u00F3digo \u00FAnico que te muestra la aplicaci\u00F3n de autenticaci\u00F3n y haz clic en Enviar para finalizar la configuraci\u00F3n
+
+missingUsernameMessage=Por favor indica tu usuario.
+missingFirstNameMessage=Por favor indica el nombre.
+invalidEmailMessage=Email no v\u00E1lido
+missingLastNameMessage=Por favor indica tus apellidos.
+missingEmailMessage=Por favor indica el email.
+missingPasswordMessage=Por favor indica tu contrase\u00F1a.
+notMatchPasswordMessage=Las contrase\u00F1as no coinciden.
+
+missingTotpMessage=Por favor indica tu c\u00F3digo de autenticaci\u00F3n
+invalidPasswordExistingMessage=La contrase\u00F1a actual no es correcta.
+invalidPasswordConfirmMessage=La confirmaci\u00F3n de contrase\u00F1a no coincide.
+invalidTotpMessage=El c\u00F3digo de autenticaci\u00F3n no es v\u00E1lido.
+
+usernameExistsMessage=El usuario ya existe
+emailExistsMessage=El email ya existe
+
+readOnlyUserMessage=No puedes actualizar tu usuario porque tu cuenta es de solo lectura.
+readOnlyPasswordMessage=No puedes actualizar tu contrase\u00F1a porque tu cuenta es de solo lectura.
+
+successTotpMessage=Aplicaci\u00F3n de autenticaci\u00F3n m\u00F3vil configurada.
+successTotpRemovedMessage=Aplicaci\u00F3n de autenticaci\u00F3n m\u00F3vil eliminada.
+
+successGrantRevokedMessage=Permiso revocado correctamente
+
+accountUpdatedMessage=Tu cuenta se ha actualizado.
+accountPasswordUpdatedMessage=Tu contrase\u00F1a se ha actualizado.
+
+missingIdentityProviderMessage=Proveedor de identidad no indicado.
+invalidFederatedIdentityActionMessage=Acci\u00F3n no v\u00E1lida o no indicada.
+identityProviderNotFoundMessage=No se encontr\u00F3 un proveedor de identidad.
+federatedIdentityLinkNotActiveMessage=Esta identidad ya no est\u00E1 activa
+federatedIdentityRemovingLastProviderMessage=No puedes eliminar la \u00FAltima identidad federada porque no tienes fijada una contrase\u00F1a.
+identityProviderRedirectErrorMessage=Error en la redirecci\u00F3n al proveedor de identidad
+identityProviderRemovedMessage=Proveedor de identidad borrado correctamente.
+
+accountDisabledMessage=La cuenta est\u00E1 desactivada, contacta con el administrador.
+
+accountTemporarilyDisabledMessage=La cuenta est\u00E1 temporalmente desactivada, contacta con el administrador o int\u00E9ntalo de nuevo m\u00E1s tarde.
+invalidPasswordMinLengthMessage=Contrase\u00F1a incorrecta: longitud m\u00EDnima {0}.
+invalidPasswordMinLowerCaseCharsMessage=Contrase\u00F1a incorrecta: debe contener al menos {0} letras min\u00FAsculas.
+invalidPasswordMinDigitsMessage=Contrase\u00F1a incorrecta: debe contener al menos {0} caracteres num\u00E9ricos.
+invalidPasswordMinUpperCaseCharsMessage=Contrase\u00F1a incorrecta: debe contener al menos {0} letras may\u00FAsculas.
+invalidPasswordMinSpecialCharsMessage=Contrase\u00F1a incorrecta: debe contener al menos {0} caracteres especiales.
+invalidPasswordNotUsernameMessage=Contrase\u00F1a incorrecta: no puede ser igual al nombre de usuario.
+invalidPasswordRegexPatternMessage=Contrase\u00F1a incorrecta: no cumple la expresi\u00F3n regular.
+invalidPasswordHistoryMessage=Contrase\u00F1a incorrecta: no puede ser igual a ninguna de las \u00FAltimas {0} contrase\u00F1as.

account/messages/messages_fr.properties

@@ -0,0 +1,152 @@
+# TIPS to encode UTF-8 to ISO
+# native2ascii -encoding ISO8859_1 srcFile > dstFile
+
+doSave=Sauvegarder
+doCancel=Annuler
+doLogOutAllSessions=D\u00e9connexion de toutes les sessions
+doRemove=Supprimer
+doAdd=Ajouter
+doSignOut=D\u00e9connexion
+
+editAccountHtmlTitle=\u00c9dition du compte
+federatedIdentitiesHtmlTitle=Identit\u00e9s f\u00e9d\u00e9r\u00e9es
+accountLogHtmlTitle=Acc\u00e8s au compte
+changePasswordHtmlTitle=Changer de mot de passe
+sessionsHtmlTitle=Sessions
+accountManagementTitle=Gestion de Compte Keycloak
+authenticatorTitle=Authentification
+applicationsHtmlTitle=Applications
+
+authenticatorCode=Mot de passe unique
+email=Courriel
+firstName=Pr\u00e9nom
+givenName=Pr\u00e9nom
+fullName=Nom Complet
+lastName=Nom
+familyName=Nom de Famille
+password=Mot de passe
+passwordConfirm=Confirmation
+passwordNew=Nouveau mot de passe
+username=Compte
+address=Adresse
+street=Rue
+locality=Ville ou Localit\u00e9
+region=\u00c9tat, Province ou R\u00e9gion
+postal_code=Code Postal
+country=Pays
+emailVerified=Courriel v\u00e9rifi\u00e9
+gssDelegationCredential=Accr\u00e9ditation de d\u00e9l\u00e9gation GSS
+
+role_admin=Administrateur
+role_realm-admin=Administrateur du domaine
+role_create-realm=Cr\u00e9er un domaine
+role_view-realm=Voir un domaine
+role_view-users=Voir les utilisateurs
+role_view-applications=Voir les applications
+role_view-clients=Voir les clients
+role_view-events=Voir les \u00e9v\u00e9nements
+role_view-identity-providers=Voir les fournisseurs d''identit\u00e9s
+role_manage-realm=G\u00e9rer le domaine
+role_manage-users=G\u00e9rer les utilisateurs
+role_manage-applications=G\u00e9rer les applications
+role_manage-identity-providers=G\u00e9rer les fournisseurs d''identit\u00e9s
+role_manage-clients=G\u00e9rer les clients
+role_manage-events=G\u00e9rer les \u00e9v\u00e9nements
+role_view-profile=Voir le profil
+role_manage-account=G\u00e9rer le compte
+role_read-token=Lire le jeton d''authentification
+role_offline-access=Acc\u00e8s hors-ligne
+client_account=Compte
+client_security-admin-console=Console d''administration de la s\u00e9curit\u00e9
+client_admin-cli=Admin CLI
+client_realm-management=Gestion du domaine
+client_broker=Broker
+
+
+requiredFields=Champs obligatoires
+allFieldsRequired=Tous les champs sont obligatoires
+
+backToApplication=« Revenir \u00e0 l''application
+backTo=Revenir \u00e0 {0}
+
+date=Date
+event=Ev\u00e9nement
+ip=IP
+client=Client
+clients=Clients
+details=D\u00e9tails
+started=D\u00e9but
+lastAccess=Dernier acc\u00e8s
+expires=Expiration
+applications=Applications
+
+account=Compte
+federatedIdentity=Identit\u00e9 f\u00e9d\u00e9r\u00e9e
+authenticator=Authentification
+sessions=Sessions
+log=Connexion
+
+application=Application
+availablePermissions=Permissions disponibles
+grantedPermissions=Permissions accord\u00e9es
+grantedPersonalInfo=Informations personnelles accord\u00e9es
+additionalGrants=Droits additionnels
+action=Action
+inResource=dans
+fullAccess=Acc\u00e8s complet
+offlineToken=Jeton d''authentification hors-ligne
+revoke=R\u00e9voquer un droit
+
+configureAuthenticators=Authentifications configur\u00e9es.
+mobile=T\u00e9l\u00e9phone mobile
+totpStep1=Installez <a href="https://freeotp.github.io/" target="_blank">FreeOTP</a> ou bien Google Authenticator sur votre mobile. Ces deux applications sont disponibles sur <a href="https://play.google.com">Google Play</a> et Apple App Store.
+totpStep2=Ouvrez l''application et scannez le code-barres ou entrez la clef.
+totpStep3=Entrez le code \u00e0 usage unique fourni par l''application et cliquez sur Sauvegarder pour terminer.
+
+missingUsernameMessage=Veuillez entrer votre nom d''utilisateur.
+missingFirstNameMessage=Veuillez entrer votre pr\u00e9nom.
+invalidEmailMessage=Courriel invalide.
+missingLastNameMessage=Veuillez entrer votre nom.
+missingEmailMessage=Veuillez entrer votre courriel.
+missingPasswordMessage=Veuillez entrer votre mot de passe.
+notMatchPasswordMessage=Les mots de passe ne sont pas identiques
+
+missingTotpMessage=Veuillez entrer le code d''authentification.
+invalidPasswordExistingMessage=Mot de passe existant invalide.
+invalidPasswordConfirmMessage=Le mot de passe de confirmation ne correspond pas.
+invalidTotpMessage=Le code d''authentification est invalide.
+
+usernameExistsMessage=Le nom d''utilisateur existe d\u00e9j\u00e0.
+emailExistsMessage=Le courriel existe d\u00e9j\u00e0.
+
+readOnlyUserMessage=Vous ne pouvez pas mettre \u00e0 jour votre compte car il est en lecture seule.
+readOnlyPasswordMessage=Vous ne pouvez pas mettre \u00e0 jour votre mot de passe car votre compte est en lecture seule.
+
+successTotpMessage=L''authentification via t\u00e9l\u00e9phone mobile est configur\u00e9e.
+successTotpRemovedMessage=L''authentification via t\u00e9l\u00e9phone mobile est supprim\u00e9e.
+
+successGrantRevokedMessage=Droit r\u00e9voqu\u00e9 avec succ\u00e8s.
+
+accountUpdatedMessage=Votre compte a \u00e9t\u00e9 mis \u00e0 jour.
+accountPasswordUpdatedMessage=Votre mot de passe a \u00e9t\u00e9 mis \u00e0 jour.
+
+missingIdentityProviderMessage=Le fournisseur d''identit\u00e9 n''est pas sp\u00e9cifi\u00e9.
+invalidFederatedIdentityActionMessage=Action manquante ou invalide.
+identityProviderNotFoundMessage=Le fournisseur d''identit\u00e9 sp\u00e9cifi\u00e9 n''est pas trouv\u00e9.
+federatedIdentityLinkNotActiveMessage=Cette identit\u00e9 n''est plus active dor\u00e9navant.
+federatedIdentityRemovingLastProviderMessage=Vous ne pouvez pas supprimer votre derni\u00e8re f\u00e9d\u00e9ration d''identit\u00e9 sans avoir de mot de passe sp\u00e9cifi\u00e9.
+identityProviderRedirectErrorMessage=Erreur de redirection vers le fournisseur d''identit\u00e9.
+identityProviderRemovedMessage=Le fournisseur d''identit\u00e9 a \u00e9t\u00e9 supprim\u00e9 correctement.
+identityProviderAlreadyLinkedMessage=Le fournisseur d''identit\u00e9 retourn\u00e9 par {0} est d\u00e9j\u00e0 li\u00e9 \u00e0 un autre utilisateur.
+
+accountDisabledMessage=Ce compte est d\u00e9sactiv\u00e9, veuillez contacter votre administrateur.
+
+accountTemporarilyDisabledMessage=Ce compte est temporairement d\u00e9sactiv\u00e9, veuillez contacter votre administrateur ou r\u00e9essayez plus tard.
+invalidPasswordMinLengthMessage=Mot de passe invalide: longueur minimale {0}.
+invalidPasswordMinLowerCaseCharsMessage=Mot de passe invalide: doit contenir au moins {0} lettre(s) en minuscule.
+invalidPasswordMinDigitsMessage=Mot de passe invalide: doit contenir au moins {0} chiffre(s).
+invalidPasswordMinUpperCaseCharsMessage=Mot de passe invalide: doit contenir au moins {0} lettre(s) en majuscule.
+invalidPasswordMinSpecialCharsMessage=Mot de passe invalide: doit contenir au moins {0} caract\u00e8re(s) sp\u00e9ciaux.
+invalidPasswordNotUsernameMessage=Mot de passe invalide: ne doit pas \u00eatre identique au nom d''utilisateur.
+invalidPasswordRegexPatternMessage=Mot de passe invalide: ne valide pas l''expression rationnelle.
+invalidPasswordHistoryMessage=Mot de passe invalide: ne doit pas \u00eatre \u00e9gal aux {0} derniers mots de passe.

account/messages/messages_it.properties

@@ -0,0 +1,153 @@
+doSave=Salva
+doCancel=Annulla
+doLogOutAllSessions=Effettua il blog out da tutte le sessioni
+doRemove=Elimina
+doAdd=Aggiungi
+doSignOut=Esci
+
+editAccountHtmlTitle=Modifica Account
+federatedIdentitiesHtmlTitle=Federated Identities
+accountLogHtmlTitle=Account Log
+changePasswordHtmlTitle=Cambia Password
+sessionsHtmlTitle=Sessioni
+accountManagementTitle=Keycloak Account Management
+authenticatorTitle=Authenticator
+applicationsHtmlTitle=Applicazioni
+
+authenticatorCode=Codice One-time
+email=Email
+firstName=Nome
+givenName=Nome
+fullName=Nome Completo
+lastName=Cognome
+familyName=Cognome
+password=Password
+passwordConfirm=Conferma Password
+passwordNew=Nuova Password
+username=Username
+address=Indirizzo
+street=Via
+locality=Citt\u00e0 o Localit\u00e0
+region=Stato, Provincia, o Regione
+postal_code=CAP
+country=Paese
+emailVerified=Email verificata
+gssDelegationCredential=Credenziali GSS Delegation
+
+role_admin=Admin
+role_realm-admin=Realm Admin
+role_create-realm=Crea realm
+role_view-realm=Visualizza realm
+role_view-users=Visualizza utenti
+role_view-applications=Visualizza applicazioni
+role_view-clients=Visualizza client
+role_view-events=Visualizza eventi
+role_view-identity-providers=Visualizza identity provider
+role_manage-realm=Gestisci realm
+role_manage-users=Gestisci utenti
+role_manage-applications=Gestisci applicazioni
+role_manage-identity-providers=Gestisci identity provider
+role_manage-clients=Gestisci i client
+role_manage-events=Gestisci eventi
+role_view-profile=Visualizza profilo
+role_manage-account=Gestisci account
+role_read-token=Leggi token
+role_offline-access=Accesso offline
+role_uma_authorization=Ottieni permessi
+client_account=Account
+client_security-admin-console=Security Admin Console
+client_admin-cli=Admin CLI
+client_realm-management=Gestione Realm
+client_broker=Broker
+
+
+requiredFields=Campi obbligatori
+allFieldsRequired=Tutti campi obbligatori
+
+backToApplication=« Torna all''applicazione
+backTo=Torna a {0}
+
+date=Data
+event=Evento
+ip=IP
+client=Client
+clients=Clients
+details=Dettagli
+started=Iniziato
+lastAccess=Ultimo accesso
+expires=Scade
+applications=Applicazioni
+
+account=Account
+federatedIdentity=Federated Identity
+authenticator=Authenticator
+sessions=Sessioni
+log=Log
+
+application=Applicazione
+availablePermissions=Permessi disponibili
+grantedPermissions=Permessi concessi
+grantedPersonalInfo=Informazioni Personali concesse
+additionalGrants=Concessioni addizionali
+action=Azione
+inResource=in
+fullAccess=Accesso completo
+offlineToken=Token offline
+revoke=Revoca concessione
+
+configureAuthenticators=Configura Authenticators
+mobile=Mobile
+totpStep1=Installa <a href="https://freeotp.github.io/" target="_blank">FreeOTP</a> o <a href="http://code.google.com/p/google-authenticator/" target="_blank">Google Authenticator</a> sul tuo dispositivo mobile.
+totpStep2=Apri l''applicazione e scansiona il barcode o scrivi la chiave.
+totpStep3=Scrivi il codice one-time fornito dall''applicazione e clicca Salva per completare il setup.
+
+missingUsernameMessage=Inserisci la username.
+missingFirstNameMessage=Inserisci il nome.
+invalidEmailMessage=Indirizzo email non valido.
+missingLastNameMessage=Inserisci il cognome.
+missingEmailMessage=Inserisci l''indirizzo email.
+missingPasswordMessage=Inserisci la password.
+notMatchPasswordMessage=Le password non corrispondono.
+
+missingTotpMessage=Inserisci il codice di autenticazione.
+invalidPasswordExistingMessage=Password esistente non valida.
+invalidPasswordConfirmMessage=La password di conferma non coincide.
+invalidTotpMessage=Codice di autenticazione non valido.
+
+usernameExistsMessage=Username gi\u00e0 esistente.
+emailExistsMessage=Email gi\u00e0 esistente.
+
+readOnlyUserMessage=Non puoi aggiornare il tuo account dal momento che \u00e8 in modalit\u00e0 sola lettura.
+readOnlyPasswordMessage=Non puoi aggiornare il tuo account dal momento che \u00e8 in modalit\u00e0 sola lettura.
+
+successTotpMessage=Mobile authenticator configurato.
+successTotpRemovedMessage=Mobile authenticator eliminato.
+
+successGrantRevokedMessage=Concessione revocata correttamente.
+
+accountUpdatedMessage=Il tuo account \u00e8 stato aggiornato.
+accountPasswordUpdatedMessage=La tua password \u00e8 stata aggiornata.
+
+missingIdentityProviderMessage=Identity provider non specificata.
+invalidFederatedIdentityActionMessage=Azione non valida o mancante.
+identityProviderNotFoundMessage=L''identity provider specificato non \u00e8 stato trovato.
+federatedIdentityLinkNotActiveMessage=Questo identity non \u00e8 pi\u00f9 attivo.
+federatedIdentityRemovingLastProviderMessage=Non puoi rimuovere l''ultimo federated identity dal momento che non hai pi\u00f9 la password.
+identityProviderRedirectErrorMessage=Il reindirizzamento all''identity provider \u00e8 fallito.
+identityProviderRemovedMessage=Identity provider eliminato correttamente.
+identityProviderAlreadyLinkedMessage=Federated identity ritornata da {0} \u00e8 gi\u00e0 collegata ad un altro utente.
+staleCodeAccountMessage=La pagina \u00e8 scaduta. Riprova di nuovo.
+consentDenied=Permesso negato.
+
+accountDisabledMessage=Account disabilitato, contatta l''amministratore.
+
+accountTemporarilyDisabledMessage=L''account \u00e8 temporaneamente disabilitato, contatta l''amministratore o riprova pi\u00f9 tardi. 
+invalidPasswordMinLengthMessage=Password non valida: lunghezza minima {0}.
+invalidPasswordMinLowerCaseCharsMessage=Password non valida: deve contenere almeno {0} caratteri minuscoli.
+invalidPasswordMinDigitsMessage=Password non valida: deve contenere almeno {0} numeri.
+invalidPasswordMinUpperCaseCharsMessage=Password non valida: deve contenere almeno {0} caratteri maiuscoli.
+invalidPasswordMinSpecialCharsMessage=Password non valida: deve contenere almeno {0} caratteri speciali.
+invalidPasswordNotUsernameMessage=Password non valida: non deve essere uguale alla username.
+invalidPasswordRegexPatternMessage=Password non valida: fallito il match con una o pi\u00f9 espressioni regolari.
+invalidPasswordHistoryMessage=Password non valida: non deve essere uguale a nessuna delle ultime {0} password.
+invalidPasswordGenericMessage=Password non valida: la nuova password non rispetta le indicazioni previste.

account/messages/messages_ja.properties

@@ -0,0 +1,153 @@
+# encoding: utf-8
+doSave=保存
+doCancel=キャンセル
+doLogOutAllSessions=全セッションからログアウト
+doRemove=削除
+doAdd=追加
+doSignOut=サインアウト
+
+editAccountHtmlTitle=アカウントの編集
+federatedIdentitiesHtmlTitle=Federated Identities
+accountLogHtmlTitle=アカウントログ
+changePasswordHtmlTitle=パスワード変更
+sessionsHtmlTitle=セッション
+accountManagementTitle=Keycloak アカウント管理
+authenticatorTitle=Authenticator
+applicationsHtmlTitle=アプリケーション
+
+authenticatorCode=ワンタイムコード
+email=Eメール
+firstName=名
+givenName=名
+fullName=氏名
+lastName=姓
+familyName=姓
+password=パスワード
+passwordConfirm=新しいパスワード (確認)
+passwordNew=新しいパスワード
+username=ユーザー名
+address=住所
+street=番地
+locality=市区町村
+region=都道府県
+postal_code=郵便番号
+country=国
+emailVerified=確認済みEメール
+gssDelegationCredential=GSS 代行クレデンシャル
+
+role_admin=管理者
+role_realm-admin=レルムの管理
+role_create-realm=レルムの作成
+role_view-realm=レルムの参照
+role_view-users=ユーザーの参照
+role_view-applications=アプリケーションの参照
+role_view-clients=クライアントの参照
+role_view-events=イベントの参照
+role_view-identity-providers=アイデンティティ プロバイダーの参照
+role_manage-realm=レルムの管理
+role_manage-users=ユーザーの管理
+role_manage-applications=アプリケーションの管理
+role_manage-identity-providers=アイデンティティ プロバイダーの管理
+role_manage-clients=クライアントの管理
+role_manage-events=イベントの管理
+role_view-profile=プロフィールの参照
+role_manage-account=アカウントの管理
+role_read-token=トークンの参照
+role_offline-access=オフラインアクセス
+role_uma_authorization=アクセス権の取得
+client_account=アカウント
+client_security-admin-console=セキュリティ管理コンソール
+client_admin-cli=管理 CLI
+client_realm-management=レルム管理
+client_broker=ブローカー
+
+
+requiredFields=必須
+allFieldsRequired=全ての入力項目が必須
+
+backToApplication=« アプリケーションに戻る
+backTo={0} に戻る
+
+date=日付
+event=イベント
+ip=IP
+client=クライアント
+clients=クライアント
+details=詳細
+started=開始
+lastAccess=最終アクセス
+expires=有効期限
+applications=アプリケーション
+
+account=アカウント
+federatedIdentity=Federated Identity
+authenticator=Authenticator
+sessions=セッション
+log=ログ
+
+application=アプリケーション
+availablePermissions=使用可能なアクセス権
+grantedPermissions=許可されたアクセス権
+grantedPersonalInfo=許可された個人情報
+additionalGrants=追加の許可
+action=アクション
+inResource=in
+fullAccess=フルアクセス
+offlineToken=オフライントークン
+revoke=許可の取り消し
+
+configureAuthenticators=設定済みの Authenticator
+mobile=モバイル
+totpStep1=<a href="https://freeotp.github.io/" target="_blank">FreeOTP</a> または Google Authenticator (Google認証システム) をご自身のデバイスにインストールしてください。これらのアプリケーションは <a href="https://play.google.com">Google Play</a> と Apple App Store で入手できます。
+totpStep2=アプリケーションを開きバーコードをスキャンするかキーを入力してください。
+totpStep3=アプリケーションで提供されたワンタイムコードを入力して保存をクリックし、セットアップを完了してください。
+
+missingUsernameMessage=ユーザー名を入力してください。
+missingFirstNameMessage=名を入力してください。
+invalidEmailMessage=無効なメールアドレスです。
+missingLastNameMessage=姓を入力してください。
+missingEmailMessage=Eメールを入力してください。
+missingPasswordMessage=パスワードを入力してください。
+notMatchPasswordMessage=パスワードが一致していません。
+
+missingTotpMessage=Authenticator コードを入力してください。
+invalidPasswordExistingMessage=無効な既存のパスワードです。
+invalidPasswordConfirmMessage=新しいパスワード (確認) と一致していません。
+invalidTotpMessage=無効な Authenticator コードです。
+
+usernameExistsMessage=既に存在するユーザー名です。
+emailExistsMessage=既に存在するEメールです。
+
+readOnlyUserMessage=リードオンリーのためアカウントを更新することはできません。
+readOnlyPasswordMessage=リードオンリーのためパスワードを更新することはできません。
+
+successTotpMessage=モバイル Authenticator が設定されました。
+successTotpRemovedMessage=モバイル Authenticator が削除されました。
+
+successGrantRevokedMessage=許可が正常に取り消しされました。
+
+accountUpdatedMessage=アカウントが更新されました。
+accountPasswordUpdatedMessage=パスワードが更新されました。
+
+missingIdentityProviderMessage=アイデンティティ プロバイダーが指定されていません。
+invalidFederatedIdentityActionMessage=無効または存在しないアクションです。
+identityProviderNotFoundMessage=指定されたアイデンティティ プロバイダーが見つかりません。
+federatedIdentityLinkNotActiveMessage=このアイデンティティは有効ではありません。
+federatedIdentityRemovingLastProviderMessage=パスワードがないため最後の Federated Identity を削除できません。
+identityProviderRedirectErrorMessage=アイデンティティ プロバイダーへのリダイレクトに失敗しました。
+identityProviderRemovedMessage=アイデンティティ プロバイダーが正常に削除されました。
+identityProviderAlreadyLinkedMessage={0}から返された Federated Identity は既に他のユーザーに関連付けされています。
+staleCodeAccountMessage=有効期限切れです。再度お試しください。
+consentDenied=同意が拒否されました。
+
+accountDisabledMessage=アカウントが無効です。管理者に連絡してください。
+
+accountTemporarilyDisabledMessage=アカウントが一時的に無効です。管理者に連絡、またはしばらく時間をおいてから再度お試しください。
+invalidPasswordMinLengthMessage=無効なパスワード: 最小 {0} の長さが必要です。
+invalidPasswordMinLowerCaseCharsMessage=無効なパスワード: 少なくとも {0} 文字の小文字を含む必要があります。
+invalidPasswordMinDigitsMessage=無効なパスワード: 少なくとも {0} 文字の数字を含む必要があります。
+invalidPasswordMinUpperCaseCharsMessage=無効なパスワード: 少なくとも {0} 文字の大文字を含む必要があります。
+invalidPasswordMinSpecialCharsMessage=無効なパスワード:  少なくとも {0} 文字の特殊文字を含む必要があります。
+invalidPasswordNotUsernameMessage=無効なパスワード: ユーザー名と同じパスワードは禁止されています。
+invalidPasswordRegexPatternMessage=無効なパスワード: 正規表現パターンと一致しません。
+invalidPasswordHistoryMessage=無効なパスワード: 最近の {0} パスワードのいずれかと同じパスワードは禁止されています。

account/messages/messages_lt.properties

@@ -0,0 +1,153 @@
+doSave=Saugoti
+doCancel=At\u0161aukti
+
+doLogOutAllSessions=Atjungti visas sesijas
+doRemove=\u0160alinti
+doAdd=Prid\u0117ti
+doSignOut=Atsijungti
+
+editAccountHtmlTitle=Redaguoti paskyr\u0105
+federatedIdentitiesHtmlTitle=Susietos paskyros
+accountLogHtmlTitle=Paskyros \u017Eurnalas
+changePasswordHtmlTitle=Keisti slapta\u017Eod\u012F
+sessionsHtmlTitle=Prisijungimo sesijos
+accountManagementTitle=Keycloak Naudotoj\u0173 Administravimas
+authenticatorTitle=Autentifikatorius
+applicationsHtmlTitle=Programos
+
+authenticatorCode=Vienkartinis kodas
+email=El. pa\u0161tas
+firstName=Vardas
+givenName=Pavard\u0117
+fullName=Pilnas vardas
+lastName=Pavard\u0117
+familyName=Pavard\u0117
+password=Slapta\u017Eodis
+passwordConfirm=Pakartotas slapta\u017Eodis
+passwordNew=Naujas slapta\u017Eodis
+username=Naudotojo vardas
+address=Adresas
+street=Gatv\u0117
+locality=Miestas arba vietov\u0117
+region=Rajonas
+postal_code=Pa\u0161to kodas
+country=\u0160alis
+emailVerified=El. pa\u0161to adresas patvirtintas
+gssDelegationCredential=GSS prisijungimo duomen\u0173 delegavimas
+
+role_admin=Administratorius
+role_realm-admin=Srities administravimas
+role_create-realm=Kurti srit\u012F
+role_view-realm=Per\u017Ei\u016Br\u0117ti srit\u012F
+role_view-users=Per\u017Ei\u016Br\u0117ti naudotojus
+role_view-applications=Per\u017Ei\u016Br\u0117ti programas
+role_view-clients=Per\u017Ei\u016Br\u0117ti klientines programas
+role_view-events=Per\u017Ei\u016Br\u0117ti \u012Fvyki\u0173 \u017Eurnal\u0105
+role_view-identity-providers=Per\u017Ei\u016Br\u0117ti tapatyb\u0117s teik\u0117jus
+role_manage-realm=Valdyti sritis
+role_manage-users=Valdyti naudotojus
+role_manage-applications=Valdyti programas
+role_manage-identity-providers=Valdyti tapatyb\u0117s teik\u0117jus
+role_manage-clients=Valdyti programas
+role_manage-events=Valdyti \u012Fvykius
+role_view-profile=Per\u017Ei\u016Br\u0117ti paskyr\u0105
+role_manage-account=Valdyti paskyr\u0105
+role_read-token=Skaityti prieigos rak\u0161\u0105
+role_offline-access=Darbas neprisijungus
+role_uma_authorization=\u012Egauti UMA autorizavimo teises
+client_account=Paskyra
+client_security-admin-console=Saugumo administravimo konsol\u0117
+client_admin-cli=Administravimo CLI
+client_realm-management=Srities valdymas
+client_broker=Tarpininkas
+
+
+requiredFields=Privalomi laukai
+allFieldsRequired=Visi laukai yra privalomi
+
+backToApplication=« Gr\u012F\u017Eti \u012F program\u0105
+backTo=Atgal \u012F {0}
+
+date=Data
+event=\u012Evykis
+ip=IP
+client=Klientas
+clients=Klientai
+details=Detaliau
+started=Suk\u016Brimo laikas
+lastAccess=V\u0117liausia prieiga
+expires=Galioja iki
+applications=Programos
+
+account=Paskyra
+federatedIdentity=Susieta tapatyb\u0117
+authenticator=Autentifikatorius
+sessions=Sesijos
+log=\u012Evykiai
+
+application=Programa
+availablePermissions=Galimos teis\u0117s
+grantedPermissions=\u012Egalintos teis\u0117s
+grantedPersonalInfo=\u012Egalinta asmenin\u0117 informacija
+additionalGrants=Papildomi \u012Fgaliojimai
+action=Veiksmas
+inResource=yra
+fullAccess=Pilna prieiga
+offlineToken=Re\u017Eimo neprisijungus raktas (token)
+revoke=At\u0161aukti \u012Fgaliojim\u0105
+
+configureAuthenticators=Sukonfig\u016Bruotas autentifikatorius
+mobile=Mobilus
+totpStep1=\u012Ediekite <a href="https://freeotp.github.io/" target="_blank">FreeOTP</a> arba Google Authenticator savo \u012Frenginyje. Program\u0117l\u0117s prieinamos <a href="https://play.google.com">Google Play</a> ir Apple App Store.
+totpStep2=Atidarykite program\u0117l\u0119 ir nuskenuokite barkod\u0105 arba \u012Fveskite kod\u0105.
+totpStep3=\u012Eveskite program\u0117l\u0117je sugeneruot\u0105 vien\u0105 kart\u0105 galiojant\u012F kod\u0105 ir paspauskite Saugoti nor\u0117dami prisijungti.
+
+missingUsernameMessage=Pra\u0161ome \u012Fvesti naudotojo vard\u0105.
+missingFirstNameMessage=Pra\u0161ome \u012Fvesti vard\u0105.
+invalidEmailMessage=Neteisingas el. pa\u0161to adresas.
+missingLastNameMessage=Pra\u0161ome \u012Fvesti pavard\u0119.
+missingEmailMessage=Pra\u0161ome \u012Fvesti el. pa\u0161to adres\u0105.
+missingPasswordMessage=Pra\u0161ome \u012Fvesti slapta\u017Eod\u012F.
+notMatchPasswordMessage=Slapta\u017Eod\u017Eiai nesutampa.
+
+missingTotpMessage=Pra\u0161ome \u012Fvesti autentifikacijos kod\u0105.
+invalidPasswordExistingMessage=Neteisingas dabartinis slapta\u017Eodis.
+invalidPasswordConfirmMessage=Pakartotas slapta\u017Eodis nesutampa.
+invalidTotpMessage=Neteisingas autentifikacijos kodas.
+
+usernameExistsMessage=Toks naudotojas jau egzistuoja.
+emailExistsMessage=El. pa\u0161to adresas jau egzistuoja.
+
+readOnlyUserMessage=Tik skaitymui sukonfig\u016Bruotos paskyros duomen\u0173 atnaujinti neleid\u017Eiama.
+readOnlyPasswordMessage=Tik skaitymui sukonfig\u016Bruotos paskyros slapta\u017Eod\u017Eio atnaujinti neleid\u017Eiama.
+
+successTotpMessage=Mobilus autentifikatorius sukonfig\u016Bruotas.
+successTotpRemovedMessage=Mobilus autentifikatorius pa\u0161alintas.
+
+successGrantRevokedMessage=\u012Egalinimas pa\u0161alintas s\u0117kmingai.
+
+accountUpdatedMessage=J\u016Bs\u0173 paskyros duomenys s\u0117kmingai atnaujinti.
+accountPasswordUpdatedMessage=J\u016Bs\u0173 paskyros slapta\u017Eodis pakeistas.
+
+missingIdentityProviderMessage=Nenurodytas tapatyb\u0117s teik\u0117jas.
+invalidFederatedIdentityActionMessage=Neteisingas arba ne\u017Einomas veiksmas.
+identityProviderNotFoundMessage=Nurodytas tapatyb\u0117s teik\u0117jas nerastas.
+federatedIdentityLinkNotActiveMessage=Nurodyta susieta tapatyb\u0117 neaktyvi.
+federatedIdentityRemovingLastProviderMessage=J\u016Bs negalite pa\u0161alinti paskutinio tapatyb\u0117s teik\u0117jo s\u0105sajos, nes J\u016Bs neturite nusistat\u0119 paskyros slapta\u017Eod\u017Eio.
+identityProviderRedirectErrorMessage=Klaida nukreipiant \u012F tapatyb\u0117s teik\u0117jo puslap\u012F.
+identityProviderRemovedMessage=Tapatyb\u0117s teik\u0117jas s\u0117kmingai pa\u0161alintas.
+identityProviderAlreadyLinkedMessage=Susieta tapatyb\u0117 i\u0161 {0} jau susieta su kita paskyra.
+staleCodeAccountMessage=Puslapio galiojimas baig\u0117si. Bandykite dar kart\u0105.
+consentDenied=Prieiga draud\u017Eiama.
+
+accountDisabledMessage=Paskyros galiojimas sustabdytas, kreipkit\u0117s \u012F administratori\u0173.
+
+accountTemporarilyDisabledMessage=Paskyros galiojimas laikinai sustabdytas. Kreipkit\u0117s \u012F administratori\u0173 arba pabandykite v\u0117liau.
+invalidPasswordMinLengthMessage=Per trumpas slapta\u017Eodis: ma\u017Eiausias ilgis {0}.
+invalidPasswordMinLowerCaseCharsMessage=Neteisingas slapta\u017Eodis: privaloma \u012Fvesti {0} ma\u017E\u0105j\u0105 raid\u0119.
+invalidPasswordMinDigitsMessage=Neteisingas slapta\u017Eodis: privaloma \u012Fvesti {0} skaitmen\u012F.
+invalidPasswordMinUpperCaseCharsMessage=Neteisingas slapta\u017Eodis: privaloma \u012Fvesti {0} did\u017Ei\u0105j\u0105 raid\u0119.
+invalidPasswordMinSpecialCharsMessage=Neteisingas slapta\u017Eodis: privaloma \u012Fvesti {0} special\u0173 simbol\u012F.
+invalidPasswordNotUsernameMessage=Neteisingas slapta\u017Eodis: slapta\u017Eodis negali sutapti su naudotojo vardu.
+invalidPasswordRegexPatternMessage=Neteisingas slapta\u017Eodis: slapta\u017Eodis netenkina regex taisykl\u0117s(i\u0173).
+invalidPasswordHistoryMessage=Neteisingas slapta\u017Eodis: slapta\u017Eodis negali sutapti su prie\u0161 tai buvusiais {0} slapta\u017Eod\u017Eiais.

account/messages/messages_nl.properties

@@ -0,0 +1,133 @@
+doSave=Opslaan
+doCancel=Annuleer
+doLogOutAllSessions=Alle sessies uitloggen
+doRemove=Verwijder
+doAdd=Voeg toe
+doSignOut=Afmelden
+editAccountHtmlTitle=Bewerk account
+federatedIdentitiesHtmlTitle=Federated Identities
+accountLogHtmlTitle=Account log
+changePasswordHtmlTitle=Verander wachtwoord
+sessionsHtmlTitle=Sessies
+accountManagementTitle=Keycloak Accountbeheer
+authenticatorTitle=Authenticator
+applicationsHtmlTitle=Toepassingen
+authenticatorCode=Eenmalige code
+email=E-mailadres
+firstName=Voornaam
+givenName=Voornaam
+fullName=Volledige naam
+lastName=Achternaam
+familyName=Achternaam
+password=Wachtwoord
+passwordConfirm=Bevestiging
+passwordNew=Nieuw Wachtwoord
+username=Gebruikersnaam
+address=Adres
+street=Straat
+locality=Stad of plaats
+region=Staat, provincie of regio
+postal_code=Postcode
+country=Land
+emailVerified=E-mailadres geverifieerd
+gssDelegationCredential=GSS gedelegeerde aanmeldgegevens
+role_admin=Beheer
+role_realm-admin=Realmbeheer
+role_create-realm=Creëer realm
+role_view-realm=Bekijk realm
+role_view-users=Bekijk gebruikers
+role_view-applications=Bekijk toepassingen
+role_view-clients=Bekijk clients
+role_view-events=Bekijk gebeurtenissen
+role_view-identity-providers=Bekijk identity providers
+role_manage-realm=Beheer realm
+role_manage-users=Beheer gebruikers
+role_manage-applications=Beheer toepassingen
+role_manage-identity-providers=Beheer identity providers
+role_manage-clients=Beheer clients
+role_manage-events=Beheer gebeurtenissen
+role_view-profile=Bekijk profiel
+role_manage-account=Beheer account
+role_manage-account-links=Beheer accountkoppelingen
+role_read-token=Lees token
+role_offline-access=Offline toegang
+role_uma_authorization=Verkrijg UMA rechten
+client_account=Account
+client_security-admin-console=Console Veligheidsbeheer
+client_admin-cli=Beheer CLI
+client_realm-management=Realmbeheer
+client_broker=Broker
+requiredFields=Verplichte velden
+allFieldsRequired=Alle velden verplicht
+backToApplication=« Terug naar toepassing
+backTo=Terug naar {0}
+date=Datum
+event=Gebeurtenis
+ip=IP
+client=Client
+clients=Clients
+details=Details
+started=Gestart
+lastAccess=Laatste toegang
+expires=Vervalt
+applications=Toepassingen
+account=Account
+federatedIdentity=Federated Identity
+authenticator=Authenticator
+sessions=Sessies
+log=Log
+application=Toepassing
+availablePermissions=Beschikbare rechten
+grantedPermissions=Gegunde rechten
+grantedPersonalInfo=Gegunde Persoonsgegevens
+additionalGrants=Verdere vergunningen
+action=Actie
+inResource=in
+fullAccess=Volledige toegang
+offlineToken=Offline Token
+revoke=Vergunning intrekken
+configureAuthenticators=Ingestelde authenticators
+mobile=Mobiel nummer
+totpStep1=Installeer <a href="https://freeotp.github.io/" target="_blank">FreeOTP</a> of Google Authenticator op uw apparaat. Beide toepassingen zijn beschikbaar in <a href="https://play.google.com">Google Play</a> en de Apple App Store.
+totpStep2=Open de toepassing en scan de QR-code of voer de sleutel in.
+totpStep3=Voer de door de toepassing gegeven eenmalige code in en klik op Opslaan om de configuratie af te ronden.
+missingUsernameMessage=Gebruikersnaam ontbreekt.
+missingFirstNameMessage=Voornaam onbreekt.
+invalidEmailMessage=Ongeldig e-mailadres.
+missingLastNameMessage=Achternaam ontbreekt.
+missingEmailMessage=E-mailadres ontbreekt.
+missingPasswordMessage=Wachtwoord ontbreekt.
+notMatchPasswordMessage=Wachtwoorden komen niet overeen.
+missingTotpMessage=Authenticatiecode ontbreekt.
+invalidPasswordExistingMessage=Ongeldig bestaand wachtwoord.
+invalidPasswordConfirmMessage=Wachtwoordbevestiging komt niet overeen.
+invalidTotpMessage=Ongeldige authenticatiecode.
+emailExistsMessage=E-mailadres bestaat reeds.
+readOnlyUserMessage=U kunt uw account niet bijwerken aangezien het account alleen-lezen is.
+readOnlyPasswordMessage=U kunt uw wachtwoord niet wijzigen omdat uw account alleen-lezen is.
+successTotpMessage=Mobiele authenticator geconfigureerd.
+successTotpRemovedMessage=Mobiele authenticator verwijderd.
+successGrantRevokedMessage=Vergunning succesvol ingetrokken
+accountUpdatedMessage=Uw account is gewijzigd.
+accountPasswordUpdatedMessage=Uw wachtwoord is gewijzigd.
+missingIdentityProviderMessage=Geen identity provider aangegeven.
+invalidFederatedIdentityActionMessage=Ongeldige of ontbrekende actie op federated identity.
+identityProviderNotFoundMessage=Gespecificeerde identity provider niet gevonden.
+federatedIdentityLinkNotActiveMessage=Deze federated identity is niet langer geldig.
+federatedIdentityRemovingLastProviderMessage=U kunt de laatste federated identity provider niet verwijderen aangezien u dan niet langer zou kunnen inloggen.
+identityProviderRedirectErrorMessage=Kon niet herverwijzen naar identity provider.
+identityProviderRemovedMessage=Identity provider met succes verwijderd.
+identityProviderAlreadyLinkedMessage=Door {0} teruggegeven federated identity is al gekoppeld aan een andere gebruiker.
+staleCodeAccountMessage=De pagina is verlopen. Probeer het nogmaals.
+consentDenied=Toestemming geweigerd
+accountDisabledMessage=Account is gedeactiveerd. Contacteer de beheerder.
+accountTemporarilyDisabledMessage=Account is tijdelijk deactiveerd, neem contact op met de beheerder of probeer het later opnieuw.
+invalidPasswordMinLengthMessage=Ongeldig wachtwoord: de minimale lengte is {0} karakters.
+invalidPasswordMinLowerCaseCharsMessage=Ongeldig wachtwoord: het moet minstens {0} kleine letters bevatten.
+invalidPasswordMinDigitsMessage=Ongeldig wachtwoord: het moet minstens {0} getallen bevatten.
+invalidPasswordMinUpperCaseCharsMessage=Ongeldig wachtwoord: het moet minstens {0} hoofdletters bevatten.
+invalidPasswordMinSpecialCharsMessage=Ongeldig wachtwoord: het moet minstens {0} speciale karakters bevatten.
+invalidPasswordNotUsernameMessage=Ongeldig wachtwoord: het mag niet overeenkomen met de gebruikersnaam.
+invalidPasswordRegexPatternMessage=Ongeldig wachtwoord: het voldoet niet aan het door de beheerder ingestelde patroon.
+invalidPasswordHistoryMessage=Ongeldig wachtwoord: het mag niet overeen komen met een van de laatste {0} wachtwoorden.
+invalidPasswordGenericMessage=Ongeldig wachtwoord: het nieuwe wachtwoord voldoet niet aan het wachtwoordbeleid.

account/messages/messages_no.properties

@@ -0,0 +1,165 @@
+doSave=Lagre
+doCancel=Avbryt
+doLogOutAllSessions=Logg ut av alle sesjoner
+doRemove=Fjern
+doAdd=Legg til
+doSignOut=Logg ut
+
+editAccountHtmlTitle=Rediger konto
+federatedIdentitiesHtmlTitle=Federerte identiteter
+accountLogHtmlTitle=Kontologg
+changePasswordHtmlTitle=Endre passord
+sessionsHtmlTitle=Sesjoner
+accountManagementTitle=Keycloak kontoadministrasjon
+authenticatorTitle=Autentikator
+applicationsHtmlTitle=Applikasjoner
+
+authenticatorCode=Engangskode
+email=E-post
+firstName=Fornavn
+givenName=Fornavn
+fullName=Fullt navn
+lastName=Etternavn
+familyName=Etternavn
+password=Passord
+passwordConfirm=Bekreftelse
+passwordNew=Nytt passord
+username=Brukernavn
+address=Adresse
+street=Gate-/veinavn + husnummer
+locality=By
+region=Fylke
+postal_code=Postnummer
+country=Land
+emailVerified=E-post bekreftet
+gssDelegationCredential=GSS legitimasjonsdelegering
+
+role_admin=Administrator
+role_realm-admin=Administrator for sikkerhetsdomene
+role_create-realm=Opprette sikkerhetsdomene
+role_view-realm=Se sikkerhetsdomene
+role_view-users=Se brukere
+role_view-applications=Se applikasjoner
+role_view-clients=Se klienter
+role_view-events=Se hendelser
+role_view-identity-providers=Se identitetsleverand\u00F8rer
+role_manage-realm=Administrere sikkerhetsdomene
+role_manage-users=Administrere brukere
+role_manage-applications=Administrere applikasjoner
+role_manage-identity-providers=Administrere identitetsleverand\u00F8rer
+role_manage-clients=Administrere klienter
+role_manage-events=Administrere hendelser
+role_view-profile=Se profil
+role_manage-account=Administrere konto
+role_read-token=Lese token
+role_offline-access=Frakoblet tilgang
+role_uma_authorization=Skaffe tillatelser
+client_account=Konto
+client_security-admin-console=Sikkerhetsadministrasjonskonsoll
+client_admin-cli=Kommandolinje-grensesnitt for administrator
+client_realm-management=Sikkerhetsdomene-administrasjon
+client_broker=Broker
+
+
+requiredFields=Obligatoriske felt
+allFieldsRequired=Alle felt m\u00E5 fylles ut
+
+backToApplication=« Tilbake til applikasjonen
+backTo=Tilbake til {0}
+
+date=Dato
+event=Hendelse
+ip=IP
+client=Klient
+clients=Klienter
+details=Detaljer
+started=Startet
+lastAccess=Sist benyttet
+expires=Utl\u00F8per
+applications=Applikasjoner
+
+account=Konto
+federatedIdentity=Federert identitet
+authenticator=Autentikator
+sessions=Sesjoner
+log=Logg
+
+application=Applikasjon
+availablePermissions=Tilgjengelige rettigheter
+grantedPermissions=Innvilgede rettigheter
+grantedPersonalInfo=Innvilget personlig informasjon
+additionalGrants=Ekstra rettigheter
+action=Handling
+inResource=i
+fullAccess=Full tilgang
+offlineToken=Offline token
+revoke=Opphev rettighet
+
+configureAuthenticators=Konfigurerte autentikatorer
+mobile=Mobiltelefon
+totpStep1=Installer <a href="https://freeotp.github.io/" target="_blank">FreeOTP</a> eller Google Authenticator p\u00E5 din enhet. Begge applikasjoner er tilgjengelige p\u00E5 <a href="https://play.google.com">Google Play</a> og Apple App Store.
+totpStep2=\u00C5pne applikasjonen og skann strekkoden eller skriv inn koden.
+totpStep3=Skriv inn engangskoden gitt av applikasjonen og klikk Lagre for \u00E5 fullf\u00F8re.
+
+missingUsernameMessage=Vennligst oppgi brukernavn.
+missingFirstNameMessage=Vennligst oppgi fornavn.
+invalidEmailMessage=Ugyldig e-postadresse.
+missingLastNameMessage=Vennligst oppgi etternavn.
+missingEmailMessage=Vennligst oppgi e-postadresse.
+missingPasswordMessage=Vennligst oppgi passord.
+notMatchPasswordMessage=Passordene er ikke like.
+
+missingTotpMessage=Vennligst oppgi engangskode.
+invalidPasswordExistingMessage=Ugyldig eksisterende passord.
+invalidPasswordConfirmMessage=Passordene er ikke like.
+invalidTotpMessage=Ugyldig engangskode.
+
+usernameExistsMessage=Brukernavnet finnes allerede.
+emailExistsMessage=E-postadressen finnes allerede.
+
+readOnlyUserMessage=Du kan ikke oppdatere kontoen din ettersom den er skrivebeskyttet.
+readOnlyPasswordMessage=Du kan ikke oppdatere passordet ditt ettersom kontoen din er skrivebeskyttet.
+
+successTotpMessage=Autentikator for mobiltelefon er konfigurert.
+successTotpRemovedMessage=Autentikator for mobiltelefon er fjernet.
+
+successGrantRevokedMessage=Vellykket oppheving av rettighet.
+
+accountUpdatedMessage=Kontoen din har blitt oppdatert.
+accountPasswordUpdatedMessage=Ditt passord har blitt oppdatert.
+
+missingIdentityProviderMessage=Identitetsleverand\u00F8r er ikke spesifisert.
+invalidFederatedIdentityActionMessage=Ugyldig eller manglende handling.
+identityProviderNotFoundMessage=Spesifisert identitetsleverand\u00F8r ikke funnet.
+federatedIdentityLinkNotActiveMessage=Denne identiteten er ikke lenger aktiv.
+federatedIdentityRemovingLastProviderMessage=Du kan ikke fjerne siste federerte identitet ettersom du ikke har et passord.
+identityProviderRedirectErrorMessage=Redirect til identitetsleverand\u00F8r feilet.
+identityProviderRemovedMessage=Fjerning av identitetsleverand\u00F8r var vellykket.
+identityProviderAlreadyLinkedMessage=Federert identitet returnert av {0} er allerede koblet til en annen bruker.
+staleCodeAccountMessage=Siden har utl\u00F8pt. Vennligst pr\u00F8v en gang til.
+consentDenied=Samtykke avsl\u00E5tt.
+
+accountDisabledMessage=Konto er deaktivert, kontakt administrator.
+
+accountTemporarilyDisabledMessage=Konto er midlertidig deaktivert, kontakt administrator eller pr\u00F8v igjen senere.
+invalidPasswordMinLengthMessage=Ugyldig passord: minimum lengde {0}.
+invalidPasswordMinLowerCaseCharsMessage=Ugyldig passord: m\u00E5 inneholde minimum {0} sm\u00E5 bokstaver.
+invalidPasswordMinDigitsMessage=Ugyldig passord: m\u00E5 inneholde minimum {0} sifre.
+invalidPasswordMinUpperCaseCharsMessage=Ugyldig passord: m\u00E5 inneholde minimum {0} store bokstaver.
+invalidPasswordMinSpecialCharsMessage=Ugyldig passord: m\u00E5 inneholde minimum {0} spesialtegn.
+invalidPasswordNotUsernameMessage=Ugyldig passord: kan ikke v\u00E6re likt brukernavn.
+invalidPasswordRegexPatternMessage=Ugyldig passord: tilfredsstiller ikke kravene for passord-m\u00F8nster.
+invalidPasswordHistoryMessage=Ugyldig passord: kan ikke v\u00E6re likt noen av de {0} foreg\u00E5ende passordene.
+
+locale_ca=Catal\u00E0
+locale_de=Deutsch
+locale_en=English
+locale_es=Espa\u00F1ol
+locale_fr=Fran\u00e7ais
+locale_it=Italian
+locale_ja=\u65E5\u672C\u8A9E
+locale_no=Norsk
+locale_nl=Nederlands
+locale_pt-BR=Portugu\u00EAs (Brasil)
+locale_ru=\u0420\u0443\u0441\u0441\u043A\u0438\u0439
+locale_zh-CN=\u4e2d\u6587\u7b80\u4f53

account/messages/messages_pt_BR.properties

@@ -0,0 +1,149 @@
+doSave=Salvar
+doCancel=Cancelar
+doLogOutAllSessions=Sair de todas as sess\u00F5es
+doRemove=Remover
+doAdd=Adicionar
+doSignOut=Sair
+
+editAccountHtmlTitle=Editar Conta
+federatedIdentitiesHtmlTitle=Identidades Federadas
+accountLogHtmlTitle=Log da conta
+changePasswordHtmlTitle=Alterar senha
+sessionsHtmlTitle=Sess\u00F5es
+accountManagementTitle=Gerenciamento de Conta
+authenticatorTitle=Autenticator
+applicationsHtmlTitle=Aplicativos
+
+authenticatorCode=C\u00F3digo autenticador
+email=E-mail
+firstName=Primeiro nome
+givenName=Primeiro nome
+fullName=Nome completo
+lastName=Sobrenome
+familyName=Sobrenome
+password=Senha
+passwordConfirm=Confirma\u00E7\u00E3o
+passwordNew=Nova senha
+username=Nome de us\u00FAario
+address=Endere\u00E7o
+street=Logradouro
+locality=Cidade ou Localidade
+region=Estado
+postal_code=CEP
+country=Pa\u00EDs
+emailVerified=E-mail verificado
+gssDelegationCredential=GSS Delega\u00E7\u00E3o de Credencial
+
+role_admin=Admin
+role_realm-admin=Realm Admin
+role_create-realm=Cria realm
+role_view-realm=Visualiza realm
+role_view-users=Visualiza usu\u00E1rios
+role_view-applications=Visualiza aplica\u00E7\u00F5es
+role_view-clients=Visualiza clientes
+role_view-events=Visualiza eventos
+role_view-identity-providers=Visualiza provedores de identidade
+role_manage-realm=Gerencia realm
+role_manage-users=Gerencia usu\u00E1rios
+role_manage-applications=Gerencia aplica\u00E7\u00F5es
+role_manage-identity-providers=Gerencia provedores de identidade
+role_manage-clients=Gerencia clientes
+role_manage-events=Gerencia eventos
+role_view-profile=Visualiza perfil
+role_manage-account=Gerencia conta
+role_read-token=L\u00EA token
+role_offline-access=Acesso Offline
+role_uma_authorization=Obter permiss\u00F5es
+client_account=Conta
+client_security-admin-console=Console de Administra\u00E7\u00E3o de Seguran\u00E7a
+client_admin-cli=Admin CLI
+client_realm-management=Gerenciamento de Realm
+client_broker=Broker
+
+requiredFields=Campos obrigat\u00F3rios
+allFieldsRequired=Todos os campos s\u00E3o obrigat\u00F3rios
+
+backToApplication=« Voltar para aplica\u00E7\u00E3o
+backTo=Voltar para {0}
+
+date=Data
+event=Evento
+ip=IP
+client=Cliente
+clients=Clientes
+details=Detalhes
+started=Iniciado
+lastAccess=\u00DAltimo acesso
+expires=Expira
+applications=Aplicativos
+
+account=Conta
+federatedIdentity=Identidade Federada
+authenticator=Autenticador
+sessions=Sess\u00F5es
+log=Log
+
+application=Aplicativo
+availablePermissions=Permiss\u00F5es Dispon\u00EDveis
+grantedPermissions=Permiss\u00F5es Concedidas
+grantedPersonalInfo=Informa\u00E7\u00F5es Pessoais Concedidas
+additionalGrants=Concess\u00F5es Adicionais
+action=A\u00E7\u00E3o
+inResource=em
+fullAccess=Acesso Completo
+offlineToken=Offline Token
+revoke=Revogar Concess\u00F5es
+
+configureAuthenticators=Autenticadores Configurados
+mobile=Mobile
+totpStep1=Instalar <a href="https://freeotp.github.io/" target="_blank">FreeOTP</a> ou Google Authenticator em seu dispositivo. Ambas aplica\u00E7\u00F5es est\u00E3o dispon\u00EDveis no <a href="https://play.google.com">Google Play</a> e na Apple App Store.
+totpStep2=Abra o aplicativo e escaneie o c\u00F3digo de barras ou entre com o c\u00F3digo.
+totpStep3=Digite o c\u00F3digo fornecido pelo aplicativo e clique em Salvar para concluir a configura\u00E7\u00E3o.
+
+missingUsernameMessage=Por favor, especifique o nome de usu\u00E1rio.
+missingFirstNameMessage=Por favor, informe o primeiro nome.
+invalidEmailMessage=E-mail inv\u00E1lido.
+missingLastNameMessage=Por favor, informe o sobrenome.
+missingEmailMessage=Por favor, informe o e-mail.
+missingPasswordMessage=Por favor, informe a senha.
+notMatchPasswordMessage=As senhas n\u00E3o coincidem.
+
+missingTotpMessage=Por favor, informe o c\u00F3digo autenticador.
+invalidPasswordExistingMessage=Senha atual inv\u00E1lida.
+invalidPasswordConfirmMessage=A senha de confirma\u00E7\u00E3o n\u00E3o coincide.
+invalidTotpMessage=C\u00F3digo autenticador inv\u00E1lido.
+
+usernameExistsMessage=Este nome de usu\u00E1rio j\u00E1 existe.
+emailExistsMessage=Este e-mail j\u00E1 existe.
+
+readOnlyUserMessage=Voc\u00EA n\u00E3o pode atualizar sua conta, uma vez que \u00E9 apenas de leitura
+readOnlyPasswordMessage=Voc\u00EA n\u00E3o pode atualizar sua senha, sua conta \u00E9 somente leitura
+
+successTotpMessage=Autenticador mobile configurado.
+successTotpRemovedMessage=Autenticador mobile removido.
+
+successGrantRevokedMessage=Concess\u00F5es revogadas com sucesso.
+
+accountUpdatedMessage=Sua conta foi atualizada
+accountPasswordUpdatedMessage=Sua senha foi atualizada
+
+missingIdentityProviderMessage=Provedor de identidade n\u00E3o especificado
+invalidFederatedIdentityActionMessage=A\u00E7\u00E3o inv\u00E1lida ou ausente
+identityProviderNotFoundMessage=O provedor de identidade especificado n\u00E3o foi encontrado
+federatedIdentityLinkNotActiveMessage=Esta identidade n\u00E3o est\u00E1 mais em atividade
+federatedIdentityRemovingLastProviderMessage=Voc\u00EA n\u00E3o pode remover a \u00FAltima identidade federada como voc\u00EA n\u00E3o tem senha
+identityProviderRedirectErrorMessage=Falha ao redirecionar para o provedor de identidade
+identityProviderRemovedMessage=Provedor de identidade removido com sucesso
+identityProviderAlreadyLinkedMessage=Identidade federada retornado por {0} j\u00E1 est\u00E1 ligado a outro usu\u00E1rio.
+
+accountDisabledMessage=Conta desativada, contate o administrador
+
+accountTemporarilyDisabledMessage=A conta est\u00E1 temporariamente indispon\u00EDvel, contate o administrador ou tente novamente mais tarde
+invalidPasswordMinLengthMessage=Senha inv\u00E1lida\: comprimento m\u00EDnimo {0}
+invalidPasswordMinLowerCaseCharsMessage=Senha inv\u00E1lida\: deve conter pelo menos {0} caractere(s) min\u00FAsculo
+invalidPasswordMinDigitsMessage=Senha inv\u00E1lida\: deve conter pelo menos {0} n\u00FAmero(s)
+invalidPasswordMinUpperCaseCharsMessage=Senha inv\u00E1lida\: deve conter pelo menos {0} caractere(s) mai\u00FAsculo
+invalidPasswordMinSpecialCharsMessage=Senha inv\u00E1lida\: deve conter pelo menos {0} caractere(s) especial
+invalidPasswordNotUsernameMessage=Senha inv\u00E1lida\: n\u00E3o deve ser igual ao nome de usu\u00E1rio
+invalidPasswordRegexPatternMessage=Senha inv\u00E1lida\: n\u00E3o corresponde ao padr\u00E3o da express\u00E3o regular.
+invalidPasswordHistoryMessage=Senha inv\u00E1lida\: n\u00E3o pode ser igual a qualquer uma das {0} \u00FAltimas senhas.

account/messages/messages_ru.properties

@@ -0,0 +1,155 @@
+# encoding: utf-8
+doSave=Сохранить
+doCancel=Отмена
+doLogOutAllSessions=Выйти из всех сессий
+doRemove=Удалить
+doAdd=Добавить
+doSignOut=Выход
+
+editAccountHtmlTitle=Изменение учетной записи
+federatedIdentitiesHtmlTitle=Федеративные идентификаторы
+accountLogHtmlTitle=Лог учетной записи
+changePasswordHtmlTitle=Смена пароля
+sessionsHtmlTitle=Сессии
+accountManagementTitle=Управление учетной записью
+authenticatorTitle=Аутентификатор
+applicationsHtmlTitle=Приложения
+
+authenticatorCode=Одноразовый код
+email=E-mail
+firstName=Имя
+givenName=Имя
+fullName=Полное имя
+lastName=Фамилия
+familyName=Фамилия
+password=Пароль
+passwordConfirm=Подтверждение пароля
+passwordNew=Новый пароль
+username=Имя пользователя
+address=Адрес
+street=Улица
+locality=Город
+region=Регион
+postal_code=Почтовый индекс
+country=Страна
+emailVerified=E-mail подтвержден
+gssDelegationCredential=Делегирование учетных данных через GSS
+
+role_admin=Администратор
+role_realm-admin=Администратор realm
+role_create-realm=Создать realm
+role_view-realm=Просмотр realm
+role_view-users=Просмотр пользователей
+role_view-applications=Просмотр приложений
+role_view-clients=Просмотр клиентов
+role_view-events=Просмотр событий
+role_view-identity-providers=Просмотр провайдеров учетных записей
+role_manage-realm=Управление realm
+role_manage-users=Управление пользователями
+role_manage-applications=Управление приложениями
+role_manage-identity-providers=Управление провайдерами учетных записей
+role_manage-clients=Управление клиентами
+role_manage-events=Управление событиями
+role_view-profile=Просмотр профиля
+role_manage-account=Управление учетной записью
+role_read-token=Чтение токена
+role_offline-access=Доступ оффлайн
+role_uma_authorization=Получение разрешений
+client_account=Учетная запись
+client_security-admin-console=Консоль администратора безопасности
+client_admin-cli=Командный интерфейс администратора
+client_realm-management=Управление Realm
+client_broker=Брокер
+
+
+requiredFields=Обязательные поля
+allFieldsRequired=Все поля обязательны
+
+backToApplication=« Назад в приложение
+backTo=Назад в {0}
+
+date=Дата
+event=Событие
+ip=IP
+client=Клиент
+clients=Клиенты
+details=Детали
+started=Начата
+lastAccess=Последний доступ
+expires=Истекает
+applications=Приложения
+
+account=Учетная запись
+federatedIdentity=Федеративный идентификатор
+authenticator=Аутентификатор
+sessions=Сессии
+log=Журнал
+
+application=Приложение
+availablePermissions=Доступные разрешения
+grantedPermissions=Согласованные разрешения
+grantedPersonalInfo=Согласованная персональная информация
+additionalGrants=Дополнительные согласования
+action=Действие
+inResource=в
+fullAccess=Полный доступ
+offlineToken=Оффлайн токен
+revoke=Отозвать согласование
+
+configureAuthenticators=Сконфигурированные аутентификаторы
+mobile=Мобильное приложение
+totpStep1=Установите <a href="https://freeotp.github.io/" target="_blank">FreeOTP</a> или Google Authenticator. Оба приложения доступны на <a href="https://play.google.com">Google Play</a> и в Apple App Store.
+totpStep2=Откройте приложение и просканируйте баркод, либо введите ключ.
+totpStep3=Введите одноразовый код, выданный приложением, и нажмите сохранить для завершения установки.
+
+missingUsernameMessage=Введите имя пользователя.
+missingFirstNameMessage=Введите имя.
+invalidEmailMessage=Введите корректный E-mail.
+missingLastNameMessage=Введите фамилию.
+missingEmailMessage=Введите E-mail.
+missingPasswordMessage=Введите пароль.
+notMatchPasswordMessage=Пароли не совпадают.
+
+missingTotpMessage=Введите код аутентификатора.
+invalidPasswordExistingMessage=Существующий пароль неверный.
+invalidPasswordConfirmMessage=Подтверждение пароля не совпадает.
+invalidTotpMessage=Неверный код аутентификатора.
+
+usernameExistsMessage=Имя пользователя уже существует.
+emailExistsMessage=E-mail уже существует.
+
+readOnlyUserMessage=Вы не можете обновить информацию вашей учетной записи, т.к. она доступна только для чтения.
+readOnlyPasswordMessage=Вы не можете обновить пароль вашей учетной записи, т.к. он доступен только для чтения.
+
+successTotpMessage=Аутентификатор в мобильном приложении сконфигурирован.
+successTotpRemovedMessage=Аутентификатор в мобильном приложении удален.
+
+successGrantRevokedMessage=Согласование отозвано успешно.
+
+accountUpdatedMessage=Ваша учетная запись обновлена.
+accountPasswordUpdatedMessage=Ваша пароль обновлен.
+
+missingIdentityProviderMessage=Провайдер учетных записей не задан.
+invalidFederatedIdentityActionMessage=Некорректное или недопустимое действие.
+identityProviderNotFoundMessage=Заданный провайдер учетных записей не найден.
+federatedIdentityLinkNotActiveMessage=Идентификатор больше не активен.
+federatedIdentityRemovingLastProviderMessage=Вы не можете удалить последний федеративный идентификатор, т.к. Вы не имеете пароля.
+identityProviderRedirectErrorMessage=Ошибка перенаправления в провайдер учетных записей.
+identityProviderRemovedMessage=Провайдер учетных записей успешно удален.
+identityProviderAlreadyLinkedMessage=Федеративный идентификатор, возвращенный {0} уже используется другим пользователем.
+staleCodeAccountMessage=Страница устарела. Попробуйте еще раз.
+consentDenied=В согласовании отказано.
+
+accountDisabledMessage=Учетная запись заблокирована, обратитесь к администратору.
+
+accountTemporarilyDisabledMessage=Учетная запись временно заблокирована, обратитесь к администратору или попробуйте позже.
+invalidPasswordMinLengthMessage=Некорректный пароль: длина пароля должна быть не менее {0} символа(ов).
+invalidPasswordMinLowerCaseCharsMessage=Некорректный пароль: пароль должен содержать не менее {0} символа(ов) в нижнем регистре.
+invalidPasswordMinDigitsMessage=Некорректный пароль: пароль должен содержать не менее {0} цифр(ы).
+invalidPasswordMinUpperCaseCharsMessage=Некорректный пароль: пароль должен содержать не менее {0} символа(ов) в верхнем регистре.
+invalidPasswordMinSpecialCharsMessage=Некорректный пароль: пароль должен содержать не менее {0} спецсимвола(ов).
+invalidPasswordNotUsernameMessage=Некорректный пароль: пароль не должен совпадать с именем пользователя.
+invalidPasswordRegexPatternMessage=Некорректный пароль: пароль не удовлетворяет регулярному выражению.
+invalidPasswordHistoryMessage=Некорректный пароль: пароль не должен совпадать с последним(и) {0} паролями.
+invalidPasswordGenericMessage=Некорректный пароль: новый пароль не соответствует правилам пароля.
+

account/messages/messages_sv.properties

@@ -0,0 +1,150 @@
+# encoding: utf-8
+doSave=Spara
+doCancel=Avbryt
+doLogOutAllSessions=Logga ut från samtliga sessioner
+doRemove=Ta bort
+doAdd=Lägg till
+doSignOut=Logga ut
+
+editAccountHtmlTitle=Redigera konto
+federatedIdentitiesHtmlTitle=Federerade identiteter
+accountLogHtmlTitle=Kontologg
+changePasswordHtmlTitle=Byt lösenord
+sessionsHtmlTitle=Sessioner
+accountManagementTitle=Kontohantering för Keycloak
+authenticatorTitle=Autentiserare
+applicationsHtmlTitle=Applikationer
+
+authenticatorCode=Engångskod
+email=E-post
+firstName=Förnamn
+lastName=Efternamn
+password=Lösenord
+passwordConfirm=Bekräftelse
+passwordNew=Nytt lösenord
+username=Användarnamn
+address=Adress
+street=Gata
+locality=Postort
+region=Stat, Provins eller Region
+postal_code=Postnummer
+country=Land
+emailVerified=E-post verifierad
+gssDelegationCredential=GSS Delegation Credential
+
+role_admin=Administratör
+role_realm-admin=Realm-administratör
+role_create-realm=Skapa realm
+role_view-realm=Visa realm
+role_view-users=Visa användare
+role_view-applications=Visa applikationer
+role_view-clients=Visa klienter
+role_view-events=Visa event
+role_view-identity-providers=Visa identitetsleverantörer
+role_manage-realm=Hantera realm
+role_manage-users=Hantera användare
+role_manage-applications=Hantera applikationer
+role_manage-identity-providers=Hantera identitetsleverantörer
+role_manage-clients=Hantera klienter
+role_manage-events=Hantera event
+role_view-profile=Visa profil
+role_manage-account=Hantera konto
+role_read-token=Läs element
+role_offline-access=Åtkomst offline
+role_uma_authorization=Erhåll tillstånd
+client_account=Konto
+client_security-admin-console=Säkerhetsadministratörskonsol
+client_admin-cli=Administratörs-CLI
+client_realm-management=Realmhantering
+
+
+requiredFields=Obligatoriska fält
+allFieldsRequired=Samtliga fält krävs
+
+backToApplication=« Tillbaka till applikationen
+backTo=Tillbaka till {0}
+
+date=Datum
+event=Event
+ip=IP
+client=Klient
+clients=Klienter
+details=Detaljer
+started=Startade
+lastAccess=Senast åtkomst
+expires=Upphör
+applications=Applikationer
+
+account=Konto
+federatedIdentity=Federerad identitet
+authenticator=Autentiserare
+sessions=Sessioner
+log=Logg
+
+application=Applikation
+availablePermissions=Tillgängliga rättigheter
+grantedPermissions=Beviljade rättigheter
+grantedPersonalInfo=Medgiven personlig information
+additionalGrants=Ytterligare medgivanden
+action=Åtgärd
+inResource=i
+fullAccess=Fullständig åtkomst
+offlineToken=Offline token
+revoke=Upphäv rättighet
+
+configureAuthenticators=Konfigurerade autentiserare
+mobile=Mobil
+totpStep1=Installera <a href="https://freeotp.github.io/" target="_blank">FreeOTP</a> eller Google Authenticator på din enhet. Båda applikationerna finns tillgängliga på <a href="https://play.google.com">Google Play</a> och Apple App Store.
+totpStep2=Öppna applikationen och skanna streckkoden eller skriv i nyckeln.
+totpStep3=Fyll i engångskoden som tillhandahålls av applikationen och klicka på Spara för att avsluta inställningarna.
+
+missingUsernameMessage=Vänligen ange användarnamn.
+missingFirstNameMessage=Vänligen ange förnamn.
+invalidEmailMessage=Ogiltig e-postadress.
+missingLastNameMessage=Vänligen ange efternamn.
+missingEmailMessage=Vänligen ange e-post.
+missingPasswordMessage=Vänligen ange lösenord.
+notMatchPasswordMessage=Lösenorden matchar inte.
+
+missingTotpMessage=Vänligen ange autentiseringskoden.
+invalidPasswordExistingMessage=Det nuvarande lösenordet är ogiltigt.
+invalidPasswordConfirmMessage=Lösenordsbekräftelsen matchar inte.
+invalidTotpMessage=Autentiseringskoden är ogiltig.
+
+usernameExistsMessage=Användarnamnet finns redan.
+emailExistsMessage=E-posten finns redan.
+
+readOnlyUserMessage=Du kan inte uppdatera ditt konto eftersom det är skrivskyddat.
+readOnlyPasswordMessage=Du kan inte uppdatera ditt lösenord eftersom ditt konto är skrivskyddat.
+
+successTotpMessage=Mobilautentiseraren är inställd.
+successTotpRemovedMessage=Mobilautentiseraren är borttagen.
+
+successGrantRevokedMessage=Upphävandet av rättigheten lyckades.
+
+accountUpdatedMessage=Ditt konto har uppdaterats.
+accountPasswordUpdatedMessage=Ditt lösenord har uppdaterats.
+
+missingIdentityProviderMessage=Identitetsleverantör är inte angiven.
+invalidFederatedIdentityActionMessage=Åtgärden är ogiltig eller saknas.
+identityProviderNotFoundMessage=Angiven identitetsleverantör hittas inte.
+federatedIdentityLinkNotActiveMessage=Den här identiteten är inte längre aktiv.
+federatedIdentityRemovingLastProviderMessage=Du kan inte ta bort senaste federerade identiteten eftersom du inte har ett lösenord.
+identityProviderRedirectErrorMessage=Misslyckades med att omdirigera till identitetsleverantör.
+identityProviderRemovedMessage=Borttagningen av identitetsleverantören lyckades.
+identityProviderAlreadyLinkedMessage=Den federerade identiteten  som returnerades av {0} är redan länkad till en annan användare.
+staleCodeAccountMessage=Sidan har upphört att gälla. Vänligen försök igen.
+consentDenied=Samtycket förnekades.
+
+accountDisabledMessage=Kontot är inaktiverat, kontakta administratör.
+
+accountTemporarilyDisabledMessage=Kontot är tillfälligt inaktiverat, kontakta administratör eller försök igen senare.
+invalidPasswordMinLengthMessage=Ogiltigt lösenord. Minsta längd är {0}.
+invalidPasswordMinLowerCaseCharsMessage=Ogiltigt lösenord: måste innehålla minst {0} små bokstäver.
+invalidPasswordMinDigitsMessage=Ogiltigt lösenord: måste innehålla minst {0} siffror.
+invalidPasswordMinUpperCaseCharsMessage=Ogiltigt lösenord: måste innehålla minst {0} stora bokstäver.
+invalidPasswordMinSpecialCharsMessage=Ogiltigt lösenord: måste innehålla minst {0} specialtecken.
+invalidPasswordNotUsernameMessage=Ogiltigt lösenord: Får inte vara samma som användarnamnet.
+invalidPasswordRegexPatternMessage=Ogiltigt lösenord: matchar inte kravet för lösenordsmönster.
+invalidPasswordHistoryMessage=Ogiltigt lösenord: Får inte vara samma som de senaste {0} lösenorden.
+invalidPasswordGenericMessage=Ogiltigt lösenord: Det nya lösenordet stämmer inte med lösenordspolicyn.

account/messages/messages_zh_CN.properties

@@ -0,0 +1,166 @@
+# encoding: utf-8
+doSave=保存
+doCancel=取消
+doLogOutAllSessions=登出所有会话
+doRemove=删除
+doAdd=添加
+doSignOut=登出
+
+editAccountHtmlTitle=编辑账户
+federatedIdentitiesHtmlTitle=链接的身份
+accountLogHtmlTitle=账户日志
+changePasswordHtmlTitle=更改密码
+sessionsHtmlTitle=会话
+accountManagementTitle=Keycloak账户管理
+authenticatorTitle=认证者
+applicationsHtmlTitle=应用
+
+authenticatorCode=一次性认证码
+email=电子邮件
+firstName=名
+givenName=姓
+fullName=全名
+lastName=姓
+familyName=姓
+password=密码
+passwordConfirm=确认
+passwordNew=新密码
+username=用户名
+address=地址
+street=街道
+locality=城市住所
+region=省，自治区，直辖市
+postal_code=邮政编码
+country=国家
+emailVerified=验证过的Email
+gssDelegationCredential=GSS Delegation Credential
+
+role_admin=管理员
+role_realm-admin=域管理员
+role_create-realm=创建域
+role_view-realm=查看域
+role_view-users=查看用户
+role_view-applications=查看应用
+role_view-clients=查看客户
+role_view-events=查看事件
+role_view-identity-providers=查看身份提供者
+role_manage-realm=管理域
+role_manage-users=管理用户
+role_manage-applications=管理应用
+role_manage-identity-providers=管理身份提供者
+role_manage-clients=管理客户
+role_manage-events=管理事件
+role_view-profile=查看用户信息
+role_manage-account=管理账户
+role_read-token=读取 token
+role_offline-access=离线访问
+role_uma_authorization=获取授权
+client_account=账户
+client_security-admin-console=安全管理终端
+client_admin-cli=管理命令行
+client_realm-management=域管理
+client_broker=代理
+
+
+requiredFields=必填项
+allFieldsRequired=所有项必填
+
+backToApplication=« 回到应用
+backTo=回到 {0}
+
+date=日期
+event=事件
+ip=IP
+client=客户端
+clients=客户端
+details=详情
+started=开始
+lastAccess=最后一次访问
+expires=过期时间
+applications=应用
+
+account=账户
+federatedIdentity=关联身份
+authenticator=认证方
+sessions=会话
+log=日志
+
+application=应用
+availablePermissions=可用权限
+grantedPermissions=授予权限
+grantedPersonalInfo=授权的个人信息
+additionalGrants=可授予的权限
+action=操作
+inResource=in
+fullAccess=所有权限
+offlineToken=离线 token
+revoke=收回授权
+
+configureAuthenticators=配置的认证者
+mobile=手机
+totpStep1=在你的设备上安装 <a href="https://fedorahosted.org/freeotp/" target="_blank">FreeOTP</a> 或者 Google Authenticator.两个应用可以从 <a href="https://play.google.com">Google Play</a> 和 Apple App Store下载。
+totpStep2=打开应用扫描二维码输入验证码
+totpStep3=输入应用提供的一次性验证码单击保存
+
+missingUsernameMessage=请指定用户名
+missingFirstNameMessage=请指定名
+invalidEmailMessage=无效的电子邮箱地址
+missingLastNameMessage=请指定姓
+missingEmailMessage=请指定邮件地址
+missingPasswordMessage=请输入密码
+notMatchPasswordMessage=密码不匹配
+
+missingTotpMessage=请指定认证者代码
+invalidPasswordExistingMessage=无效的旧密码
+invalidPasswordConfirmMessage=确认密码不相符
+invalidTotpMessage=无效的认证码
+
+usernameExistsMessage=用户名已经存在
+emailExistsMessage=电子邮箱已经存在
+
+readOnlyUserMessage=无法修改账户，因为它是只读的。
+readOnlyPasswordMessage=不可以更该账户因为它是只读的。
+
+successTotpMessage=手机认证者配置完毕
+successTotpRemovedMessage=手机认证者已删除
+
+successGrantRevokedMessage=授权成功回收
+
+accountUpdatedMessage=您的账户已经更新
+accountPasswordUpdatedMessage=您的密码已经修改
+
+missingIdentityProviderMessage=身份提供者未指定
+invalidFederatedIdentityActionMessage=无效或者缺少操作
+identityProviderNotFoundMessage=指定的身份提供者未找到
+federatedIdentityLinkNotActiveMessage=这个身份不再使用了。
+federatedIdentityRemovingLastProviderMessage=你不可以移除最后一个身份提供者因为你没有设置密码
+identityProviderRedirectErrorMessage=尝试重定向到身份提供商失败
+identityProviderRemovedMessage=身份提供商成功删除
+identityProviderAlreadyLinkedMessage=链接的身份 {0} 已经连接到已有用户。
+staleCodeAccountMessage=页面过期。请再试一次。
+consentDenied=不同意
+
+accountDisabledMessage=账户已经关闭，请联系管理员
+
+accountTemporarilyDisabledMessage=账户暂时关闭，请联系管理员或稍后再试。
+invalidPasswordMinLengthMessage=无效的密码:最短长度 {0}.
+invalidPasswordMinLowerCaseCharsMessage=无效的密码: 至少包含 {0} 小写字母。
+invalidPasswordMinDigitsMessage=无效的密码:  至少包含 {0} 数字。
+invalidPasswordMinUpperCaseCharsMessage=无效的密码: 至少包含 {0} 大写字母
+invalidPasswordMinSpecialCharsMessage=无效的密码: 至少包含 {0} 个特殊字符
+invalidPasswordNotUsernameMessage=无效的密码: 不能与用户名相同
+invalidPasswordRegexPatternMessage=无效的密码:  无法与正则表达式匹配
+invalidPasswordHistoryMessage=无效的密码: 不能与之前的{0} 个旧密码相同
+locale_ca=Català
+locale_de=Deutsch
+locale_en=English
+locale_es=Español
+locale_fr=Français
+locale_it=Italian
+locale_ja=日本語
+locale_nl=Nederlands
+locale_no=Norsk
+locale_lt=Lietuvių
+locale_pt-BR=Português (Brasil)
+locale_ru=Русский
+locale_zh-CN=中文简体

account/password.ftl

@@ -0,0 +1,33 @@
+<#import "template.ftl" as layout>
+<@layout.mainLayout active='password' bodyClass='password'; section>
+	<h2>${msg("changePasswordHtmlTitle")}</h2>
+    <form action="${url.passwordUrl}" class="form-horizontal" method="post">
+        <#if password.passwordSet>
+            <div class="form-group">
+				<label for="password" class="control-label">${msg("password")}</label>
+				<input type="password" class="form-control" id="password" name="password" autofocus
+					   autocomplete="off">
+			</div>
+        </#if>
+
+		<input type="hidden" id="stateChecker" name="stateChecker" value="${stateChecker}">
+
+		<div class="form-group">
+			<label for="password-new" class="control-label">${msg("passwordNew")}</label>
+			<input type="password" class="form-control" id="password-new" name="password-new" autocomplete="off">
+		</div>
+
+		<div class="form-group">
+			<label for="password-confirm">${msg("passwordConfirm")}</label>
+			<input type="password" class="form-control" id="password-confirm" name="password-confirm"
+				   autocomplete="off">
+		</div>
+
+		<div class="sso-form-buttons">
+			<button type="submit"
+					class="sso-form-button sso-form-button-primary"
+					name="submitAction" value="Save">${msg("doSave")}</button>
+		</div>
+	</form>
+
+</@layout.mainLayout>

account/resources/css/style.css

@@ -0,0 +1,161 @@
+nav {
+  position: fixed;
+  left: 0;
+  top: 0;
+  width: 250px;
+  height: 100%;
+  display: flex;
+  flex-direction: column; }
+  nav .sso-menu-switch {
+    color: white;
+    border: 1px solid white;
+    position: absolute;
+    right: 10px;
+    top: 10px;
+    font-size: 24px;
+    padding: 5px 15px;
+    display: none; }
+  nav header {
+    background: #343434;
+    text-align: center;
+    padding: 20px 0; }
+    nav header h1 {
+      margin: 0; }
+  nav .nav-current {
+    background: #343434;
+    display: flex;
+    justify-content: space-between;
+    align-items: center; }
+    nav .nav-current-item {
+      display: flex;
+      align-items: center;
+      color: white;
+      font-size: 16px;
+      margin: 5px 8px; }
+      nav .nav-current-item.logout {
+        font-size: 20px; }
+    nav .nav-current-subitem {
+      margin-left: 5px;
+      font-size: 12px; }
+  nav ul.nav-links {
+    margin: 0;
+    padding: 0;
+    list-style-type: none;
+    flex-grow: 1;
+    border-right: 5px solid #f3f3f3; }
+    nav ul.nav-links li {
+      box-sizing: border-box;
+      border-left: 0 solid transparent;
+      transition: 0.2s border-left-width; }
+      nav ul.nav-links li a {
+        display: block;
+        padding: 5px 8px;
+        text-decoration: none;
+        text-transform: uppercase;
+        color: #343434; }
+      nav ul.nav-links li:hover {
+        border-left: 4px solid transparent; }
+      nav ul.nav-links li.active {
+        border-left: 4px solid #f3c289; }
+        nav ul.nav-links li.active a {
+          color: #f3c289; }
+  nav .nav-created-by {
+    border-right: 5px solid #f3f3f3;
+    box-sizing: border-box;
+    padding: 8px; }
+
+.container {
+  position: absolute;
+  left: 250px;
+  right: 0;
+  top: 0;
+  box-sizing: border-box;
+  padding: 10px 15px; }
+
+.form-group {
+  box-sizing: border-box;
+  flex-basis: calc(50% - 10px); }
+
+form {
+  font-size: 14px;
+  display: flex;
+  flex-wrap: wrap;
+  justify-content: space-between; }
+
+input {
+  display: block;
+  line-height: normal;
+  box-sizing: border-box;
+  height: 2.4375rem;
+  padding: 0.5rem;
+  border: 1px solid #cacaca;
+  margin: 0 0 1rem;
+  font-family: inherit;
+  font-size: 1rem;
+  color: #0a0a0a;
+  background-color: #fefefe;
+  box-shadow: inset 0 1px 2px rgba(10, 10, 10, 0.1);
+  border-radius: 0;
+  transition: box-shadow 0.5s, border-color 0.25s ease-in-out;
+  -webkit-appearance: none;
+  -moz-appearance: none; }
+  input:focus {
+    border: 1px solid #8a8a8a;
+    background-color: #fefefe;
+    outline: none;
+    box-shadow: 0 0 5px #cacaca;
+    transition: box-shadow 0.5s, border-color 0.25s ease-in-out; }
+
+.sso-form-buttons {
+  display: flex;
+  flex-direction: row;
+  flex-wrap: wrap;
+  width: 100%; }
+
+.sso-form-buttons-flexibile {
+  width: auto; }
+
+.sso-form-button {
+  border: none;
+  color: white;
+  background: #f3c289;
+  padding: 10px 8px;
+  margin: 0 4px;
+  -webkit-appearance: none;
+  transition: 0.2s background; }
+  .sso-form-button:hover {
+    background: #be9568;
+    color: white; }
+  .sso-form-button:first-child {
+    margin-left: 0; }
+  .sso-form-button:last-child {
+    margin-right: 0; }
+
+.sso-form-button-primary {
+  background: #5cb85c;
+  flex-grow: 1; }
+  .sso-form-button-primary:hover {
+    background: #499249; }
+
+@media screen and (max-width: 968px) {
+  nav {
+    position: relative;
+    width: 100%;
+    height: auto; }
+    nav .sso-menu-switch {
+      display: block; }
+    nav .nav-links {
+      height: 0;
+      overflow: hidden; }
+      nav .nav-links.nav-links-shown {
+        height: auto; }
+
+  .container {
+    position: relative;
+    width: 100%;
+    left: 0; }
+
+  .form-group {
+    flex-basis: calc(100%); } }
+
+/*# sourceMappingURL=style.css.map */

account/resources/css/style.css.map

@@ -0,0 +1,7 @@
+{
+"version": 3,
+"mappings": "AAAA,GAAG;EACD,QAAQ,EAAE,KAAK;EACf,IAAI,EAAE,CAAC;EACP,GAAG,EAAE,CAAC;EACN,KAAK,EAAE,KAAK;EACZ,MAAM,EAAE,IAAI;EACZ,OAAO,EAAE,IAAI;EACb,cAAc,EAAE,MAAM;EACtB,oBAAgB;IACd,KAAK,EAAE,KAAK;IACZ,MAAM,EAAE,eAAe;IACvB,QAAQ,EAAE,QAAQ;IAClB,KAAK,EAAE,IAAI;IACX,GAAG,EAAE,IAAI;IACT,SAAS,EAAE,IAAI;IACf,OAAO,EAAE,QAAQ;IACjB,OAAO,EAAE,IAAI;EAEf,UAAM;IACJ,UAAU,EAAE,OAAO;IACnB,UAAU,EAAE,MAAM;IAClB,OAAO,EAAE,MAAM;IACf,aAAE;MACA,MAAM,EAAE,CAAC;EACb,gBAAY;IACV,UAAU,EAAE,OAAO;IACnB,OAAO,EAAE,IAAI;IACb,eAAe,EAAE,aAAa;IAC9B,WAAW,EAAE,MAAM;IACnB,qBAAM;MACJ,OAAO,EAAE,IAAI;MACb,WAAW,EAAE,MAAM;MACnB,KAAK,EAAE,KAAK;MACZ,SAAS,EAAE,IAAI;MACf,MAAM,EAAE,OAAO;MACf,4BAAQ;QACN,SAAS,EAAE,IAAI;IACnB,wBAAS;MACP,WAAW,EAAE,GAAG;MAChB,SAAS,EAAE,IAAI;EAEnB,gBAAY;IACV,MAAM,EAAE,CAAC;IACT,OAAO,EAAE,CAAC;IACV,eAAe,EAAE,IAAI;IACrB,SAAS,EAAE,CAAC;IACZ,YAAY,EAAE,iBAAiB;IAC/B,mBAAE;MACA,UAAU,EAAE,UAAU;MACtB,WAAW,EAAE,mBAAmB;MAChC,UAAU,EAAE,sBAAsB;MAClC,qBAAC;QACC,OAAO,EAAE,KAAK;QACd,OAAO,EAAE,OAAO;QAChB,eAAe,EAAE,IAAI;QACrB,cAAc,EAAE,SAAS;QACzB,KAAK,EAAE,OAAO;MAChB,yBAAO;QACL,WAAW,EAAE,qBAAqB;MACpC,0BAAQ;QACN,WAAW,EAAE,iBAAiB;QAC9B,4BAAC;UACC,KAAK,EAAE,OAAO;EAEtB,mBAAe;IACb,YAAY,EAAE,iBAAiB;IAC/B,UAAU,EAAE,UAAU;IACtB,OAAO,EAAE,GAAG;;AAEhB,UAAU;EACR,QAAQ,EAAE,QAAQ;EAClB,IAAI,EAAE,KAAK;EACX,KAAK,EAAE,CAAC;EACR,GAAG,EAAE,CAAC;EACN,UAAU,EAAE,UAAU;EACtB,OAAO,EAAE,SAAS;;AAEpB,WAAW;EACT,UAAU,EAAE,UAAU;EACtB,UAAU,EAAE,gBAAgB;;AAE9B,IAAI;EACF,SAAS,EAAE,IAAI;EACf,OAAO,EAAE,IAAI;EACb,SAAS,EAAE,IAAI;EACf,eAAe,EAAE,aAAa;;AAEhC,KAAK;EACH,OAAO,EAAE,KAAK;EACd,WAAW,EAAE,MAAM;EACnB,UAAU,EAAE,UAAU;EACtB,MAAM,EAAE,SAAS;EACjB,OAAO,EAAE,MAAK;EACd,MAAM,EAAE,iBAAiB;EACzB,MAAM,EAAE,QAAQ;EAChB,WAAW,EAAE,OAAO;EACpB,SAAS,EAAE,IAAI;EACf,KAAK,EAAE,OAAO;EACd,gBAAgB,EAAE,OAAO;EACzB,UAAU,EAAE,qCAAqC;EACjD,aAAa,EAAE,CAAC;EAChB,UAAU,EAAE,+CAA+C;EAC3D,kBAAkB,EAAE,IAAI;EACxB,eAAe,EAAE,IAAI;EACrB,WAAO;IACL,MAAM,EAAE,iBAAiB;IACzB,gBAAgB,EAAE,OAAO;IACzB,OAAO,EAAE,IAAI;IACb,UAAU,EAAE,eAAe;IAC3B,UAAU,EAAE,+CAA+C;;AAE/D,iBAAiB;EACf,OAAO,EAAE,IAAI;EACb,cAAc,EAAE,GAAG;EACnB,SAAS,EAAE,IAAI;EACf,KAAK,EAAE,IAAI;;AAEb,2BAA2B;EACzB,KAAK,EAAE,IAAI;;AAEb,gBAAgB;EACd,MAAM,EAAE,IAAI;EACZ,KAAK,EAAE,KAAK;EACZ,UAAU,EAAE,OAAO;EACnB,OAAO,EAAE,QAAQ;EACjB,MAAM,EAAE,KAAK;EACb,kBAAkB,EAAE,IAAI;EACxB,UAAU,EAAE,eAAe;EAC3B,sBAAO;IACL,UAAU,EAAE,OAAO;IACnB,KAAK,EAAE,KAAK;EAEd,4BAAa;IACX,WAAW,EAAE,CAAC;EAEhB,2BAAY;IACV,YAAY,EAAE,CAAC;;AAEnB,wBAAwB;EACtB,UAAU,EAAE,OAAO;EACnB,SAAS,EAAE,CAAC;EACZ,8BAAO;IACL,UAAU,EAAE,OAAO;;AAEvB,oCAAoC;EAElC,GAAG;IACD,QAAQ,EAAE,QAAQ;IAClB,KAAK,EAAE,IAAI;IACX,MAAM,EAAE,IAAI;IACZ,oBAAgB;MACd,OAAO,EAAE,KAAK;IAChB,cAAU;MACR,MAAM,EAAE,CAAC;MACT,QAAQ,EAAE,MAAM;MAChB,8BAAiB;QACf,MAAM,EAAE,IAAI;;EAElB,UAAU;IACR,QAAQ,EAAE,QAAQ;IAClB,KAAK,EAAE,IAAI;IACX,IAAI,EAAE,CAAC;;EAET,WAAW;IACT,UAAU,EAAE,UAAU",
+"sources": ["style.sass"],
+"names": [],
+"file": "style.css"
+}

account/resources/css/style.sass

@@ -0,0 +1,165 @@
+nav
+  position: fixed
+  left: 0
+  top: 0
+  width: 250px
+  height: 100%
+  display: flex
+  flex-direction: column
+  .sso-menu-switch
+    color: white
+    border: 1px solid white
+    position: absolute
+    right: 10px
+    top: 10px
+    font-size: 24px
+    padding: 5px 15px
+    display: none
+
+  header
+    background: #343434
+    text-align: center
+    padding: 20px 0
+    h1
+      margin: 0
+  .nav-current
+    background: #343434
+    display: flex
+    justify-content: space-between
+    align-items: center
+    &-item
+      display: flex
+      align-items: center
+      color: white
+      font-size: 16px
+      margin: 5px 8px
+      &.logout
+        font-size: 20px
+    &-subitem
+      margin-left: 5px
+      font-size: 12px
+
+  ul.nav-links
+    margin: 0
+    padding: 0
+    list-style-type: none
+    flex-grow: 1
+    border-right: 5px solid #f3f3f3
+    li
+      box-sizing: border-box
+      border-left: 0 solid transparent
+      transition: 0.2s border-left-width
+      a
+        display: block
+        padding: 5px 8px
+        text-decoration: none
+        text-transform: uppercase
+        color: #343434
+      &:hover
+        border-left: 4px solid transparent
+      &.active
+        border-left: 4px solid #f3c289
+        a
+          color: #f3c289
+
+  .nav-created-by
+    border-right: 5px solid #f3f3f3
+    box-sizing: border-box
+    padding: 8px
+
+.container
+  position: absolute
+  left: 250px
+  right: 0
+  top: 0
+  box-sizing: border-box
+  padding: 10px 15px
+
+.form-group
+  box-sizing: border-box
+  flex-basis: calc(50% - 10px)
+
+form
+  font-size: 14px
+  display: flex
+  flex-wrap: wrap
+  justify-content: space-between
+
+input
+  display: block
+  line-height: normal
+  box-sizing: border-box
+  height: 2.4375rem
+  padding: .5rem
+  border: 1px solid #cacaca
+  margin: 0 0 1rem
+  font-family: inherit
+  font-size: 1rem
+  color: #0a0a0a
+  background-color: #fefefe
+  box-shadow: inset 0 1px 2px rgba(10, 10, 10, 0.1)
+  border-radius: 0
+  transition: box-shadow 0.5s, border-color 0.25s ease-in-out
+  -webkit-appearance: none
+  -moz-appearance: none
+  &:focus
+    border: 1px solid #8a8a8a
+    background-color: #fefefe
+    outline: none
+    box-shadow: 0 0 5px #cacaca
+    transition: box-shadow 0.5s, border-color 0.25s ease-in-out
+
+.sso-form-buttons
+  display: flex
+  flex-direction: row
+  flex-wrap: wrap
+  width: 100%
+
+.sso-form-buttons-flexibile
+  width: auto
+
+.sso-form-button
+  border: none
+  color: white
+  background: #f3c289
+  padding: 10px 8px
+  margin: 0 4px
+  -webkit-appearance: none
+  transition: 0.2s background
+  &:hover
+    background: #be9568
+    color: white
+
+  &:first-child
+    margin-left: 0
+
+  &:last-child
+    margin-right: 0
+
+.sso-form-button-primary
+  background: #5cb85c
+  flex-grow: 1
+  &:hover
+    background: #499249
+
+@media screen and (max-width: 968px)
+
+  nav
+    position: relative
+    width: 100%
+    height: auto
+    .sso-menu-switch
+      display: block
+    .nav-links
+      height: 0
+      overflow: hidden
+      &.nav-links-shown
+        height: auto
+
+  .container
+    position: relative
+    width: 100%
+    left: 0
+
+  .form-group
+    flex-basis: calc(100%)

account/resources/img/logo.svg

@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="utf-8"?>
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="172" height="55.25" viewBox="0 0 172 55.25">
+  <defs>
+    <path id="a" d="M2.716 4.385h165.333V51.1H2.716z"/>
+  </defs>
+  <clipPath id="b">
+    <use xlink:href="#a" overflow="visible"/>
+  </clipPath>
+  <path fill="#FFF" clip-path="url(#b)" d="M24.691 7.159c-5.866 0-11.384 2.289-15.542 6.438-4.147 4.149-6.435 9.669-6.435 15.535 0 5.876 2.287 11.396 6.435 15.539 4.158 4.147 9.675 6.429 15.542 6.429 5.87 0 11.384-2.281 15.531-6.429 4.158-4.144 6.44-9.663 6.44-15.539 0-5.866-2.282-11.386-6.44-15.535-4.146-4.15-9.66-6.438-15.531-6.438m0 41.857c-10.965 0-19.885-8.915-19.885-19.884 0-10.962 8.919-19.88 19.885-19.88 10.961 0 19.883 8.918 19.883 19.88.001 10.969-8.922 19.884-19.883 19.884"/>
+  <path fill="#FFF" clip-path="url(#b)" d="M18.068 16.063v-3.077h-1.921v3.552c-1.301.401-2.056.815-1.932 1.069.431-.118 1.115-.169 1.932-.121v18.495c-1.962 3.833.861 9.698.861 9.698s-2.124-6.299 2.6-9.272c4.337-2.732 19.302-1.451 19.246-9.894-.065-11.962-13.868-11.891-20.786-10.45m6.177 11.597c-.673 3.185-4.147 4.845-6.177 6.224V17.779c3.459.83 7.525 3.489 6.177 9.881M59.936 9.602c-1.753 0-3.416.112-4.987.344v16.436h4.42v-5.167c.393.042.884.066 1.474.066 2.222 0 3.912-.517 5.071-1.554 1.153-1.033 1.733-2.559 1.733-4.569 0-3.702-2.571-5.556-7.711-5.556m2.722 7.709c-.529.455-1.288.682-2.268.682-.379 0-.718-.021-1.021-.068v-4.804c.346-.079.688-.114 1.021-.114 2.04 0 3.061.794 3.061 2.38 0 .827-.264 1.474-.793 1.924"/>
+  <path fill="#FFF" d="M69.733 9.832h4.987v16.55h-4.987z"/>
+  <defs>
+    <path fill="#FFF" id="c" d="M2.716 4.385h165.333V51.1H2.716z"/>
+  </defs>
+  <clipPath id="d">
+    <use xlink:href="#c" overflow="visible"/>
+  </clipPath>
+  <path fill="#FFF" clip-path="url(#d)" d="M86.441 26.381h4.648l-1.63-4.536c-.272-.734-.561-1.307-.863-1.708-.3-.398-.682-.729-1.135-.986v-.045c.938-.348 1.704-.932 2.295-1.744.588-.819.885-1.704.885-2.654 0-3.401-2.269-5.104-6.805-5.104-1.967 0-3.933.114-5.897.342v16.435h4.423v-5.778h1.019c.423 0 .765.114 1.022.337.257.229.467.603.634 1.136l1.404 4.305zM83.61 17.31h-1.248v-4.188c.344-.078.761-.112 1.248-.112 1.658 0 2.494.717 2.494 2.153 0 .662-.225 1.186-.669 1.574-.449.383-1.058.573-1.825.573"/>
+  <path fill="#FFF" d="M97.507 23.208h4.603l.772 3.174h4.806l-5.441-16.553h-4.76l-5.441 16.553h4.714l.747-3.174zm2.29-9.523h.046l1.474 6.125h-2.993l1.473-6.125zM104.399 4.385h-4.988l-2.267 4.088h3.626M111.863 26.382h4.625v-12.81h4.487v-3.74H107.37v3.74h4.493"/>
+  <defs>
+    <path fill="#FFF" id="e" d="M2.716 4.385h165.333V51.1H2.716z"/>
+  </defs>
+  <clipPath id="f">
+    <use xlink:href="#e" overflow="visible"/>
+  </clipPath>
+  <path fill="#FFF" clip-path="url(#f)" d="M128.277 23.097c-.756 0-1.586-.152-2.482-.458-.898-.302-1.734-.717-2.506-1.24l-1.021 3.508c.668.486 1.555.893 2.668 1.215 1.109.327 2.148.486 3.117.486 2.309 0 4.041-.43 5.189-1.301 1.148-.87 1.725-2.133 1.725-3.798 0-1.377-.484-2.506-1.455-3.39-.965-.885-2.635-1.644-5.008-2.278-.982-.27-1.475-.726-1.475-1.36 0-.411.184-.735.547-.989.365-.249.898-.371 1.605-.371 1.574 0 3.125.38 4.65 1.13l.793-3.51c-1.541-.758-3.426-1.138-5.666-1.138-2.088 0-3.705.442-4.854 1.316-1.15.877-1.723 2.064-1.723 3.562 0 1.36.467 2.487 1.406 3.379.936.891 2.508 1.653 4.715 2.288 1.211.348 1.814.837 1.814 1.475.002.98-.679 1.474-2.039 1.474"/>
+  <path fill="#FFF" d="M151.451 9.832h-5.215l-4.265 7.029h-.043V9.832h-4.537v16.55h4.537v-7.708h.043l4.492 7.708h5.213l-5.44-8.616M164.762 4.385h-4.991l-2.269 4.088h3.631M162.607 9.832h-4.76l-5.445 16.55h4.715l.75-3.174h4.602l.771 3.174h4.809l-5.442-16.55zm-3.925 9.976l1.475-6.125h.045l1.475 6.125h-2.995z"/>
+  <g>
+    <defs>
+      <path id="g" d="M2.716 4.385h165.333V51.1H2.716z"/>
+    </defs>
+    <clipPath id="h">
+      <use xlink:href="#g" overflow="visible"/>
+    </clipPath>
+    <path fill="#FFF" clip-path="url(#h)" d="M60.617 38.221c-.982-.27-1.476-.726-1.476-1.36 0-.407.184-.733.545-.987.363-.249.901-.372 1.608-.372 1.575 0 3.122.378 4.651 1.129l.792-3.508c-1.541-.76-3.43-1.14-5.667-1.14-2.085 0-3.707.442-4.851 1.319-1.151.876-1.724 2.062-1.724 3.559 0 1.36.467 2.487 1.406 3.38.937.892 2.509 1.652 4.716 2.287 1.207.349 1.812.839 1.812 1.474 0 .986-.678 1.476-2.038 1.476-.756 0-1.583-.148-2.483-.456-.9-.304-1.735-.715-2.507-1.242l-1.019 3.509c.665.486 1.553.891 2.665 1.215 1.111.327 2.149.489 3.118.489 2.31 0 4.042-.432 5.19-1.303 1.15-.871 1.726-2.135 1.726-3.798 0-1.375-.485-2.507-1.454-3.392-.966-.888-2.638-1.642-5.01-2.279"/>
+  </g>
+  <path fill="#FFF" d="M68.483 35.953h4.495v12.81h4.625v-12.81h4.486v-3.74H68.483"/>
+  <g>
+    <defs>
+      <path id="i" d="M2.716 4.385h165.333V51.1H2.716z"/>
+    </defs>
+    <clipPath id="j">
+      <use xlink:href="#i" overflow="visible"/>
+    </clipPath>
+    <path fill="#FFF" clip-path="url(#j)" d="M95.178 42.517c-.304-.398-.684-.73-1.141-.984v-.046c.939-.345 1.703-.93 2.291-1.745.592-.816.885-1.701.885-2.652 0-3.403-2.266-5.104-6.801-5.104-1.967 0-3.929.113-5.896.345v16.435h4.422v-5.779h1.021c.422 0 .765.112 1.02.338.257.227.469.604.636 1.134l1.405 4.308h4.646l-1.631-4.537c-.27-.741-.559-1.312-.857-1.713m-3.17-3.4c-.44.388-1.051.576-1.824.576h-1.246v-4.192c.347-.08.762-.113 1.246-.113 1.662 0 2.497.717 2.497 2.152 0 .664-.224 1.192-.673 1.577"/>
+  </g>
+  <path fill="#FFF" d="M104.287 32.213l-5.439 16.55h4.713l.748-3.174h4.605l.772 3.174h4.8l-5.438-16.55h-4.761zm.838 9.975l1.475-6.123h.047l1.475 6.123h-2.997zM125.762 41.282h-.049l-4.942-9.071h-4.421v16.553h4.421v-9.073h.047l4.944 9.073h4.42V32.211h-4.42M137.484 32.213l-5.443 16.55h4.717l.75-3.174h4.596l.773 3.174h4.812l-5.441-16.55h-4.764zm.838 9.975l1.473-6.123h.043l1.475 6.123h-2.991z"/>
+</svg>

account/sessions.ftl

@@ -0,0 +1,46 @@
+<#import "template.ftl" as layout>
+<@layout.mainLayout active='sessions' bodyClass='sessions'; section>
+
+    <div class="row">
+        <div class="col-md-10">
+            <h2>${msg("sessionsHtmlTitle")}</h2>
+        </div>
+    </div>
+
+    <table class="table table-striped table-bordered">
+        <thead>
+        <tr>
+            <td>${msg("ip")}</td>
+            <td>${msg("started")}</td>
+            <td>${msg("lastAccess")}</td>
+            <td>${msg("expires")}</td>
+            <td>${msg("clients")}</td>
+        </tr>
+        </thead>
+
+        <tbody>
+        <#list sessions.sessions as session>
+            <tr>
+                <td>${session.ipAddress}</td>
+                <td>${session.started?datetime}</td>
+                <td>${session.lastAccess?datetime}</td>
+                <td>${session.expires?datetime}</td>
+                <td>
+                    <#list session.clients as client>
+                        ${client}<br/>
+                    </#list>
+                </td>
+            </tr>
+        </#list>
+        </tbody>
+
+    </table>
+
+    <form action="${url.sessionsUrl}" method="post">
+        <input type="hidden" id="stateChecker" name="stateChecker" value="${stateChecker}">
+        <div class="sso-form-buttons">
+            <button id="logout-all-sessions" class="sso-form-button sso-form-button-primary">${msg("doLogOutAllSessions")}</button>
+        </div>
+    </form>
+
+</@layout.mainLayout>

account/template.ftl

@@ -0,0 +1,75 @@
+<#macro mainLayout active bodyClass>
+<!DOCTYPE html>
+<html>
+	<head>
+		<meta charset="UTF-8">
+		<meta name="robots" content="noindex, nofollow">
+		<meta http-equiv="X-UA-Compatible" content="IE=edge">
+		<meta name="viewport" content="width=device-width, initial-scale=1">
+		<title>${msg("accountManagementTitle")}</title>
+		<link rel="icon" type="image/png" href="https://www.pirati.cz/assets/favicon/favicon-196x196.png" sizes="196x196">
+		<link rel="icon" type="image/png" href="https://www.pirati.cz/assets/favicon/favicon-96x96.png" sizes="96x96">
+		<link rel="icon" type="image/png" href="https://www.pirati.cz/assets/favicon/favicon-16x16.png" sizes="16x16">
+		<link rel="icon" type="image/png" href="https://www.pirati.cz/assets/favicon/favicon-32x32.png" sizes="32x32">
+		<link rel="icon" type="image/png" href="https://www.pirati.cz/assets/favicon/favicon-128.png" sizes="128x128">
+        <link href="https://www.pirati.cz/assets/css/main.css" rel="stylesheet">
+    <#if properties.styles?has_content>
+        <#list properties.styles?split(' ') as style>
+        <link href="${url.resourcesPath}/${style}" rel="stylesheet"/>
+        </#list>
+    </#if>
+    <#if properties.scripts?has_content>
+        <#list properties.scripts?split(' ') as script>
+        <script type="text/javascript" src="${url.resourcesPath}/${script}"></script>
+        </#list>
+    </#if>
+                <!-- <script defer src="https://use.fontawesome.com/releases/v5.0.1/js/all.js"></script> -->
+                <script defer src="${url.resourcesPath}/js/fontawesome_all.js"></script>
+	</head>
+	<body class="admin-console user ${bodyClass}">
+		<nav class="navbar">
+            <button class="sso-menu-switch"><i class="fa fa-bars"></i></button>
+			<header>
+				<h1 class="navbar-title"><img src="${url.resourcesPath}/img/logo.svg" alt="Pirátská strana"></h1>
+			</header>
+			<div class="nav-current">
+                <span class="nav-current-item">${(account.firstName!'')} ${(account.lastName!'')} <span class="nav-current-subitem"><#switch account.attributes.type!><#case "member">člen<#break></#switch></span></span>
+				<a class="nav-current-item logout" href="${url.logoutUrl}"><i class="fas fa-sign-out-alt"></i></a>
+			</div>
+			<ul class="nav-links">
+				<li class="<#if active=='account'>active</#if>"><a href="${url.accountUrl}">${msg("account")}</a>
+				</li>
+                <#if features.passwordUpdateSupported>
+					<li class="<#if active=='password'>active</#if>"><a href="${url.passwordUrl}">${msg("password")}</a>
+					</li></#if>
+				<li class="<#if active=='totp'>active</#if>"><a href="${url.totpUrl}">${msg("authenticator")}</a>
+				</li>
+                <#if features.identityFederation>
+					<li class="<#if active=='social'>active</#if>"><a
+							href="${url.socialUrl}">${msg("federatedIdentity")}</a></li></#if>
+				<li class="<#if active=='sessions'>active</#if>"><a href="${url.sessionsUrl}">${msg("sessions")}</a>
+				</li>
+				<li class="<#if active=='applications'>active</#if>"><a
+						href="${url.applicationsUrl}">${msg("applications")}</a></li>
+                <#if features.log>
+					<li class="<#if active=='log'>active</#if>"><a href="${url.logUrl}">${msg("log")}</a></li></#if>
+			</ul>
+            <div class="nav-created-by">Vytvořil <a href="https://michalvasicek.cz">Michal Vašíček</a></div>
+		</nav>
+
+		<div class="container">
+            <#if message?has_content>
+                <div class="alert alert-${message.type}">
+                    <#if message.type=='success' ><span class="pficon pficon-ok"></span></#if>
+                    <#if message.type=='error' ><span class="pficon pficon-error-octagon"></span><span
+							class="pficon pficon-error-exclamation"></span></#if>
+                    ${message.summary?no_esc}
+				</div>
+            </#if>
+
+            <#nested "content">
+		</div>
+
+	</body>
+</html>
+</#macro>

account/theme.properties

@@ -0,0 +1,3 @@
+locales=ca,de,en,es,fr,it,ja,lt,nl,no,pt-BR,ru,sv,zh-CN
+
+styles=css/style.css

account/totp.ftl

@@ -0,0 +1,67 @@
+<#import "template.ftl" as layout>
+<@layout.mainLayout active='totp' bodyClass='totp'; section>
+
+    <#if totp.enabled>
+<h2>${msg("authenticatorTitle")}</h2>
+
+<table class="table table-bordered table-striped">
+	<thead
+	<tr>
+		<th colspan="2">${msg("configureAuthenticators")}</th>
+	</tr>
+	</thead>
+	<tbody>
+		<tr>
+			<td class="provider">${msg("mobile")}</td>
+			<td class="action">
+				<form action="${url.totpRemoveUrl}" method="post" class="form-inline">
+					<input type="hidden" id="stateChecker" name="stateChecker" value="${stateChecker}">
+					<button id="remove-mobile" class="btn btn-default"><i class="fa fa-trash"></i></button>
+				</form>
+			</td>
+		</tr>
+	</tbody>
+</table>
+    <#else>
+<h2>${msg("authenticatorTitle")}</h2>
+
+<ol>
+	<li>
+		<p>${msg("totpStep1")?no_esc}</p>
+	</li>
+	<li>
+		<p>${msg("totpStep2")}</p>
+		<p><img src="data:image/png;base64, ${totp.totpSecretQrCode}" alt="Figure: Barcode"></p>
+		<p><span class="code">${totp.totpSecretEncoded}</span></p>
+	</li>
+	<li>
+		<p>${msg("totpStep3")}</p>
+	</li>
+</ol>
+
+<form action="${url.totpUrl}" class="form-horizontal" method="post">
+	<input type="hidden" id="stateChecker" name="stateChecker" value="${stateChecker}">
+	<div class="form-group">
+		<div class="col-sm-2 col-md-2">
+			<label for="totp" class="control-label">${msg("authenticatorCode")}</label>
+		</div>
+
+		<div class="col-sm-10 col-md-10">
+			<input type="text" class="form-control" id="totp" name="totp" autocomplete="off" autofocus
+				   autocomplete="off">
+			<input type="hidden" id="totpSecret" name="totpSecret" value="${totp.totpSecret}"/>
+		</div>
+	</div>
+
+	<div class="sso-form-buttons">
+		<button type="submit"
+				class="sso-form-button sso-form-button-primary"
+				name="submitAction" value="Save">${msg("doSave")}</button>
+		<button type="submit"
+				class="sso-form-button"
+				name="submitAction" value="Cancel">${msg("doCancel")}</button>
+	</div>
+</form>
+    </#if>
+
+</@layout.mainLayout>

admin/index.ftl

@@ -0,0 +1,118 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <title></title>
+
+    <meta charset="utf-8">
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+    <meta name="robots" content="noindex, nofollow">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+
+    <link rel="shortcut icon" href="${resourceUrl}/img/favicon.ico">
+    <#if properties.styles?has_content>
+    <#list properties.styles?split(' ') as style>
+    <link href="${resourceUrl}/${style}" rel="stylesheet" />
+    </#list>
+    </#if>
+
+    <script type="text/javascript">
+        var authUrl = '${authUrl}';
+        var consoleBaseUrl = '${consoleBaseUrl}';
+        var resourceUrl = '${resourceUrl}';
+        var masterRealm = '${masterRealm}';
+        var resourceVersion = '${resourceVersion}';
+    </script>
+
+    <!-- Minimized versions (for those that have one) -->
+    <script src="${resourceUrl}/node_modules/jquery/dist/jquery.min.js" type="text/javascript"></script>
+    <script src="${resourceUrl}/node_modules/select2/select2.js" type="text/javascript"></script>
+    <script src="${resourceUrl}/node_modules/angular/angular.min.js"></script>
+    <script src="${resourceUrl}/node_modules/angular-resource/angular-resource.min.js"></script>
+    <script src="${resourceUrl}/node_modules/angular-route/angular-route.min.js"></script>
+    <script src="${resourceUrl}/node_modules/angular-cookies/angular-cookies.min.js"></script>
+    <script src="${resourceUrl}/node_modules/angular-sanitize/angular-sanitize.min.js"></script>
+    <script src="${resourceUrl}/node_modules/angular-translate/dist/angular-translate.min.js"></script>
+    <script src="${resourceUrl}/node_modules/angular-translate-loader-url/angular-translate-loader-url.min.js"></script>
+    <script src="${resourceUrl}/node_modules/angular-ui-select2/src/select2.js" type="text/javascript"></script>
+    <script src="${resourceUrl}/node_modules/autofill-event/autofill-event.js"></script>
+    
+    
+    <!-- Unminimized versions
+    <script src="${resourceUrl}/node_modules/jquery/dist/jquery.js" type="text/javascript"></script>
+    <script src="${resourceUrl}/node_modules/select2/select2.js" type="text/javascript"></script>
+    <script src="${resourceUrl}/node_modules/angular/angular.js"></script>
+    <script src="${resourceUrl}/node_modules/angular-resource/angular-resource.js"></script>
+    <script src="${resourceUrl}/node_modules/angular-route/angular-route.js"></script>
+    <script src="${resourceUrl}/node_modules/angular-cookies/angular-cookies.js"></script>
+    <script src="${resourceUrl}/node_modules/angular-sanitize/angular-sanitize.js"></script>
+    <script src="${resourceUrl}/node_modules/angular-translate/dist/angular-translate.js"></script>
+    <script src="${resourceUrl}/node_modules/angular-translate-loader-url/angular-translate-loader-url.js"></script>
+    <script src="${resourceUrl}/node_modules/angular-ui-select2/src/select2.js" type="text/javascript"></script>
+    <script src="${resourceUrl}/node_modules/autofill-event/autofill-event.js"></script>
+    -->
+
+    <!-- Libraries not managed by yarn -->
+    <script src="${resourceUrl}/lib/angular/ui-bootstrap-tpls-0.11.0.js"></script>
+    <script src="${resourceUrl}/lib/angular/treeview/angular.treeview.js"></script>
+    <script src="${resourceUrl}/lib/fileupload/angular-file-upload.min.js"></script>
+    <script src="${resourceUrl}/lib/filesaver/FileSaver.js"></script>
+    <script src="${resourceUrl}/lib/ui-ace/min/ace.js"></script>
+    <script src="${resourceUrl}/lib/ui-ace/ui-ace.min.js"></script>
+
+    <script src="${authUrl}/js/keycloak.js?version=${resourceVersion}" type="text/javascript"></script>
+
+    <script src="${resourceUrl}/js/app.js" type="text/javascript"></script>
+    <script src="${resourceUrl}/js/controllers/realm.js" type="text/javascript"></script>
+    <script src="${resourceUrl}/js/controllers/clients.js" type="text/javascript"></script>
+    <script src="${resourceUrl}/js/controllers/users.js" type="text/javascript"></script>
+    <script src="${resourceUrl}/js/controllers/groups.js" type="text/javascript"></script>
+    <script src="${resourceUrl}/js/controllers/roles.js" type="text/javascript"></script>
+    <script src="${resourceUrl}/js/loaders.js" type="text/javascript"></script>
+    <script src="${resourceUrl}/js/services.js" type="text/javascript"></script>
+
+    <!-- Authorization -->
+    <script src="${resourceUrl}/js/authz/authz-app.js" type="text/javascript"></script>
+    <script src="${resourceUrl}/js/authz/authz-controller.js" type="text/javascript"></script>
+    <script src="${resourceUrl}/js/authz/authz-services.js" type="text/javascript"></script>
+
+    <#if properties.scripts?has_content>
+        <#list properties.scripts?split(' ') as script>
+            <script type="text/javascript" src="${resourceUrl}/${script}"></script>
+        </#list>
+    </#if>
+</head>
+<body data-ng-controller="GlobalCtrl" data-ng-cloak data-ng-show="auth.user">
+
+<nav class="navbar navbar-default navbar-pf" role="navigation" data-ng-include data-src="resourceUrl + '/partials/menu.html'">
+</nav>
+
+<div class="container-fluid">
+<div class="row">
+    <div data-ng-view id="view"></div>
+</div>
+</div>
+
+<div class="feedback-aligner" data-ng-show="notification.display">
+    <div class="alert alert-{{notification.type}} alert-dismissable">
+        <button type="button" class="close" data-ng-click="notification.remove()" id="notification-close">
+            <span class="pficon pficon-close"/>
+        </button>
+
+        <span class="pficon pficon-ok" ng-show="notification.type == 'success'"></span>
+        <span class="pficon pficon-info" ng-show="notification.type == 'info'"></span>
+        <span class="pficon-layered" ng-show="notification.type == 'danger'">
+            <span class="pficon pficon-error-octagon"></span>
+            <span class="pficon pficon-error-exclamation"></span>
+        </span>
+        <span class="pficon-layered" ng-show="notification.type == 'warning'">
+            <span class="pficon pficon-warning-triangle"></span>
+            <span class="pficon pficon-warning-exclamation"></span>
+        </span>
+        <strong>{{notification.header}}</strong> {{notification.message}}
+    </div>
+</div>
+
+<div id="loading" class="loading">Loading...</div>
+
+</body>
+</html>

admin/messages/admin-messages_ca.properties

@@ -0,0 +1,466 @@
+# Common messages
+enabled=Habilitat
+name=Nom
+save=Desar
+cancel=Cancel\u00B7la
+onText=SI
+offText=NO
+client=Client
+clients=Clients
+clear=Neteja
+selectOne=Selecciona un...
+
+true=S\u00ED
+false=No
+
+
+# Realm settings
+realm-detail.enabled.tooltip=Els usuaris i clients nom\u00E9s poden accedir a un domini si est\u00E0 habilitat
+registrationAllowed=Registre d''usuari
+registrationAllowed.tooltip=Habilitar/deshabilitar la p\u00E0gina de registre. Un enlla\u00E7 per al registre es mostrar\u00E0 tamb\u00E9 a la p\u00E0gina d''inici de sessi\u00F3.
+registrationEmailAsUsername=Email com a nom d''usuari
+registrationEmailAsUsername.tooltip=Si est\u00E0 habilitat el nom d''usuari queda ocult del formulari de registre i l''email es fa servir com a nom d''usuari per als nous usuaris.
+editUsernameAllowed=Edita el nom d''usuari
+editUsernameAllowed.tooltip=Si est\u00E0 habilitat, el nom d''usuari \u00E9s editable, altrament \u00E9s de nom\u00E9s lectura.
+resetPasswordAllowed=Oblit contrasenya
+resetPasswordAllowed.tooltip=Mostra un enlla\u00E7 a la p\u00E0gina d''inici de sessi\u00F3 perqu\u00E8 l''usuari faci clic quan ha oblidat les seves credencials.
+rememberMe=Mantenir connectat
+rememberMe.tooltip=Mostra la casella de selecci\u00F3 en la p\u00E0gina d''inici de sessi\u00F3 per a permetre a l''usuari estar connectat entre reinicis del navegador fins que la sessi\u00F3 expiri.
+verifyEmail=Verificar email
+verifyEmail.tooltip=For\u00E7ar l''usuari a verificar la seva adre\u00E7a de correu electr\u00F2nic la primera vegada que inici\u00EF sessi\u00F3.
+sslRequired=Sol\u00B7licitar SSL
+sslRequired.option.all=totes les peticions
+sslRequired.option.external=peticions externes
+sslRequired.option.none=cap
+sslRequired.tooltip=\u00C9s HTTP obligatori? ''cap'' significa que HTTPS no \u00E9s obligatori per cap direcic\u00F3n IP de client, ''peticions externes'' indica que localhost i les adreces IP privades poden accedir sense HTTPS, ''totes les peticions'' vol dir que HTTPS \u00E9s obligatori per a totes les adreces IP.
+publicKey=Clau p\u00FAblica
+gen-new-keys=Generar noves claus
+certificate=Certificat
+host=Host
+smtp-host=Host SMTP
+port=Port
+smtp-port=Port SMTP (per defecte 25)
+from=Des de
+sender-email-addr=Email del emissor
+enable-ssl=Habilitar SSL
+enable-start-tls=Habilitar StartTLS
+enable-auth=Habilitar autenticaci\u00F3
+username=Usuari
+login-username=Usuari
+password=Contrasenya
+login-password=Contrasenya
+login-theme=Tema d''inici de sessi\u00F3
+select-one=Selecciona un...
+login-theme.tooltip=Selecciona el tema per a les p\u00E0gines d''inici de sessi\u00F3, TOTP, permisos, registre i recordatori de contrasenya.
+account-theme=Tema de compte
+account-theme.tooltip=Selecciona el tema per a les p\u00E0gines de gesti\u00F3 del compte d''usuari.
+admin-console-theme=Tema de consola d''administraci\u00F3
+select-theme-admin-console=Selecciona el tema per a la consola d''administraci\u00F3.
+email-theme=Tema d''email
+select-theme-email=Selecciona el tema per als correus electr\u00F2nics que s\u00F3n enviats pel servidor.
+i18n-enabled=Internacionalitzaci\u00F3 activa
+supported-locales=Idiomes suportats
+supported-locales.placeholder=Indica l''idioma i prem Intro
+default-locale=Idioma per defecte
+realm-cache-enabled=Cach\u00E9 de domini habilitada
+realm-cache-enabled.tooltip=Activar/desactivar la cach\u00E9 per al domini, client i dades de rols.
+user-cache-enabled=Cach\u00E9 d''usuari habilitada
+user-cache-enabled.tooltip=Habilitar/deshabilitar la cach\u00E9 d''usuaris i d''assignacions d''usuaris a rols.
+revoke-refresh-token=Revocar el token d''actualitzaci\u00F3
+revoke-refresh-token.tooltip=Si est\u00E0 activat els tokens d''actualitzaci\u00F3 nom\u00E9s poden usar-se una vegada. En un altre cas els tokens d''actualitzaci\u00F3 no es revoquen quan s''utilitzen i poden ser usat m\u00FAltiples vegades.
+sso-session-idle=Sessions SSO inactives
+seconds=Segons
+minutes=Minuts
+hours=Hores
+days=Dies
+sso-session-max=Temps m\u00E0xim sessi\u00F3 SSO
+sso-session-idle.tooltip=Temps m\u00E0xim que una sessi\u00F3 pot estar inactiva abans que expiri. Els tokens i sessions de navegador s\u00F3n invalidades quan la sessi\u00F3 expira.
+sso-session-max.tooltip=Temps m\u00E0xim abans que una sessi\u00F3 expiri. Els tokens i sessions de navegador s\u00F3n invalidats quan una sessi\u00F3 expira.
+offline-session-idle=Inactivitat de sessi\u00F3 sense connexi\u00F3
+offline-session-idle.tooltip=Temps m\u00E0xim inactiu d''una sessi\u00F3 sense connexi\u00F3 abans que expiri. Necessites fer servi un token sense connexi\u00F3 per refrescar almenys una vegada dins d'aquest per\u00EDode, en un altre cas la sessi\u00F3 sense connexi\u00F3 expirar\u00E0.
+access-token-lifespan=Durada del token d''acc\u00E9s
+access-token-lifespan.tooltip=Temps m\u00E0xim abans que un token d''acc\u00E9s expiri. Es recomana que aquest valor sigui curt en relaci\u00F3 al temps m\u00E0xim de SSO
+client-login-timeout=Temps m\u00E0xim d''autenticaci\u00F3
+client-login-timeout.tooltip=Temps m\u00E0xim que un client t\u00E9 per finalitzar el protocol d''obtenci\u00F3 del token d''acc\u00E9s. Hauria de ser normalment de l''ordre d''1 minut.
+login-timeout=Temps m\u00E0xim de desconnexi\u00F3
+login-timeout.tooltip=Temps m\u00E0xim que un usuari t\u00E9 per completar l''inici de sessi\u00F3. Es recomana que sigui relativament alt. 30 minuts o m\u00E9s.
+login-action-timeout=Temps m\u00E0xim d''acci\u00F3 en l''inici de sessi\u00F3
+login-action-timeout.tooltip=Temps m\u00E0xim que un usuari t\u00E9 per completar accions relacionades amb l''inici de sessi\u00F3, com l''actualitzaci\u00F3 de contrasenya o configuraci\u00F3 de TOTP. \u00C9s recomanat que sigui relativament alt. 5 minuts o m\u00E9s.
+headers=Cap\u00E7aleres
+brute-force-detection=Detecci\u00F3 d''atacs per for\u00E7a bruta
+x-frame-options=X-Frame-Options
+click-label-for-info=Fes clic a l''enlla\u00E7 de l''etiqueta per obtenir m\u00E9s informaci\u00F3. El valor per defecte evita que les p\u00E0gines siguin incloses des d'iframes externs.
+content-sec-policy=Content-Security-Policy
+max-login-failures=Nombre m\u00E0xim d''errors d''inici de sessi\u00F3
+max-login-failures.tooltip=Indica quants errors es permeten abans que es dispari una espera.
+wait-increment=Increment d''espera
+wait-increment.tooltip=Quan s''ha arribat al llindar d''error, quant de temps ha d''estar un usuari bloquejat?
+quick-login-check-millis=Temps en mil\u00B7lisegons entre inicis de sessi\u00F3 r\u00E0pids
+quick-login-check-millis.tooltip=Si ocorren errors de forma concurrent i molt r\u00E0pida, bloquejar a l''usuari.
+min-quick-login-wait=Temps m\u00EDnim entre errors de connexi\u00F3 r\u00E0pids
+min-quick-login-wait.tooltip=Quant de temps s''ha d''esperar despr\u00E9s d''un error en un intent r\u00E0pid d''identificaci\u00F3
+max-wait=Espera m\u00E0xima
+max-wait.tooltip=Temps m\u00E0xim que un usuari queda bloquejat.
+failure-reset-time=Reinici del comptador d''errors
+failure-reset-time.tooltip=Quan s''ha de reiniciar el comptador d''errors?
+realm-tab-login=Inici de sessi\u00F3
+realm-tab-keys=Claus
+realm-tab-email=Email
+realm-tab-themes=Temes
+realm-tab-cache=Cach\u00E9
+realm-tab-tokens=Tokens
+realm-tab-security-defenses=Defenses de seguretat
+realm-tab-general=General
+add-realm=Afegir domini
+
+#Session settings
+realm-sessions=Sessions de domini
+revocation=Revocaci\u00F3
+logout-all=Desconnectar tot
+active-sessions=Sessions actives
+sessions=Sessions
+not-before=No abans de
+not-before.tooltip=Revocar qualsevol token em\u00E8s abans d''aquesta data.
+set-to-now=Fixar a ara
+push=Push
+push.tooltip=Per a cada client que t\u00E9 un URL d''administraci\u00F3, notificar les noves pol\u00EDtiques de revocaci\u00F3.
+
+#Protocol Mapper
+usermodel.prop.label=Propietat
+usermodel.prop.tooltip=Nom del m\u00E8tode de propietat en la interf\u00EDcie UserModel. Per exemple, un valor de ''email'' faria refer\u00E8ncia al m\u00E8tode UserModel.getEmail().
+usermodel.attr.label=Atribut d''usuari
+usermodel.attr.tooltip=Nom de l''atribut d''usuari emmagatzemat que \u00E9s el nom de l''atribut dins el map UserModel.attribute.
+userSession.modelNote.label=Nota sessi\u00F3 usuari
+userSession.modelNote.tooltip=Nom de la nota emmagatzemada en la sessi\u00F3 d''usuari dins del mapa UserSessionModel.note
+multivalued.label=Valors m\u00FAltiples
+multivalued.tooltip=Indica si l''atribut suporta m\u00FAltiples valors. Si est\u00E0 habilitat, la llista de tots els valors d''aquest atribut es fixar\u00E0 com a reclamaci\u00F3. Si est\u00E0 deshabilitat, nom\u00E9s el primer valor ser\u00E0 fixat com a reclamaci\u00F3.
+selectRole.label=Selecciona rol
+selectRole.tooltip=Introdueix el rol a la caixa de text de l''esquerra, o fes clic a aquest bot\u00F3 per navegar i buscar el rol que vols.
+tokenClaimName.label=Nom de reclam del token
+tokenClaimName.tooltip=Nom del reclam a inserir en el testimoni. Pot ser un nom complet com ''address.street''. En aquest cas, es crear\u00E0 un objecte JSON niat.
+jsonType.label=Tipus JSON de reclamaci\u00F3
+jsonType.tooltip=El tipus de JSON que hauria de fer-se servir per omplir la petici\u00F3 de JSON en el token. long, int, boolean i String s\u00F3n valors v\u00E0lids
+includeInIdToken.label=Afegir al token d''ID
+includeInAccessToken.label=Afegir al token d''acc\u00E9s
+includeInAccessToken.tooltip=S''hauria d'afegir la identitat reclamada al token d''acc\u00E9s?
+
+
+# client details
+clients.tooltip=Els clients s\u00F3n aplicacions de navegador de confian\u00E7a i serveis web d''un domini. Aquests clients poden sol\u00B7licitar un inici de sessi\u00F3. Tamb\u00E9 pots definir rols espec\u00EDfics de client.
+search.placeholder=Cercar...
+create=Crea
+import=Importar
+client-id=ID Client
+base-url=URL Base
+actions=Accions
+not-defined=No definit
+edit=Edita
+delete=Esborra
+no-results=Sense resultats
+no-clients-available=No hi ha clients disponibles
+add-client=Afegir Client
+select-file=Selecciona arxiu
+view-details=Veure detalls
+clear-import=Neteja importaci\u00F3
+client-id.tooltip=Indica l''identificador (ID) referenciat en URIs i tokens. Per exemple ''my-client''
+client.name.tooltip=Indica el nom visible del client. Per exemple ''My Client''. Tamb\u00E9 suporta claus per valors localitzats. Per exemple: ${my_client}
+client.enabled.tooltip=Els clients deshabilitats no poden iniciar una identificaci\u00F3 o obtenir codis d''acc\u00E9s.
+consent-required=Consentiment necessari
+consent-required.tooltip=Si est\u00E0 habilitat, els usuaris han de consentir l''acc\u00E9s del client.
+direct-grants-only=Nom\u00E9s permisos directes
+direct-grants-only.tooltip=Quan est\u00E0 habilitat, el client nom\u00E9s pot obtenir permisos de l''API REST.
+client-protocol=Protocol del Client
+client-protocol.tooltip=''OpenID connect'' permet als clients verificar la identitat de l''usuari final basat en l''autenticaci\u00F3 realitzada per un servidor d''autoritzaci\u00F3. ''SAML'' habilita l''autenticaci\u00F3 i autoritzaci\u00F3 d''escenaris basats en web incloent cross-domain i single sign-on (SSO) i utilitza tokens de seguretat que contenen afirmacions per passar informaci\u00F3.
+access-type=Tipus d''acc\u00E9s
+access-type.tooltip=Els clients ''Confidential'' necessiten un secret per iniciar el protocol d''identificaci\u00F3. Els clients ''Public'' no requereixen un secret. Els clients 'Bearer-only' s\u00F3n serveis web que mai inicien un login.
+service-accounts-enabled=Comptes de servei habilitades
+service-accounts-enabled.tooltip=Permetre autenticar aquest client contra Keycloak i rebre un token d''acc\u00E9s dedicat per a aquest client.
+include-authnstatement=Incloure AuthnStatement
+include-authnstatement.tooltip=Hauria d''incloure''s una declaraci\u00F3 especificant el m\u00E8tode i la marca de temps en la resposta d''inici de sessi\u00F3?
+sign-documents=Signar documents
+sign-documents.tooltip=Hauria el domini de signar els documents SAML?
+sign-assertions=Signar assercions
+sign-assertions.tooltip=Haurien de signar-se les assercions en documents SAML? Aquest ajust no \u00E9s necessari si el document ja s''est\u00E0 signant.
+signature-algorithm=Algorisme de signatura
+signature-algorithm.tooltip=L''algorisme de signatura usat per signar els documents.
+canonicalization-method=M\u00E8tode de canonicalitzaci\u00F3
+canonicalization-method.tooltip=M\u00E8tode de canonicalitzaci\u00F3 per a les signatures XML
+encrypt-assertions=Xifrar afirmacions
+encrypt-assertions.tooltip=Haurien de xifrar-se les afirmacions SAML amb la clau p\u00FAblica del client fent servir AES?
+client-signature-required=Signatura de Client requerida
+client-signature-required.tooltip=Signar\u00E0 el client les seves peticions i respostes SAML? I haurien de ser validades?
+force-post-binding=For\u00E7ar enlla\u00E7os POST
+force-post-binding.tooltip=Fer servir sempre POST per a les respostes
+front-channel-logout=Desconnexi\u00F3 en primer pla (Front Channel)
+front-channel-logout.tooltip=Quan est\u00E0 activat, la desconnexi\u00F3 requereix una redirecci\u00F3 del navegador cap al client. Quan no est\u00E0 activat, el servidor realitza una invovaci\u00F3n de desconnexi\u00F3 en segon pla.
+force-name-id-format=For\u00E7ar format NameID
+force-name-id-format.tooltip=Ignorar la petici\u00F3 de subjecte NameID i fer servir la configurada a la consola d''administraci\u00F3.
+name-id-format=Format de NameID
+name-id-format.tooltip=El format de NameID que es far\u00E0 servir per al t\u00EDtol
+root-url=URL arrel
+root-url.tooltip=URL arrel afegida a les URL relatives
+valid-redirect-uris=URIs de redirecci\u00F3 v\u00E0lides
+valid-redirect-uris.tooltip=Patr\u00F3 d''URI v\u00E0lida per a la qual un navegador pot sol\u00B7licitar la redirecci\u00F3 despr\u00E9s d''un inici o tancament de sessi\u00F3 completat. Es permeten comodins simples p.ex. ''http://example.com/*''. Tamb\u00E9 es poden indicar rutes relatives p.ex. ''/my/relative/path/*''. Les rutes relatives generaran un URI de redirecci\u00F3 fent servir el host i port de la petici\u00F3. Per SAML, s''han de fixar patrons d''URI v\u00E0lids si vols confiar en l''URL del servei del consumidor indicada en la petici\u00F3 d''inici de sessi\u00F3.
+base-url.tooltip=URL per defecte per utilitzar quan el servidor d''autoritzaci\u00F3 necessita redirigir o enviar de tornada al client.
+admin-url=URL d''administraci\u00F3
+admin-url.tooltip=URL a la interf\u00EDcie d''administraci\u00F3 del client. Fixa aquest valor si el client suporta l''adaptador de REST. Aquesta API REST permet al servidor d''autenticaci\u00F3 enviar al client pol\u00EDtiques de revocaci\u00F3 i altres tasques administratives. Normalment es fixa a l''URL base del client.
+master-saml-processing-url=URL principal de processament SAML
+master-saml-processing-url.tooltip=Si est\u00E0 configurada, aquesta URL es fara servir per a cada enlla\u00E7 al prove\u00EFdor del servei del consumidor d''assercions i serveis de desconnexi\u00F3 \u00FAnics. Pot ser sobreescrit de forma individual per a cada enlla\u00E7 i servei en el punt final de configuraci\u00F3 fina de SAML.
+idp-sso-url-ref=Nom de la URL d''un SSO iniciat per l''IDP
+idp-sso-url-ref.tooltip=Nom del fragment de l''URL per referenciar al client quan vols un SSO iniciat per l''IDP. Deixant aix\u00F2 buit desactiva els SSO iniciats per l''IDP. L''URL referenciada des del navegador ser\u00E0: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name}
+idp-sso-relay-state=Estat de retransmissi\u00F3 d''un SSO iniciat per l''IDP
+idp-sso-relay-state.tooltip=Estat de retransmissi\u00F3 que vols enviar amb una petici\u00F3 SAML quan s''inicia un SSO iniciat per l''IDP
+web-origins=Or\u00EDgens web
+web-origins.tooltip=Or\u00EDgens CORS permesos. Per permetre tots els or\u00EDgens d''URIs de redirecci\u00F3 v\u00E0lides afegeix ''+''. Per permetre tots els or\u00EDgens afegeix ''*''.
+fine-saml-endpoint-conf=Fine Grain SAML Endpoint Configuration
+fine-saml-endpoint-conf.tooltip=Expandeix aquesta secci\u00F3 per configurar les URL exactes per Assertion Consumer i Single Logout Service.
+assertion-consumer-post-binding-url=Assertion Consumer Service POST Binding URL
+assertion-consumer-post-binding-url.tooltip=SAML POST Binding URL for the client''s assertion consumer service (login responses).  You can leave this blank if you do not have a URL for this binding.
+assertion-consumer-redirect-binding-url=Assertion Consumer Service Redirect Binding URL
+assertion-consumer-redirect-binding-url.tooltip=Assertion Consumer Service Redirect Binding URL
+logout-service-post-binding-url=URL d''enlla\u00E7 SAML POST per a la desconnexi\u00F3
+logout-service-post-binding-url.tooltip=URL d''enlla\u00E7 SAML POST per a la desconnexi\u00F3 \u00FAnica del client. Pots deixar-ho en blanc si est\u00E0s fent servir un enlla\u00E7 diferent.
+logout-service-redir-binding-url=URL d''enlla\u00E7 SAML de redirecci\u00F3 per a la desconnexi\u00F3
+logout-service-redir-binding-url.tooltip=URL d''enlla\u00E7 SAML de redirecci\u00F3 per a la desconnexi\u00F3 \u00FAnica del client. Pots deixar-ho en blanc si est\u00E0s fent servir un enlla\u00E7 diferent.
+
+# client import
+import-client=Importar Client
+format-option=Format
+select-format=Selecciona un format
+import-file=Arxiu d''Importaci\u00F3
+
+# client tabs
+settings=Ajustos
+credentials=Credencials
+saml-keys=Claus SAML
+roles=Rols
+mappers=Assignadors
+mappers.tooltip=Els assignadors de protocols realitzen transformacions en tokens i documents. Poden fer coses com assignar dades d''usuari en peticions de protocol, o simplement transformar qualsevol petici\u00F3 entre el client i el servidor d''autenticaci\u00F3.
+scope=\u00C0mbit
+scope.tooltip=Les assignacions d''\u00E0mbit et permeten restringir que assignacions de rols d''usuari s''inclouen en el testimoni d''acc\u00E9s sol\u00B7licitat pel client.
+sessions.tooltip=Veure sessions actives per a aquest client. Permet veure quins usuaris estan actius i quan es van identificar.
+offline-access=Acc\u00E9s sense connexi\u00F3
+offline-access.tooltip=Veure sessions sense connexi\u00F3 per aquest client. Et permet veure que usuaris han sol\u00B7licitat tokens sense connexi\u00F3 i quan els van sol\u00B7licitar. Per revocar tots els tokens del client, accedeix a la pestanya de Revocaci\u00F3 i fixa el valor \"No abans de\" a \"now\".
+clustering=Clustering
+installation=Instal\u00B7laci\u00F3
+installation.tooltip=Eina d''ajuda per generar la configuraci\u00F3 de diversos formats d''adaptadors de client que pots descarregar o copiar i enganxar per configurar teus clients.
+service-account-roles=Rols de compte de servei
+service-account-roles.tooltip=Permetre autenticar assignacions de rol per el compte de servei dedicat a aquest client.
+
+# client credentials
+client-authenticator=Client autenticador
+client-authenticator.tooltip=Client autenticador usat per autenticar aquest client contra el servidor Keycloak
+certificate.tooltip=Certificat de client per validar els JWT emesos per aquest client i signats amb la clau privada del client del teu magatzem de claus.
+no-client-certificate-configured=No s''ha configurat el certificat de client
+gen-new-keys-and-cert=Generar noves claus i certificat
+import-certificate=Importar Certificat
+gen-client-private-key=Generar clau privada de client
+generate-private-key=Generar clau privada
+archive-format=Format d''Arxiu
+archive-format.tooltip=Format d''arxiu Java keystore o PKCS12
+key-alias=\u00C0lies de clau
+key-alias.tooltip=\u00C0lies de l''arxiu de la teva clau privada i certificat.
+key-password=Contrasenya de la clau
+key-password.tooltip=Contrasenya per accedir a la clau privada continguda en l''arxiu
+store-password=Contrasenya del magatzem
+store-password.tooltip=Contrasenya per accedir a l''arxiu
+generate-and-download=Generar i descarregar
+client-certificate-import=Importaci\u00F3 de certificat de client
+import-client-certificate=Importar Certificat de Client
+jwt-import.key-alias.tooltip=\u00C0lies de l''arxiu del teu certificat.
+secret=Secret
+regenerate-secret=Regenerar secret
+add-role=Afegir rol
+role-name=Nom de rol
+composite=Compost
+description=Descripci\u00F3
+no-client-roles-available=No hi ha rols de client disponibles
+scope-param-required=Par\u00E0metre d''\u00E0mbit obligatori
+scope-param-required.tooltip=Aquest rol nom\u00E9s ser\u00E0 concedit si el par\u00E0metre d''\u00E0mbit amb el nom del rol \u00E9s usat durant la petici\u00F3 d''autoritzaci\u00F3/obtenci\u00F3 de token.
+composite-roles=Rols compostos
+composite-roles.tooltip=Quan aquest paper \u00E9s assignat/desassignat a un usuari qualsevol rol associat amb ell ser\u00E0 assignat/desassignat de forma impl\u00EDcita.
+realm-roles=Rols de domini
+available-roles=Rols Disponibles
+add-selected=Afegeix seleccionat
+associated-roles=Rols Associats
+composite.associated-realm-roles.tooltip=Rols a nivell de domini associats amb aquest rol compost.
+composite.available-realm-roles.tooltip=Rols a nivell de domini disponibles en aquest paper compost.
+remove-selected=Esborrar seleccionats
+client-roles=Rols de Client
+select-client-to-view-roles=Selecciona el client per veure els seus rols
+available-roles.tooltip=Rols d''aquest client que pots associar a aquest rol compost.
+client.associated-roles.tooltip=Rols de client associats amb aquest rol compost.
+add-builtin=Afegeix Builtin
+category=Categoria
+type=Tipus
+no-mappers-available=No hi ha assignadors disponibles
+add-builtin-protocol-mappers=Afegeix Builtin Protocol Mappers
+add-builtin-protocol-mapper=Afegeix Builtin Protocol Mapper
+scope-mappings=Assignacions d''\u00E0mbit
+full-scope-allowed=Permet tots els \u00E0mbits
+full-scope-allowed.tooltip=Permet deshabilitar totes les restriccions.
+scope.available-roles.tooltip=Rols de domini que poden ser assignats a l''\u00E0mbit
+assigned-roles=Rols Assignats
+assigned-roles.tooltip=Rols a nivell de domini assignats a aquest \u00E0mbit.
+effective-roles=Rols efectius
+realm.effective-roles.tooltip=Rols de domini assignats que poden haver estat heretats d''un rol compost.
+select-client-roles.tooltip=Selecciona el client per veure els seus rols
+assign.available-roles.tooltip=Rols de clients disponibles per ser assignats.
+client.assigned-roles.tooltip=Rols de client assignats
+client.effective-roles.tooltip=Rols de client assignats que poden haver estat heretats des d''un rol compost.
+basic-configuration=Configuraci\u00F3 b\u00E0sica
+node-reregistration-timeout=Temps d''espera de re-registre de node
+node-reregistration-timeout.tooltip=Indica el m\u00E0xim interval de temps perqu\u00E8 els nodes del cl\u00FAster registrats es tornin a registrar. Si el node del cl\u00FAster no envia una petici\u00F3 de re-registre a Keycloak dins d''aquest interval, ser\u00E0 desregistrat de Keycloak
+registered-cluster-nodes=Registrar nodes de cl\u00FAster
+register-node-manually=Registrar node manualment
+test-cluster-availability=Provar disponibilitat del cl\u00FAster
+last-registration=\u00DAltim registre
+node-host=Host del node
+no-registered-cluster-nodes=No hi ha nodes de cl\u00FAster registrats disponibles
+cluster-nodes=Nodes de cl\u00FAster
+add-node=Afegir Node
+active-sessions.tooltip=Nombre total de sessions actives per a aquest client.
+show-sessions=Mostrar sessions
+show-sessions.tooltip=Advert\u00E8ncia, aquesta \u00E9s una operaci\u00F3 potencialment costosa depenent del nombre de sessions actives.
+user=Usuari
+from-ip=Des de IP
+session-start=Inici de sessi\u00F3
+first-page=Primera p\u00E0gina
+previous-page=P\u00E0gina Anterior
+next-page=P\u00E0gina seg\u00FCent
+client-revoke.not-before.tooltip=Revocar tots els tokens emesos abans d''aquesta data per a aquest client.
+client-revoke.push.tooltip=Si l''URL d''administraci\u00F3 est\u00E0 configurada per a aquest client, envia aquesta pol\u00EDtica a aquest client.
+select-a-format=Selecciona un format
+download=Descarrega
+offline-tokens=Tokens sense connexi\u00F3
+offline-tokens.tooltip=Nombre total de tokens sense connexi\u00F3 d''aquest client.
+show-offline-tokens=Mostrar tokens sense connexi\u00F3
+show-offline-tokens.tooltip=Advert\u00E8ncia, aquesta \u00E9s una operaci\u00F3 potencialment costosa depenent del nombre de tokens sense connexi\u00F3.
+token-issued=Token expedit
+last-access=\u00DAltim Acc\u00E9s
+last-refresh=\u00DAltima actualitzaci\u00F3
+key-export=Exportar clau
+key-import=Importar clau
+export-saml-key=Exporta clau SAML
+import-saml-key=Importar clau SAML
+realm-certificate-alias=\u00C0lies del certificat del domini
+realm-certificate-alias.tooltip=El certificat del domini \u00E9s emmagatzemat en arxiu. Aquest \u00E9s l''\u00E0lies a aquest.
+signing-key=Clau de firma
+saml-signing-key=Clau de firma SAML.
+private-key=Clau Privada
+generate-new-keys=Generar noves claus
+export=Exporta
+encryption-key=Clau de xifrat
+saml-encryption-key.tooltip=Clau de xifrat de SAML
+service-accounts=Comptes de servei
+service-account.available-roles.tooltip=Rols de domini que poden ser assignats al compte del servei.
+service-account.assigned-roles.tooltip=Rols de domini assignats al compte del servei.
+service-account-is-not-enabled-for=El compte del servei no est\u00E0 habilitada per {{client}}
+create-protocol-mappers=Crea assignadors de protocol
+create-protocol-mapper=Crea assignador de protocol
+protocol=Protocol
+protocol.tooltip=Protocol.
+id=ID
+mapper.name.tooltip=Nom de l''assignador.
+mapper.consent-required.tooltip=Quan es concedeix acc\u00E9s temporal, \u00E9s necessari el consentiment de l''usuari per a proporcinar aquestes dades al client?
+consent-text=Text del consentiment
+consent-text.tooltip=Text per mostrar a la p\u00E0gina de consentiment.
+mapper-type=Tipus d''assignador
+
+# realm identity providers
+identity-providers=Prove\u00EFdors d''identitat
+table-of-identity-providers=Taula de prove\u00EFdors d''identitat
+add-provider.placeholder=Afegir prove\u00EFdor...
+provider=Prove\u00EFdor
+gui-order=Ordre en la interf\u00EDcie gr\u00E0fica (GUI)
+redirect-uri=URI de redirecci\u00F3
+redirect-uri.tooltip=L''URI de redirecci\u00F3 usada per configurar el prove\u00EFdor d''identitat.
+alias=\u00C0lies
+identity-provider.alias.tooltip=L''\u00E0lies que identifica de forma \u00FAnica un prove\u00EFdor d''identitat, es far servir tamb\u00E9 per construir la URI de redirecci\u00F3.
+identity-provider.enabled.tooltip=Habilita/deshabilita aquest prove\u00EFdor d''identitat.
+authenticate-by-default=Autenticar per defecte
+identity-provider.authenticate-by-default.tooltip=Indica si aquest prove\u00EFdor hauria de ser provat per defecte per autenticacaci\u00F3n fins i tot abans de mostrar la p\u00E0gina d''inici de sessi\u00F3.
+store-tokens=Emmagatzemar tokens
+identity-provider.store-tokens.tooltip=Habilitar/deshabilitar si els tokens han de ser emmagatzemats despr\u00E9s d''autenticar als usuaris.
+stored-tokens-readable=Tokens emmagatzemats llegibles
+identity-provider.stored-tokens-readable.tooltip=Habilitar/deshabilitar si els nous usuaris poden llegir els tokens emmagatzemats. Aix\u00F2 assigna el rol ''broker.read-token''.
+update-profile-on-first-login=Actualitzar perfil al primer inici de sessi\u00F3
+on=Activat
+on-missing-info=Si falta informaci\u00F3
+off=Desactivat
+update-profile-on-first-login.tooltip=Defineix condicions sota les quals un usuari ha de actualitzar el seu perfil durant el primer inici de sessi\u00F3.
+trust-email=Confiar en l''email
+trust-email.tooltip=Si est\u00E0 habilitat, l''email rebut d''aquest prove\u00EFdor no es verificar\u00E0 encara que la verificaci\u00F3 estigui habilitada per al domini.
+gui-order.tooltip=N\u00FAmero que defineix l''ordre del prove\u00EFdor en la interf\u00EDcie gr\u00E0fica (GUI) (ex. a la p\u00E0gina d''inici de sessi\u00F3)
+openid-connect-config=Configuraci\u00F3 d''OpenID Connect
+openid-connect-config.tooltip=Configuraci\u00F3 d''OIDC SP i IDP externs
+authorization-url=URL d''autoritzaci\u00F3
+authorization-url.tooltip=La URL d''autoritzaci\u00F3.
+token-url=Token URL
+token-url.tooltip=L''URL del token.
+logout-url=URL de desconnexi\u00F3
+identity-provider.logout-url.tooltip=Punt de tancament de sessi\u00F3 per utilitzar en la desconnexi\u00F3 d''usuaris des d''un prove\u00EFdor d''identitat (IDP) extern.
+backchannel-logout=Backchannel Logout
+backchannel-logout.tooltip=Does the external IDP support backchannel logout?
+user-info-url=URL d''informaci\u00F3 d''usuari
+user-info-url.tooltip=L''URL d''informaci\u00F3 d''usuari. Opcional.
+identity-provider.client-id.tooltip=El client o identificador de client registrat en el prove\u00EFdor d''identitat.
+client-secret=Secret de Client
+show-secret=Mostrar secret
+hide-secret=Amaga secret
+client-secret.tooltip=El client o el secret de client registrat en el prove\u00EFdor d''identitat.
+issuer=Emissor
+issuer.tooltip=L''identificador de l''emissor per a l''emissor de la resposta. Si no s''indica, no es realitzar\u00E0 cap validaci\u00F3.
+default-scopes=\u00C0mbits per defecte
+identity-provider.default-scopes.tooltip=Els \u00E0mbits que s''enviaran quan es sol\u00B7liciti autoritzaci\u00F3. Pot ser una llista d''\u00E0mbits separats per espais. El valor per defecte \u00E9s ''openid''.
+prompt=Prompt
+unspecified.option=no especificat
+none.option=cap
+consent.option=consentiment
+login.option=login
+select-account.option=select_account
+prompt.tooltip=Indica si el servidor d''autoritzaci\u00F3 sol\u00B7licita a l''usuari final per reautenticaci\u00F3n i consentiment.
+validate-signatures=Validar signatures
+identity-provider.validate-signatures.tooltip=Habilitar/deshabilitar la validaci\u00F3 de signatures de prove\u00EFdors d''identitat (IDP) externs
+validating-public-key=Validant clau p\u00FAblica
+identity-provider.validating-public-key.tooltip=La clau p\u00FAblica en format PEM que ha de fer-se servir per verificar les signatures de prove\u00EFdors d''identitat (IDP) externs.
+import-external-idp-config=Importar configuraci\u00F3 externa d''IDP
+import-external-idp-config.tooltip=Et permet carregar metadades d''un prove\u00EFdor d''identitat (IDP) extern d''un arxiu de coniguraci\u00F3n o descarregar des d''una URL.
+import-from-url=Importar des d''URL
+identity-provider.import-from-url.tooltip=Importa metadades des d''un descriptor d''un prove\u00EFdor d''identitat (IDP) remot.
+import-from-file=Importa des d''arxiu
+identity-provider.import-from-file.tooltip=Importa metadades des d''un descriptor d''un prove\u00EFdor d''identitat (IDP) descarregat.
+saml-config=Configuraci\u00F3 SAML
+identity-provider.saml-config.tooltip=Configuraci\u00F3 de prove\u00EFdor SAML i IDP extern
+single-signon-service-url=URL de servei de connexi\u00F3 \u00FAnic (SSO)
+saml.single-signon-service-url.tooltip=L''URL que s''ha de fer servir per enviar peticions d''autenticaci\u00F3 (SAML AuthnRequest).
+single-logout-service-url=URL de servei de desconnexi\u00F3 \u00FAnic
+saml.single-logout-service-url.tooltip=L''URL que ha de fer-se servir per enviar peticions de desconnexi\u00F3.
+nameid-policy-format=Format de pol\u00EDtica NameID
+nameid-policy-format.tooltip=Indica la refer\u00E8ncia a la URI corresponent a un format de NameID. El valor per defecte \u00E9s urn:oasis:names:tc:SAML:2.0:nameid-format:persistent.
+http-post-binding-response=HTTP-POST enlla\u00E7 de resposta
+http-post-binding-response.tooltip=Indica si es respon a les peticions fent servir HTTP-POST. Si no est\u00E0 activat, es far servir HTTP-REDIRECT.
+http-post-binding-for-authn-request=HTTP-POST per AuthnRequest
+http-post-binding-for-authn-request.tooltip=Indica si AuthnRequest ha de ser enviat usant HTTP-POST. Si no est\u00E0 activat es fa HTTP-REDIRECT.
+want-authn-requests-signed=Signar AuthnRequests
+want-authn-requests-signed.tooltip=Indica si el prove\u00EFdor d''identitat espera rebre signades les AuthnRequest.
+force-authentication=For\u00E7ar autenticaci\u00F3
+identity-provider.force-authentication.tooltip=Indica si el prove\u00EFdor d''identitat ha d'autenticar en presentar directament les credencials en lloc de dependre d''un context de seguretat previ.
+validate-signature=Validar signatura
+saml.validate-signature.tooltip=Habilitar/deshabilitar la validaci\u00F3 de signatura en respostes SAML.
+validating-x509-certificate=Validant certificat X509
+validating-x509-certificate.tooltip=El certificat en format PEM que ha de fer-se servir per comprovar les signatures.
+saml.import-from-url.tooltip=Importar metadades des d''un descriptor d'entitat remot d''un IDP de SAML
+social.client-id.tooltip=L''identificador del client registrat amb el prove\u00EFdor d''identitat.
+social.client-secret.tooltip=El secret del client registrat amb el prove\u00EFdor d''identitat.
+social.default-scopes.tooltip=\u00C0mbits que s''enviaran quan es sol\u00B7liciti autoritzaci\u00F3. Veure la documentaci\u00F3 per als possibles valors, separador i valor per defecte.
+key=Clau
+stackoverflow.key.tooltip=La clau obtinguda en el registre del client de Stack Overflow.
+
+realms=Dominis
+realm=Domini
+
+identity-provider-mappers=Assignadors de prove\u00EFdors d''identitat (IDP)
+create-identity-provider-mapper=Crea assignador de prove\u00EFdor d''identitat (IDP)
+add-identity-provider-mapper=Afegeix assignador de prove\u00EFdor d''identitat
+client.description.tooltip=Indica la descripci\u00F3 del client. Per exemple ''My Client for TimeSheets''. Tamb\u00E9 suporta claus per a valors localitzats. Per exemple: ${my_client_description}

admin/messages/admin-messages_es.properties

@@ -0,0 +1,467 @@
+# Common messages
+enabled=Habilitado
+name=Nombre
+save=Guardar
+cancel=Cancelar
+onText=SI
+offText=NO
+client=Cliente
+clients=Clientes
+clear=Limpiar
+selectOne=Selecciona uno...
+
+true=S\u00ED
+false=No
+
+
+# Realm settings
+realm-detail.enabled.tooltip=Los usuarios y clientes solo pueden acceder a un dominio si est\u00E1 habilitado
+registrationAllowed=Registro de usuario
+registrationAllowed.tooltip=Habilitar/deshabilitar la p\u00E1gina de registro. Un enlace para el registro se mostrar\u00E1 tambi\u00E9n en la p\u00E1gina de inicio de sesi\u00F3n.
+registrationEmailAsUsername=Email como nombre de usuario
+registrationEmailAsUsername.tooltip=Si est\u00E1 habilitado el nombre de usuario queda oculto del formulario de registro y el email se usa como nombre de usuario para los nuevos usuarios.
+editUsernameAllowed=Editar nombre de usuario
+editUsernameAllowed.tooltip=Si est\u00E1 habilitado, el nombre de usuario es editable, en otro caso es de solo lectura.
+resetPasswordAllowed=Olvido contrase\u00F1a
+resetPasswordAllowed.tooltip=Muestra un enlace en la p\u00E1gina de inicio de sesi\u00F3n para que el usuario haga clic cuando ha olvidado sus credenciales.
+rememberMe=Seguir conectado
+rememberMe.tooltip=Muestra la casilla de selecci\u00F3n en la p\u00E1gina de inicio de sesi\u00F3n para permitir al usuario permanecer conectado entre reinicios del navegador hasta que la sesi\u00F3n expire.
+verifyEmail=Verificar email
+verifyEmail.tooltip=Forzar al usuario a verificar su direcci\u00F3n de email la primera vez que inicie sesi\u00F3n.
+sslRequired=Solicitar SSL
+sslRequired.option.all=todas las peticiones
+sslRequired.option.external=peticiones externas
+sslRequired.option.none=ninguna
+sslRequired.tooltip=\u00BFEs HTTP obligatorio? ''ninguna'' significa que HTTPS no es obligatorio para ninguna direcic\u00F3n IP de cliente, ''peticiones externas'' indica que localhost y las direcciones IP privadas pueden acceder sin HTTPS, ''todas las peticiones'' significa que HTTPS es obligatorio para todas las direcciones IP.
+publicKey=Clave p\u00FAblica
+gen-new-keys=Generar nuevas claves
+certificate=Certificado
+host=Host
+smtp-host=Host SMTP
+port=Puerto
+smtp-port=Puerto SMTP (por defecto 25)
+from=De
+sender-email-addr=Email del emisor
+enable-ssl=Habilitar SSL
+enable-start-tls=Habilitar StartTLS
+enable-auth=Habilitar autenticaci\u00F3n
+username=Usuario
+login-username=Usuario
+password=Contrase\u00F1a
+login-password=Contrase\u00F1a
+login-theme=Tema de inicio de sesi\u00F3n
+select-one=Selecciona uno...
+login-theme.tooltip=Selecciona el tema para las p\u00E1ginas de inicio de sesi\u00F3n, TOTP, permisos, registro y recordatorio de contrase\u00F1a.
+account-theme=Tema de cuenta
+account-theme.tooltip=Selecciona el tema para las p\u00E1ginas de gesti\u00F3n de la cuenta de usuario.
+admin-console-theme=Tema de consola de administraci\u00F3n
+select-theme-admin-console=Selecciona el tema para la consola de administraci\u00F3n.
+email-theme=Tema de email
+select-theme-email=Selecciona el tema para los emails que son enviados por el servidor.
+i18n-enabled=Internacionalizaci\u00F3n activa
+supported-locales=Idiomas soportados
+supported-locales.placeholder=Indica el idioma y pulsa Intro
+default-locale=Idioma por defecto
+realm-cache-enabled=Cach\u00E9 de dominio habilitada
+realm-cache-enabled.tooltip=Activar/desactivar la cach\u00E9 para el dominio, cliente y datos de roles.
+user-cache-enabled=Cach\u00E9 de usuario habilitada
+user-cache-enabled.tooltip=Habilitar/deshabilitar la cach\u00E9 de usuarios y de asignaciones de usuarios a roles.
+revoke-refresh-token=Revocar el token de actualizaci\u00F3n
+revoke-refresh-token.tooltip=Si est\u00E1 activado los tokens de actualizaci\u00F3n solo pueden usarse una vez. En otro caso los tokens de actualizaci\u00F3n no se revocan cuando se utilizan y pueden ser usado m\u00FAltiples veces.
+sso-session-idle=Sesiones SSO inactivas
+seconds=Segundos
+minutes=Minutos
+hours=Horas
+days=D\u00EDas
+sso-session-max=Tiempo m\u00E1ximo sesi\u00F3n SSO
+sso-session-idle.tooltip=Tiempo m\u00E1ximo que una sesi\u00F3n puede estar inactiva antes de que expire. Los tokens y sesiones de navegador son invalidadas cuando la sesi\u00F3n expira.
+sso-session-max.tooltip=Tiempo m\u00E1ximo antes de que una sesi\u00F3n expire. Los tokens y sesiones de navegador son invalidados cuando una sesi\u00F3n expira.
+offline-session-idle=Inactividad de sesi\u00F3n sin conexi\u00F3n
+offline-session-idle.tooltip=Tiempo m\u00E1ximo inactivo de una sesi\u00F3n sin conexi\u00F3n antes de que expire. Necesitas usar un token sin conexi\u00F3n para refrescar al menos una vez dentro de este periodo, en otro caso la sesi\u00F3n sin conexi\u00F3n expirar\u00E1.
+access-token-lifespan=Duraci\u00F3n del token de acceso
+access-token-lifespan.tooltip=Tiempo m\u00E1ximo antes de que un token de acceso expire. Se recomienda que este valor sea corto en relaci\u00F3n al tiempo m\u00E1ximo de SSO
+client-login-timeout=Tiempo m\u00E1ximo de autenticaci\u00F3n
+client-login-timeout.tooltip=Tiempo m\u00E1ximo que un cliente tiene para finalizar el protocolo de obtenci\u00F3n del token de acceso. Deber\u00EDa ser normalmente del orden de 1 minuto.
+login-timeout=Tiempo m\u00E1ximo de desconexi\u00F3n
+login-timeout.tooltip=Tiempo m\u00E1ximo que un usuario tiene para completar el inicio de sesi\u00F3n. Se recomienda que sea relativamente alto. 30 minutos o m\u00E1s.
+login-action-timeout=Tiempo m\u00E1ximo de acci\u00F3n en el inicio de sesi\u00F3n
+login-action-timeout.tooltip=Tiempo m\u00E1ximo que un usuario tiene para completar acciones relacionadas con el inicio de sesi\u00F3n, como la actualizaci\u00F3n de contrase\u00F1a o configuraci\u00F3n de TOTP. Es recomendado que sea relativamente alto. 5 minutos o m\u00E1s.
+headers=Cabeceras
+brute-force-detection=Detecci\u00F3n de ataques por fuerza bruta
+x-frame-options=X-Frame-Options
+click-label-for-info=Haz clic en el enlace de la etiqueta para obtener m\u00E1s informaci\u00F3n. El valor por defecto evita que las p\u00E1ginas sean incluidas desde iframes externos.
+content-sec-policy=Content-Security-Policy
+max-login-failures=N\u00FAmero m\u00E1ximo de fallos de inicio de sesi\u00F3n
+max-login-failures.tooltip=Indica cuantos fallos se permiten antes de que se dispare una espera.
+wait-increment=Incremento de espera
+wait-increment.tooltip=Cuando se ha alcanzado el umbral de fallo, \u00BFcuanto tiempo debe estar un usuario bloqueado?
+quick-login-check-millis=Tiempo en milisegundos entre inicios de sesi\u00F3n r\u00E1pidos
+quick-login-check-millis.tooltip=Si ocurren errores de forma concurrente y muy r\u00E1pida, bloquear al usuario.
+min-quick-login-wait=Tiempo m\u00EDnimo entre fallos de conexi\u00F3n r\u00E1pidos
+min-quick-login-wait.tooltip=Cuanto tiempo se debe esperar tras un fallo en un intento r\u00E1pido de identificaci\u00F3n
+max-wait=Espera m\u00E1xima
+max-wait.tooltip=Tiempo m\u00E1ximo que un usuario quedar\u00E1 bloqueado.
+failure-reset-time=Reinicio del contador de errores
+failure-reset-time.tooltip=\u00BFCuando se debe reiniciar el contador de errores?
+realm-tab-login=Inicio de sesi\u00F3n
+realm-tab-keys=Claves
+realm-tab-email=Email
+realm-tab-themes=Temas
+realm-tab-cache=Cach\u00E9
+realm-tab-tokens=Tokens
+realm-tab-security-defenses=Defensas de seguridad
+realm-tab-general=General
+add-realm=A\u00F1adir dominio
+
+#Session settings
+realm-sessions=Sesiones de dominio
+revocation=Revocaci\u00F3n
+logout-all=Desconectar todo
+active-sessions=Sesiones activas
+sessions=Sesiones
+not-before=No antes de
+not-before.tooltip=Revocar cualquier token emitido antes de esta fecha.
+set-to-now=Fijar a ahora
+push=Push
+push.tooltip=Para cada cliente que tiene una URL de administraci\u00F3n, notificarlos las nuevas pol\u00EDticas de revocaci\u00F3n.
+
+#Protocol Mapper
+usermodel.prop.label=Propiedad
+usermodel.prop.tooltip=Nombre del m\u00E9todo de propiedad en la interfaz UserModel. Por ejemplo, un valor de ''email'' referenciar\u00EDa al m\u00E9todo UserModel.getEmail().
+usermodel.attr.label=Atributo de usuario
+usermodel.attr.tooltip=Nombre del atributo de usuario almacenado que es el nombre del atributo dentro del map UserModel.attribute.
+userSession.modelNote.label=Nota sesi\u00F3n usuario
+userSession.modelNote.tooltip=Nombre de la nota almacenada en la sesi\u00F3n de usuario dentro del mapa UserSessionModel.note
+multivalued.label=Valores m\u00FAltiples
+multivalued.tooltip=Indica si el atributo soporta m\u00FAltiples valores. Si est\u00E1 habilitado, la lista de todos los valores de este atributo se fijar\u00E1 como reclamaci\u00F3n. Si est\u00E1 deshabilitado, solo el primer valor ser\u00E1 fijado como reclamaci\u00F3n.
+selectRole.label=Selecciona rol
+selectRole.tooltip=Introduce el rol en la caja de texto de la izquierda, o haz clic en este bot\u00F3n para navegar y buscar el rol que quieres.
+tokenClaimName.label=Nombre de reclamo del token
+tokenClaimName.tooltip=Nombre del reclamo a insertar en el token. Puede ser un nombre completo como ''address.street''. En este caso, se crear\u00E1 un objeto JSON anidado.
+jsonType.label=Tipo JSON de reclamaci\u00F3n
+jsonType.tooltip=El tipo de JSON que deber\u00EDa ser usado para rellenar la petici\u00F3n de JSON en el token. long, int, boolean y String son valores v\u00E1lidos
+includeInIdToken.label=A\u00F1adir al token de ID
+includeInAccessToken.label=A\u00F1adir al token de acceso
+includeInAccessToken.tooltip=\u00BFDeber\u00EDa a\u00F1adirse la identidad reclamada al token de acceso?
+
+
+# client details
+clients.tooltip=Los clientes son aplicaciones de navegador de confianza y servicios web de un dominio. Estos clientes pueden solicitar un inicio de sesi\u00F3n. Tambi\u00E9n puedes definir roles espec\u00EDficos de cliente.
+search.placeholder=Buscar...
+create=Crear
+import=Importar
+client-id=ID Cliente
+base-url=URL Base
+actions=Acciones
+not-defined=No definido
+edit=Editar
+delete=Borrar
+no-results=Sin resultados
+no-clients-available=No hay clientes disponibles
+add-client=A\u00F1adir Cliente
+select-file=Selecciona archivo
+view-details=Ver detalles
+clear-import=Limpiar importaci\u00F3n
+client-id.tooltip=Indica el identificador (ID) referenciado en URIs y tokens. Por ejemplo ''my-client''
+client.name.tooltip=Indica el nombre visible del cliente. Por ejemplo ''My Client''. Tambi\u00E9n soporta claves para valores localizados. Por ejemplo: ${my_client}
+client.enabled.tooltip=Los clientes deshabilitados no pueden iniciar una identificaci\u00F3n u obtener c\u00F3digos de acceso.
+consent-required=Consentimiento necesario
+consent-required.tooltip=Si est\u00E1 habilitado, los usuarios tienen que consentir el acceso del cliente.
+direct-grants-only=Solo permisos directos
+direct-grants-only.tooltip=Cuando est\u00E1 habilitado, el cliente solo puede obtener permisos de la API REST.
+client-protocol=Protocolo del Cliente
+client-protocol.tooltip=''OpenID connect'' permite a los clientes verificar la identidad del usuario final basado en la autenticaci\u00F3n realizada por un servidor de autorizaci\u00F3n. ''SAML'' habilita la autenticaci\u00F3n y autorizaci\u00F3n de escenarios basados en web incluyendo cross-domain y single sign-on (SSO) y utiliza tokens de seguridad que contienen afirmaciones para pasar informaci\u00F3n.
+access-type=Tipo de acceso
+access-type.tooltip=Los clientes ''Confidential'' necesitan un secreto para iniciar el protocolo de identificaci\u00F3n. Los clientes ''Public'' no requieren un secreto. Los clientes ''Bearer-only'' son servicios web que nunca inician un login.
+service-accounts-enabled=Cuentas de servicio habilitadas
+service-accounts-enabled.tooltip=Permitir autenticar este cliente contra Keycloak y recibir un token de acceso dedicado para este cliente.
+include-authnstatement=Incluir AuthnStatement
+include-authnstatement.tooltip=\u00BFDeber\u00EDa incluirse una declaraci\u00F3n especificando el m\u00E9todo y la marca de tiempo en la respuesta de inicio de sesi\u00F3n?
+sign-documents=Firmar documentos
+sign-documents.tooltip=\u00BFDeber\u00EDa el dominio firmar los documentos SAML?
+sign-assertions=Firmar aserciones
+sign-assertions.tooltip=\u00BFDeber\u00EDan firmarse las aserciones en documentos SAML? Este ajuste no es necesario si el documento ya est\u00E1 siendo firmado.
+signature-algorithm=Algoritmo de firma
+signature-algorithm.tooltip=El algoritmo de firma usado para firmar los documentos.
+canonicalization-method=M\u00E9todo de canonicalizaci\u00F3n
+canonicalization-method.tooltip=M\u00E9todo de canonicalizaci\u00F3n para las firmas XML
+encrypt-assertions=Cifrar afirmaciones
+encrypt-assertions.tooltip=\u00BFDeber\u00EDan cifrarse las afirmaciones SAML con la clave p\u00FAblica del cliente usando AES?
+client-signature-required=Firma de Cliente requerida
+client-signature-required.tooltip=\u00BFFirmar\u00E1 el cliente sus peticiones y respuestas SAML? \u00BFY deber\u00EDan ser validadas?
+force-post-binding=Forzar enlaces POST
+force-post-binding.tooltip=Usar siempre POST para las respuestas
+front-channel-logout=Desonexi\u00F3n en primer plano (Front Channel)
+front-channel-logout.tooltip=Cuando est\u00E1 activado, la desconexi\u00F3n require una redirecci\u00F3n del navegador hacia el cliente. Cuando no est\u00E1 activado, el servidor realiza una invovaci\u00F3n de desconexi\u00F3n en segundo plano.
+force-name-id-format=Forzar formato NameID
+force-name-id-format.tooltip=Ignorar la petici\u00F3n de sujeto NameID y usar la configurada en la consola de administraci\u00F3n.
+name-id-format=Formato de NameID
+name-id-format.tooltip=El formato de NameID que se usar\u00E1 para el t\u00EDtulo
+root-url=URL ra\u00EDz
+root-url.tooltip=URL ra\u00EDz a\u00F1adida a las URLs relativas
+valid-redirect-uris=URIs de redirecci\u00F3n v\u00E1lidas
+valid-redirect-uris.tooltip=Patr\u00F3n de URI v\u00E1lida para la cual un navegador puede solicitar la redirecci\u00F3n tras un inicio o cierre de sesi\u00F3n completado. Se permiten comodines simples p.ej. ''http://example.com/*''. Tambi\u00E9n se pueden indicar rutas relativas p.ej. ''/my/relative/path/*''. Las rutas relativas generar\u00E1n una URI de redirecci\u00F3n usando el host y puerto de la petici\u00F3n. Para SAML, se deben fijar patrones de URI v\u00E1lidos si quieres confiar en la URL del servicio del consumidor indicada en la petici\u00F3n de inicio de sesi\u00F3n.
+base-url.tooltip=URL por defecto para usar cuando el servidor de autorizaci\u00F3n necesita redirigir o enviar de vuelta al cliente.
+admin-url=URL de administraci\u00F3n
+admin-url.tooltip=URL a la interfaz de administraci\u00F3n del cliente. Fija este valor si el cliente soporta el adaptador de REST. Esta API REST permite al servidor de autenticaci\u00F3n enviar al cliente pol\u00EDticas de revocaci\u00F3n y otras tareas administrativas. Normalment se fija a la URL base del cliente.
+master-saml-processing-url=URL principal de procesamiento SAML
+master-saml-processing-url.tooltip=Si est\u00E1 configurada, esta URL se usar\u00E1 para cada enlace al proveedor del servicio del consumidor de aserciones y servicios de desconexi\u00F3n \u00FAnicos. Puede ser sobreescrito de forma individual para cada enlace y servicio en el punto final de configuraci\u00F3n fina de SAML.
+idp-sso-url-ref=Nombre de la URL de un SSO iniciado por el IDP
+idp-sso-url-ref.tooltip=Nombre del fragmento de la URL para referenciar al cliente cuando quieres un SSO iniciado por el IDP. Dejando esto vac\u00EDo deshabilita los SSO iniciados por el IDP. La URL referenciada desde el navegador ser\u00E1: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name}
+idp-sso-relay-state=Estado de retransmisi\u00F3n de un SSO iniciado por el IDP
+idp-sso-relay-state.tooltip=Estado de retransmisi\u00F3n que quieres enviar con una petici\u00F3n SAML cuando se inicia un SSO iniciado por el IDP
+web-origins=Or\u00EDgenes web
+web-origins.tooltip=Or\u00EDgenes CORS permitidos. Para permitir todos los or\u00EDgenes de URIs de redirecci\u00F3n v\u00E1lidas a\u00F1ade ''+''. Para permitir todos los or\u00EDgenes a\u00F1ade ''*''.
+fine-saml-endpoint-conf=Fine Grain SAML Endpoint Configuration
+fine-saml-endpoint-conf.tooltip=Expande esta secci\u00F3n para configurar las URL exactas para Assertion Consumer y Single Logout Service.
+assertion-consumer-post-binding-url=Assertion Consumer Service POST Binding URL
+assertion-consumer-post-binding-url.tooltip=SAML POST Binding URL for the client''s assertion consumer service (login responses).  You can leave this blank if you do not have a URL for this binding.
+assertion-consumer-redirect-binding-url=Assertion Consumer Service Redirect Binding URL
+assertion-consumer-redirect-binding-url.tooltip=Assertion Consumer Service Redirect Binding URL
+logout-service-post-binding-url=URL de enlace SAML POST para la desconexi\u00F3n
+logout-service-post-binding-url.tooltip=URL de enlace SAML POST para la desconexi\u00F3n \u00FAnica del cliente. Puedes dejar esto en blanco si est\u00E1s usando un enlace distinto.
+logout-service-redir-binding-url=URL de enlace SAML de redirecci\u00F3n para la desconexi\u00F3n
+logout-service-redir-binding-url.tooltip=URL de enlace SAML de redirecci\u00F3n para la desconexi\u00F3n \u00FAnica del cliente. Puedes dejar esto en blanco si est\u00E1s usando un enlace distinto.
+
+# client import
+import-client=Importar Cliente
+format-option=Formato
+select-format=Selecciona un formato
+import-file=Archivo de Importaci\u00F3n
+
+# client tabs
+settings=Ajustes
+credentials=Credenciales
+saml-keys=Claves SAML
+roles=Roles
+mappers=Asignadores
+mappers.tooltip=Los asignadores de protocolos realizan transformaciones en tokens y documentos. Pueden hacer cosas como asignar datos de usuario en peticiones de protocolo, o simplemente transformar cualquier petici\u00F3n entre el cliente y el servidor de autenticaci\u00F3n.
+scope=\u00C1mbito
+scope.tooltip=Las asignaciones de \u00E1mbito te permiten restringir que asignaciones de roles de usuario se incluyen en el token de acceso solicitado por el cliente.
+sessions.tooltip=Ver sesiones activas para este cliente. Permite ver qu\u00E9 usuarios est\u00E1n activos y cuando se identificaron.
+offline-access=Acceso sin conexi\u00F3n
+offline-access.tooltip=Ver sesiones sin conexi\u00F3n para este cliente. Te permite ver que usuarios han solicitado tokens sin conexi\u00F3n y cuando los solicitaron. Para revocar todos los tokens del cliente, accede a la pesta\u00F1a de Revocaci\u00F3n y fija el valor \"No antes de\" a \"now\".
+clustering=Clustering
+installation=Instalaci\u00F3n
+installation.tooltip=Herramienta de ayuda para generar la configuraci\u00F3n de varios formatos de adaptadores de cliente que puedes descargar o copiar y pegar para configurar tus clientes.
+service-account-roles=Roles de cuenta de servicio
+service-account-roles.tooltip=Permitir autenticar asignaciones de rol para la cuenta de servicio dedicada a este cliente.
+
+# client credentials
+client-authenticator=Cliente autenticador
+client-authenticator.tooltip=Cliente autenticador usado para autenticar este cliente contra el servidor Keycloak
+certificate.tooltip=Certificado de clinete para validar los JWT emitidos por este cliente y firmados con la clave privada del cliente de tu almac\u00E9n de claves.
+no-client-certificate-configured=No se ha configurado el certificado de cliente
+gen-new-keys-and-cert=Generar nuevas claves y certificado
+import-certificate=Importar Certificado
+gen-client-private-key=Generar clave privada de cliente
+generate-private-key=Generar clave privada
+archive-format=Formato de Archivo
+archive-format.tooltip=Formato de archivo Java keystore o PKCS12
+key-alias=Alias de clave
+key-alias.tooltip=Alias del archivo de tu clave privada y certificado.
+key-password=Contrase\u00F1a de la clave
+key-password.tooltip=Contrase\u00F1a para acceder a la clave privada contenida en el archivo
+store-password=Contrase\u00F1a del almac\u00E9n
+store-password.tooltip=Contrase\u00F1a para acceder al archivo
+generate-and-download=Generar y descargar
+client-certificate-import=Importaci\u00F3n de certificado de cliente
+import-client-certificate=Importar Certificado de Cliente
+jwt-import.key-alias.tooltip=Alias del archivo de tu certificado.
+secret=Secreto
+regenerate-secret=Regenerar secreto
+add-role=A\u00F1adir rol
+role-name=Nombre de rol
+composite=Compuesto
+description=Descripci\u00F3n
+no-client-roles-available=No hay roles de cliente disponibles
+scope-param-required=Par\u00E1metro de \u00E1mbito obligatorio
+scope-param-required.tooltip=Este rol solo ser\u00E1 concedido si el par\u00E1metro de \u00E1mbito con el nombre del rol es usado durante la petici\u00F3n de autorizaci\u00F3n/obtenci\u00F3n de token.
+composite-roles=Roles compuestos
+composite-roles.tooltip=Cuando este rol es asignado/desasignado a un usuario cualquier rol asociado con \u00E9l ser\u00E1 asignado/desasignado de forma impl\u00EDcita.
+realm-roles=Roles de dominio
+available-roles=Roles Disponibles
+add-selected=A\u00F1adir seleccionado
+associated-roles=Roles Asociados
+composite.associated-realm-roles.tooltip=Roles a nivel de dominio asociados con este rol compuesto.
+composite.available-realm-roles.tooltip=Roles a nivel de dominio disponibles en este rol compuesto.
+remove-selected=Borrar seleccionados
+client-roles=Roles de Cliente
+select-client-to-view-roles=Selecciona el cliente para ver sus roles
+available-roles.tooltip=Roles de este cliente que puedes asociar a este rol compuesto.
+client.associated-roles.tooltip=Roles de cliente asociados con este rol compuesto.
+add-builtin=A\u00F1adir Builtin
+category=Categor\u00EDa
+type=Tipo
+no-mappers-available=No hay asignadores disponibles
+add-builtin-protocol-mappers=A\u00F1adir Builtin Protocol Mappers
+add-builtin-protocol-mapper=A\u00F1adir Builtin Protocol Mapper
+scope-mappings=Asignaciones de \u00E1mbito
+full-scope-allowed=Permitir todos los \u00E1mbitos
+full-scope-allowed.tooltip=Permite deshabilitar todas las restricciones.
+scope.available-roles.tooltip=Roles de dominio que pueden ser asignados al \u00E1mbito
+assigned-roles=Roles Asignados
+assigned-roles.tooltip=Roles a nivel de dominio asignados a este \u00E1mbito.
+effective-roles=Roles Efectivos
+realm.effective-roles.tooltip=Roles de dominio asignados que pueden haber sido heredados de un rol compuesto.
+select-client-roles.tooltip=Selecciona el cliente para ver sus roles
+assign.available-roles.tooltip=Roles de clientes disponibles para ser asignados.
+client.assigned-roles.tooltip=Roles de cliente asignados
+client.effective-roles.tooltip=Roles de cliente asignados que pueden haber sido heredados desde un rol compuesto.
+basic-configuration=Configuraci\u00F3n b\u00E1sica
+node-reregistration-timeout=Tiempo de espera de re-registro de nodo
+node-reregistration-timeout.tooltip=Indica el m\u00E1ximo intervalo de tiempo para que los nodos del cluster registrados se vuelvan a registrar. Si el nodo del cluster no env\u00EDa una petici\u00F3n de re-registro a Keycloak dentro de este intervalo, ser\u00E1 desregistrado de Keycloak
+registered-cluster-nodes=Registrar nodos de cluster
+register-node-manually=Registrar nodo manualmente
+test-cluster-availability=Probar disponibilidad del cluster
+last-registration=\u00DAltimo registro
+node-host=Host del nodo
+no-registered-cluster-nodes=No hay nodos de cluster registrados disponibles
+cluster-nodes=Nodos de cl\u00FAster
+add-node=A\u00F1adir Nodo
+active-sessions.tooltip=N\u00FAmero total de sesiones activas para este cliente.
+show-sessions=Mostrar sesiones
+show-sessions.tooltip=Advertencia, esta es una operaci\u00F3n potencialmente costosa dependiendo del n\u00FAmero de sesiones activas.
+user=Usuario
+from-ip=Desde IP
+session-start=Inicio de sesi\u00F3n
+first-page=Primera p\u00E1gina
+previous-page=P\u00E1gina Anterior
+next-page=P\u00E1gina siguiente
+client-revoke.not-before.tooltip=Revocar todos los tokens emitidos antes de esta fecha para este cliente.
+client-revoke.push.tooltip=Si la URL de administraci\u00F3n est\u00E1 configurada para este cliente, env\u00EDa esta pol\u00EDtica a este cliente.
+select-a-format=Selecciona un formato
+download=Descargar
+offline-tokens=Tokens sin conexi\u00F3n
+offline-tokens.tooltip=N\u00FAmero total de tokens sin conexi\u00F3n de este cliente.
+show-offline-tokens=Mostrar tokens sin conexi\u00F3n
+show-offline-tokens.tooltip=Advertencia, esta es una operaci\u00F3n potencialmente costosa dependiendo del n\u00FAmero de tokens sin conexi\u00F3n.
+token-issued=Token expedido
+last-access=\u00DAltimo Acceso
+last-refresh=\u00DAltima actualizaci\u00F3n
+key-export=Exportar clave
+key-import=Importar clave
+export-saml-key=Exportar clave SAML
+import-saml-key=Importar clave SAML
+realm-certificate-alias=Alias del certificado del dominio
+realm-certificate-alias.tooltip=El certificado del dominio es almacenado en archivo. Este es el alias al mismo.
+signing-key=Clave de firma
+saml-signing-key=Clave de firma SAML.
+private-key=Clave Privada
+generate-new-keys=Generar nuevas claves
+export=Exportar
+encryption-key=Clave de cifrado
+saml-encryption-key.tooltip=Clave de cifrado de SAML
+service-accounts=Cuentas de servicio
+service-account.available-roles.tooltip=Roles de dominio que pueden ser asignados a la cuenta del servicio.
+service-account.assigned-roles.tooltip=Roles de dominio asignados a la cuenta del servicio.
+service-account-is-not-enabled-for=La cuenta del servicio no est\u00E1 habilitada para {{client}}
+create-protocol-mappers=Crear asignadores de protocolo
+create-protocol-mapper=Crear asignador de protocolo
+protocol=Protocolo
+protocol.tooltip=Protocolo.
+id=ID
+mapper.name.tooltip=Nombre del asignador.
+mapper.consent-required.tooltip=Cuando se concede acceso temporal, \u00BFes necesario el consentimiento del usuario para proporcinar estos datos al cliente?
+consent-text=Texto del consentimiento
+consent-text.tooltip=Texto para mostrar en la p\u00E1gina de consentimiento.
+mapper-type=Tipo de asignador
+
+# realm identity providers
+identity-providers=Proveedores de identidad
+table-of-identity-providers=Tabla de proveedores de identidad
+add-provider.placeholder=A\u00F1adir proveedor...
+provider=Proveedor
+gui-order=Orden en la interfaz gr\u00E1fica (GUI)
+redirect-uri=URI de redirecci\u00F3n
+redirect-uri.tooltip=La URI de redirecci\u00F3n usada para configurar el proveedor de identidad.
+alias=Alias
+identity-provider.alias.tooltip=El alias que identifica de forma \u00FAnica un proveedor de identidad, se usa tambi\u00E9n para construir la URI de redirecci\u00F3n.
+identity-provider.enabled.tooltip=Habilita/deshabilita este proveedor de identidad.
+authenticate-by-default=Autenticar por defecto
+identity-provider.authenticate-by-default.tooltip=Indica si este proveedor deber\u00EDa ser probado por defecto para autenticacaci\u00F3n incluso antes de mostrar la p\u00E1gina de inicio de sesi\u00F3n.
+store-tokens=Almacenar tokens
+identity-provider.store-tokens.tooltip=Habiltar/deshabilitar si los tokens deben ser almacenados despu\u00E9s de autenticar a los usuarios.
+stored-tokens-readable=Tokens almacenados legibles
+identity-provider.stored-tokens-readable.tooltip=Habilitar/deshabilitar si los nuevos usuarios pueden leer los tokens almacenados. Esto asigna el rol ''broker.read-token''.
+update-profile-on-first-login=Actualizar perfil en el primer inicio de sesi\u00F3n
+on=Activado
+on-missing-info=Si falta informaci\u00F3n
+off=Desactivado
+update-profile-on-first-login.tooltip=Define condiciones bajo las cuales un usuario tiene que actualizar su perfil durante el primer inicio de sesi\u00F3n.
+trust-email=Confiar en el email
+trust-email.tooltip=Si est\u00E1 habilitado, el email recibido de este proveedor no se verificar\u00E1 aunque la verificaci\u00F3n est\u00E9 habilitada para el dominio.
+gui-order.tooltip=N\u00FAmero que define el orden del proveedor en la interfaz gr\u00E1fica (GUI) (ej. en la p\u00E1gina de inicio de sesi\u00F3n)
+openid-connect-config=Configuraci\u00F3n de OpenID Connect
+openid-connect-config.tooltip=Configuraci\u00F3n de OIDC SP e IDP externos
+authorization-url=URL de autorizaci\u00F3n
+authorization-url.tooltip=La URL de autorizaci\u00F3n.
+token-url=Token URL
+token-url.tooltip=La URL del token.
+logout-url=URL de desconexi\u00F3n
+identity-provider.logout-url.tooltip=Punto de cierre de sesi\u00F3n para usar en la desconexi\u00F3n de usuarios desde un proveedor de identidad (IDP) externo.
+backchannel-logout=Backchannel Logout
+backchannel-logout.tooltip=Does the external IDP support backchannel logout?
+user-info-url=URL de informaci\u00F3n de usuario
+user-info-url.tooltip=La URL de informaci\u00F3n de usuario. Opcional.
+identity-provider.client-id.tooltip=El cliente o identificador de cliente registrado en el proveedor de identidad.
+client-secret=Secreto de Cliente
+show-secret=Mostrar secreto
+hide-secret=Ocultar secreto
+client-secret.tooltip=El cliente o el secreto de cliente registrado en el proveedor de identidad.
+issuer=Emisor
+issuer.tooltip=El identificador del emisor para el emisor de la respuesta. Si no se indica, no se realizar\u00E1 ninguna validaci\u00F3n.
+default-scopes=\u00C1mbitos por defecto
+identity-provider.default-scopes.tooltip=Los \u00E1mbitos que se enviar\u00E1n cuando se solicite autorizaci\u00F3n. Puede ser una lista de \u00E1mbitos separados por espacios. El valor por defecto es ''openid''.
+prompt=Prompt
+unspecified.option=no especificado
+none.option=ninguno
+consent.option=consentimiento
+login.option=login
+select-account.option=select_account
+prompt.tooltip=Indica si el servidor de autorizaci\u00F3n solicita al usuario final para reautenticaci\u00F3n y consentimiento.
+validate-signatures=Validar firmas
+identity-provider.validate-signatures.tooltip=Habilitar/deshabilitar la validaci\u00F3n de firmas de proveedores de identidad (IDP) externos
+validating-public-key=Validando clave p\u00FAblica
+identity-provider.validating-public-key.tooltip=La clave p\u00FAblica en formato PEM que debe usarse para verificar las firmas de proveedores de identidad (IDP) externos.
+import-external-idp-config=Importar configuraci\u00F3n externa de IDP
+import-external-idp-config.tooltip=Te permite cargar metadatos de un proveedor de identidad (IDP) externo de un archivo de coniguraci\u00F3n o descargarlo desde una URL.
+import-from-url=Importar desde URL
+identity-provider.import-from-url.tooltip=Importar metadatos desde un descriptor de un proveedor de identidad (IDP) remoto.
+import-from-file=Importar desde archivo
+identity-provider.import-from-file.tooltip=Importar metadatos desde un descriptor de un proveedor de identidad (IDP) descargado.
+saml-config=Configuraci\u00F3n SAML
+identity-provider.saml-config.tooltip=Configuraci\u00F3n de proveedor SAML e IDP externo
+single-signon-service-url=URL de servicio de conexi\u00F3n \u00FAnico (SSO)
+saml.single-signon-service-url.tooltip=La URL que debe ser usada para enviar peticiones de autenticaci\u00F3n (SAML AuthnRequest).
+single-logout-service-url=URL de servicio de desconexi\u00F3n \u00FAnico
+saml.single-logout-service-url.tooltip=La URL que debe usarse para enviar peticiones de desconexi\u00F3n.
+nameid-policy-format=Formato de pol\u00EDtica NameID
+nameid-policy-format.tooltip=Indica la referencia a la URI correspondiente a un formato de NameID. El valor por defecto es urn:oasis:names:tc:SAML:2.0:nameid-format:persistent.
+http-post-binding-response=HTTP-POST enlace de respuesta
+http-post-binding-response.tooltip=Indica si se reponde a las peticiones usando HTTP-POST. Si no est\u00E1 activado, se usa HTTP-REDIRECT. 
+http-post-binding-for-authn-request=HTTP-POST para AuthnRequest
+http-post-binding-for-authn-request.tooltip=Indica si AuthnRequest debe ser enviada usando HTTP-POST. Si no est\u00E1 activado se hace HTTP-REDIRECT.
+want-authn-requests-signed=Firmar AuthnRequests
+want-authn-requests-signed.tooltip=Indica si el proveedor de identidad espera recibir firmadas las AuthnRequest.
+force-authentication=Forzar autenticaci\u00F3n
+identity-provider.force-authentication.tooltip=Indica si el proveedor de identidad debe autenticar al presentar directamente las credenciales en lugar de depender de un contexto de seguridad previo.
+validate-signature=Validar firma
+saml.validate-signature.tooltip=Habilitar/deshabilitar la validaci\u00F3n de firma en respuestas SAML.
+validating-x509-certificate=Validando certificado X509
+validating-x509-certificate.tooltip=El certificado en formato PEM que debe usarse para comprobar las firmas.
+saml.import-from-url.tooltip=Importar metadatos desde un descriptor de entidad remoto de un IDP de SAML
+social.client-id.tooltip=El identificador del cliente registrado con el proveedor de identidad.
+social.client-secret.tooltip=El secreto del cliente registrado con el proveedor de identidad.
+social.default-scopes.tooltip=\u00C1mbitos que se enviar\u00E1n cuando se solicite autorizaci\u00F3n. Ver la documentaci\u00F3n para los posibles valores, separador y valor por defecto.
+key=Clave
+stackoverflow.key.tooltip=La clave obtenida en el registro del cliente de Stack Overflow.
+
+realms=Dominios
+realm=Dominio
+
+identity-provider-mappers=Asignadores de proveedores de identidad (IDP)
+create-identity-provider-mapper=Crear asignador de proveedor de identidad (IDP)
+add-identity-provider-mapper=A\u00F1adir asignador de proveedor de identidad
+client.description.tooltip=Indica la descripci\u00F3n del cliente. Por ejemplo ''My Client for TimeSheets''. Tambi\u00E9n soporta claves para valores localizados. Por ejemplo: ${my_client_description}
+content-type-options=

admin/messages/admin-messages_fr.properties

@@ -0,0 +1,142 @@
+consoleTitle=Keycloak Admin Console
+
+# Common messages
+enabled=Actif
+name=Nom
+displayName=Display name
+displayNameHtml=HTML Display name
+save=Sauver
+cancel=Annuler
+onText=Oui
+offText=Non
+client=Client
+clients=Clients
+clear=Effacer
+selectOne=Select One...
+
+manage=G\u00e9rer
+authentication=Authentification
+user-federation=Regroupement Utilisateur
+user-storage=Stockage Utilisateur
+events=\u00c9v\u00e8nements
+realm-settings=Configurations du domaine
+configure=Configurer
+select-realm=Choisir un domaine
+add=Ajouter
+
+true=Vrai
+false=Faux
+
+endpoints=Endpoints
+
+# Realm settings
+realm-detail.enabled.tooltip=Les utilisateurs et les clients peuvent acc\u00e9der au domaine si celui-ci est actif
+realm-detail.oidc-endpoints.tooltip=Affiche les configurations de l''endpoint OpenID Connect
+registrationAllowed=Enregistrement d''utilisateur
+registrationAllowed.tooltip=Activer/d\u00e9sactiver la page d''enregistrement. Un lien pour l''enregistrement sera visible sur la page de connexion.
+registrationEmailAsUsername=Courriel comme nom d''utilisateur
+registrationEmailAsUsername.tooltip=Si actif, le champ du nom de l''utilisateur est cach\u00e9 pendant l''enregistrement ; le courriel est utilis\u00e9 comme nom d''utilisateur.
+editUsernameAllowed=\u00c9ditez le nom de l''utilisateur
+editUsernameAllowed.tooltip=Si actif, le champ du nom de l''utilisateur est modifiable.
+resetPasswordAllowed=Mot de passe oubli\u00e9
+resetPasswordAllowed.tooltip=Affiche un lien sur la page de connexion pour les utilisateurs ayant oubli\u00e9 leurs accr\u00e9ditations.
+rememberMe=Se souvenir de moi
+rememberMe.tooltip=Affiche une case \u00e0 cocher sur la page de connexion pour permettre aux utilisateurs de rester connect\u00e9s entre deux red\u00e9marrages de leur navigateur, jusqu''\u00e0 expiration de la session.
+verifyEmail=V\u00e9rification du courriel
+verifyEmail.tooltip=Force l''utilisateur \u00e0 v\u00e9rifier son courriel lors de la premi\u00e8re connexion.
+loginWithEmailAllowed=Authentification avec courriel
+loginWithEmailAllowed.tooltip=Autorise l''utilisateur \u00e0 s''authentifier avec son adresse de courriel.
+duplicateEmailsAllowed=Doublon courriel
+duplicateEmailsAllowed.tooltip=Autorise plusieurs utilisateurs \u00e0 avoir la m\u00eame adresse de courriel. Changer cette configuration va vider le cache. Il est recommand\u00e9 de mettre \u00e0 jour manuellement les contraintes sur le courriel dans la base de donn\u00e9es apr\u00e8s la d\u00e9sactivation du support des doublons.
+sslRequired=SSL requis
+sslRequired.option.all=toutes les requ\u00eates
+sslRequired.option.external=les requ\u00eates externes
+sslRequired.option.none=aucun
+sslRequired.tooltip=Niveau d''exigence HTTPS \: ''aucun'' signifie que le HTTPS n''est requis pour aucune adresse IP cliente. ''les requ\u00eates externes'' signifie que localhost et les adresses IP priv\u00e9es peuvent acc\u00e9der sans HTTPS.  ''toutes les requ\u00eates'' signifie que le protocole HTTPS est obligatoire pour toutes les adresses IP.
+publicKey=Clef publique
+gen-new-keys=Cr\u00e9ation de nouvelle clef
+certificate=Certificat
+host=H\u00f4te
+smtp-host=H\u00f4te SMTP
+port=Port
+smtp-port=Port SMTP (25 par d\u00e9faut)
+from=De
+sender-email-addr=Courriel de l''exp\u00e9diteur
+enable-ssl=Activer SSL/TLS
+enable-start-tls=Activer StartTLS
+enable-auth=Activer l''authentification
+username=Nom de l''utilisateur
+login-username=Connexion de l''utilisateur
+password=Mot de passe
+login-password=Mot de passe
+login-theme=Th\u00e8me de connexion
+select-one=S\u00e9lectionnez-en un...
+login-theme.tooltip=S\u00e9lectionnez le th\u00e8me pour les pages de connexion, de mot de passe \u00e0 usage unique bas\u00e9 sur le temps, des droits, de l''enregistrement, et du mot passe oubli\u00e9.
+account-theme=Th\u00e8me du compte
+account-theme.tooltip=S\u00e9lectionnez le th\u00e8me pour la gestion des comptes.
+admin-console-theme=Th\u00e8me de la console d''administration
+select-theme-admin-console=S\u00e9lectionnez le th\u00e8me de la console d''administration.
+email-theme=Th\u00e8me pour le courriel
+select-theme-email=S\u00e9lectionnez le th\u00e8me pour les courriels envoy\u00e9es par le serveur.
+i18n-enabled=Internationalisation activ\u00e9e
+supported-locales=Locales support\u00e9es
+supported-locales.placeholder=Entrez la locale et validez
+default-locale=Locale par d\u00e9faut
+realm-cache-enabled=Cache du domaine activ\u00e9
+realm-cache-enabled.tooltip=Activer/D\u00e9sactiver le cache pour le domaine, client et donn\u00e9es.
+user-cache-enabled=Cache utilisateur activ\u00e9
+user-cache-enabled.tooltip=Activer/D\u00e9sactiver le cache utilisateur, et le cache de relation entre utilisateurs et r\u00f4les.
+sso-session-idle=Sessions SSO inactives
+seconds=Secondes
+minutes=Minutes
+hours=Heures
+days=Jours
+sso-session-max=Maximum de sessions SSO
+sso-session-idle.tooltip=Temps d''inactivit\u00e9 autoris\u00e9 avant expiration de la session. Les jetons et les sessions navigateurs sont invalid\u00e9es quand la session expire.
+sso-session-max.tooltip=Dur\u00e9e maximale avant que la session n''expire. Les jetons et les sessions navigateurs sont invalid\u00e9es quand la session expire.
+access-token-lifespan=Dur\u00e9e de vie du jeton d''acc\u00e8s
+access-token-lifespan.tooltip=Dur\u00e9e maximale avant que le jeton d''acc\u00e8s n''expire. Cette valeur devrait \u00eatre relativement plus petite que la dur\u00e9e d''inactivit\u00e9 (timeout) du SSO.
+client-login-timeout=Dur\u00e9e d''inactivit\u00e9 de connexion (timeout)
+client-login-timeout.tooltip=Dur\u00e9e maximale qu''a un client pour finir le protocole du jeton d''acc\u00e8s. Devrait \u00eatre de l''ordre de la minute (1 min).
+login-timeout=Dur\u00e9e d''inactivit\u00e9 de connexion
+login-timeout.tooltip=Dur\u00e9e maximale autoris\u00e9e pour finaliser la connexion. Devrait \u00eatre relativement long \: 30 minutes, voire plus.
+login-action-timeout=Dur\u00e9e d''inactivit\u00e9 des actions de connexions
+login-action-timeout.tooltip=Dur\u00e9e maximale qu''a un utilisateur pour finir ses actions concernant la mise \u00e0 jour de son mot de passe ou bien de la configuration du mot de passe \u00e0 usage unique (TOTP). Devrait \u00eatre relativement long \: 5 minutes, voire plus.
+headers=En-t\u00eates
+brute-force-detection=D\u00e9tection des attaques par force brute
+x-frame-options=X-Frame-Options
+click-label-for-info=Cliquer sur le label pour plus d''information. Les valeurs par d\u00e9faut \u00e9vitent que les pages soient incluses dans des iframes \u00e9trang\u00e8res.
+content-sec-policy=Content-Security-Policy
+max-login-failures=Nombre maximal d''erreurs de connexion
+max-login-failures.tooltip=Nombre d''erreurs avant de d\u00e9clencher le temps d''attente.
+wait-increment=Temps d''attente
+wait-increment.tooltip=Quand le seuil des erreurs est atteint, combien de temps l''utilisateur est-il bloqu\u00e9 ?
+quick-login-check-millis=Nombre de millisecondes entre deux connexions
+quick-login-check-millis.tooltip=Si une erreur apparait trop rapidement, bloquer le compte utilisateur.
+min-quick-login-wait=Dur\u00e9e minimale d''attente entre deux connexions
+min-quick-login-wait.tooltip=Dur\u00e9e d''attente demand\u00e9e apr\u00e8s une erreur entre deux connexions.
+max-wait=Dur\u00e9e maximale d''attente
+max-wait.tooltip=Dur\u00e9e maximale de blocage du compte utilisateur
+failure-reset-time=Dur\u00e9e de remise \u00e0 z\u00e9ro des erreurs
+failure-reset-time.tooltip=Quand les erreurs sont-elles remises \u00e0 z\u00e9ro ?
+realm-tab-login=Connexion
+realm-tab-keys=Clefs
+realm-tab-email=Courriels
+realm-tab-themes=Th\u00e8mes
+realm-tab-cache=Cache
+realm-tab-tokens=Jetons
+realm-tab-security-defenses=Mesures de s\u00e9curit\u00e9
+realm-tab-general=G\u00e9n\u00e9ral
+add-realm=Ajouter un domaine
+
+#Session settings
+realm-sessions=Sessions du domaine
+revocation=R\u00e9vocation
+logout-all=D\u00e9connexion globale
+active-sessions=Sessions actives
+sessions=Sessions
+not-before=Pas avant
+not-before.tooltip=R\u00e9voquer tous les jetons demand\u00e9s avant cette date.
+set-to-now=Mettre \u00e0 maintenant
+push=Appuyer
+push.tooltip=Pour tous les clients ayant une URL d''administration, les notifier de la politique de r\u00e9vocation.

admin/messages/messages_ca.properties

@@ -0,0 +1,8 @@
+invalidPasswordHistoryMessage=Contrasenya incorrecta: no pot ser igual a cap de les \u00FAltimes {0} contrasenyes.
+invalidPasswordMinDigitsMessage=Contrase\u00F1a incorrecta: debe contener al menos {0} caracteres num\u00E9ricos.
+invalidPasswordMinLengthMessage=Contrasenya incorrecta: longitud m\u00EDnima {0}.
+invalidPasswordMinLowerCaseCharsMessage=Contrasenya incorrecta: ha de contenir almenys {0} lletres min\u00FAscules.
+invalidPasswordMinSpecialCharsMessage=Contrasenya incorrecta: ha de contenir almenys {0} car\u00E0cters especials.
+invalidPasswordMinUpperCaseCharsMessage=Contrasenya incorrecta: ha de contenir almenys {0} lletres maj\u00FAscules.
+invalidPasswordNotUsernameMessage=Contrasenya incorrecta: no pot ser igual al nom d''usuari.
+invalidPasswordRegexPatternMessage=Contrasenya incorrecta: no compleix l''expressi\u00F3 regular.

admin/messages/messages_en.properties

@@ -0,0 +1,28 @@
+invalidPasswordMinLengthMessage=Invalid password: minimum length {0}.
+invalidPasswordMinLowerCaseCharsMessage=Invalid password: must contain at least {0} lower case characters.
+invalidPasswordMinDigitsMessage=Invalid password: must contain at least {0} numerical digits.
+invalidPasswordMinUpperCaseCharsMessage=Invalid password: must contain at least {0} upper case characters.
+invalidPasswordMinSpecialCharsMessage=Invalid password: must contain at least {0} special characters.
+invalidPasswordNotUsernameMessage=Invalid password: must not be equal to the username.
+invalidPasswordRegexPatternMessage=Invalid password: fails to match regex pattern(s).
+invalidPasswordHistoryMessage=Invalid password: must not be equal to any of last {0} passwords.
+invalidPasswordBlacklistedMessage=Invalid password: password is blacklisted.
+invalidPasswordGenericMessage=Invalid password: new password doesn''t match password policies.
+
+ldapErrorInvalidCustomFilter=Custom configured LDAP filter does not start with "(" or does not end with ")".
+ldapErrorConnectionTimeoutNotNumber=Connection Timeout must be a number
+ldapErrorReadTimeoutNotNumber=Read Timeout must be a number
+ldapErrorMissingClientId=Client ID needs to be provided in config when Realm Roles Mapping is not used.
+ldapErrorCantPreserveGroupInheritanceWithUIDMembershipType=Not possible to preserve group inheritance and use UID membership type together.
+ldapErrorCantWriteOnlyForReadOnlyLdap=Can't set write only when LDAP provider mode is not WRITABLE
+ldapErrorCantWriteOnlyAndReadOnly=Can't set write-only and read-only together
+
+clientRedirectURIsFragmentError=Redirect URIs must not contain an URI fragment
+clientRootURLFragmentError=Root URL must not contain an URL fragment
+
+pairwiseMalformedClientRedirectURI=Client contained an invalid redirect URI.
+pairwiseClientRedirectURIsMissingHost=Client redirect URIs must contain a valid host component.
+pairwiseClientRedirectURIsMultipleHosts=Without a configured Sector Identifier URI, client redirect URIs must not contain multiple host components.
+pairwiseMalformedSectorIdentifierURI=Malformed Sector Identifier URI.
+pairwiseFailedToGetRedirectURIs=Failed to get redirect URIs from the Sector Identifier URI.
+pairwiseRedirectURIsMismatch=Client redirect URIs does not match redirect URIs fetched from the Sector Identifier URI.

admin/messages/messages_es.properties

@@ -0,0 +1,8 @@
+invalidPasswordMinLengthMessage=Contrase\u00F1a incorrecta: longitud m\u00EDnima {0}.
+invalidPasswordMinLowerCaseCharsMessage=Contrase\u00F1a incorrecta: debe contener al menos {0} letras min\u00FAsculas.
+invalidPasswordMinDigitsMessage=Contrase\u00F1a incorrecta: debe contener al menos {0} caracteres num\u00E9ricos.
+invalidPasswordMinUpperCaseCharsMessage=Contrase\u00F1a incorrecta: debe contener al menos {0} letras may\u00FAsculas.
+invalidPasswordMinSpecialCharsMessage=Contrase\u00F1a incorrecta: debe contener al menos {0} caracteres especiales.
+invalidPasswordNotUsernameMessage=Contrase\u00F1a incorrecta: no puede ser igual al nombre de usuario.
+invalidPasswordRegexPatternMessage=Contrase\u00F1a incorrecta: no cumple la expresi\u00F3n regular.
+invalidPasswordHistoryMessage=Contrase\u00F1a incorrecta: no puede ser igual a ninguna de las \u00FAltimas {0} contrase\u00F1as.

admin/messages/messages_fr.properties

@@ -0,0 +1,8 @@
+invalidPasswordMinLengthMessage=Mot de passe invalide : longueur minimale requise de {0}.
+invalidPasswordMinLowerCaseCharsMessage=Mot de passe invalide : doit contenir au moins {0} lettre(s) en minuscule.
+invalidPasswordMinDigitsMessage=Mot de passe invalide : doit contenir au moins {0} chiffre(s).
+invalidPasswordMinUpperCaseCharsMessage=Mot de passe invalide : doit contenir au moins {0} lettre(s) en majuscule.
+invalidPasswordMinSpecialCharsMessage=Mot de passe invalide : doit contenir au moins {0} caract\u00e8re(s) sp\u00e9ciaux.
+invalidPasswordNotUsernameMessage=Mot de passe invalide : ne doit pas \u00eatre identique au nom d''utilisateur.
+invalidPasswordRegexPatternMessage=Mot de passe invalide : ne valide pas l''expression rationnelle.
+invalidPasswordHistoryMessage=Mot de passe invalide : ne doit pas \u00eatre \u00e9gal aux {0} derniers mot de passe.

admin/messages/messages_ja.properties

@@ -0,0 +1,25 @@
+# encoding: utf-8
+invalidPasswordMinLengthMessage=無効なパスワード: 最小 {0} の長さが必要です。
+invalidPasswordMinLowerCaseCharsMessage=無効なパスワード: 少なくとも {0} 文字の小文字を含む必要があります。
+invalidPasswordMinDigitsMessage=無効なパスワード: 少なくとも {0} 文字の数字を含む必要があります。
+invalidPasswordMinUpperCaseCharsMessage=無効なパスワード: 少なくとも {0} 文字の大文字を含む必要があります。
+invalidPasswordMinSpecialCharsMessage=無効なパスワード:  少なくとも {0} 文字の特殊文字を含む必要があります。
+invalidPasswordNotUsernameMessage=無効なパスワード: ユーザー名と同じパスワードは禁止されています。
+invalidPasswordRegexPatternMessage=無効なパスワード: 正規表現パターンと一致しません。
+invalidPasswordHistoryMessage=無効なパスワード: 最近の {0} パスワードのいずれかと同じパスワードは禁止されています。
+
+ldapErrorInvalidCustomFilter=LDAP フィルターのカスタム設定が、 「(」 から開始または 「)」 で終了となっていません。
+ldapErrorMissingClientId=レルムロールマッピングを使用しない場合は、クライアント ID は設定内で提供される必要があります。
+ldapErrorCantPreserveGroupInheritanceWithUIDMembershipType=グループ継承と UID メンバーシップタイプを一緒に保存することはできません。
+ldapErrorCantWriteOnlyForReadOnlyLdap=LDAP プロバイダーモードが WRITABLE ではない場合は、write only を設定することはできません。
+ldapErrorCantWriteOnlyAndReadOnly=write-only と read-only を一緒に設定することはできません。
+
+clientRedirectURIsFragmentError=リダイレクト URI に URI フラグメントを含めることはできません。
+clientRootURLFragmentError=ルート URL に URL フラグメントを含めることはできません。
+
+pairwiseMalformedClientRedirectURI=クライアントに無効なリダイレクト URI が含まれていました。
+pairwiseClientRedirectURIsMissingHost=クライアントのリダイレクト URI には有効なホストコンポーネントが含まれている必要があります。
+pairwiseClientRedirectURIsMultipleHosts=設定された Sector Identifier URI がない場合は、クライアントのリダイレクト URI は複数のホストコンポーネントを含むことはできません。
+pairwiseMalformedSectorIdentifierURI=不正な Sector Identifier URI です。
+pairwiseFailedToGetRedirectURIs=Sector Identifier URI からリダイレクト URI を取得できませんでした。
+pairwiseRedirectURIsMismatch=クライアントのリダイレクト URI は、Sector Identifier URI からフェッチされたリダイレクト URI と一致しません。

admin/messages/messages_lt.properties

@@ -0,0 +1,24 @@
+invalidPasswordMinLengthMessage=Per trumpas slapta\u00c5\u00beodis: ma\u00c5\u00beiausias ilgis {0}.
+invalidPasswordMinLowerCaseCharsMessage=Neteisingas slapta\u00c5\u00beodis: privaloma \u00c4\u00c6vesti {0} ma\u00c5\u00be\u00c4\u2026j\u00c4\u2026 raid\u00c4\u2122.
+invalidPasswordMinDigitsMessage=Neteisingas slapta\u00c5\u00beodis: privaloma \u00c4\u00c6vesti {0} skaitmen\u00c4\u00c6.
+invalidPasswordMinUpperCaseCharsMessage=Neteisingas slapta\u00c5\u00beodis: privaloma \u00c4\u00c6vesti {0} did\u00c5\u00bei\u00c4\u2026j\u00c4\u2026 raid\u00c4\u2122.
+invalidPasswordMinSpecialCharsMessage=Neteisingas slapta\u00c5\u00beodis: privaloma \u00c4\u00c6vesti {0} special\u00c5\u00b3 simbol\u00c4\u00c6.
+invalidPasswordNotUsernameMessage=Neteisingas slapta\u00c5\u00beodis: slapta\u00c5\u00beodis negali sutapti su naudotojo vardu.
+invalidPasswordRegexPatternMessage=Neteisingas slapta\u00c5\u00beodis: slapta\u00c5\u00beodis netenkina regex taisykl\u00c4\u2014s(i\u00c5\u00b3).
+invalidPasswordHistoryMessage=Neteisingas slapta\u00c5\u00beodis: slapta\u00c5\u00beodis negali sutapti su prie\u00c5\ufffd tai buvusiais {0} slapta\u00c5\u00beod\u00c5\u00beiais.
+
+ldapErrorInvalidCustomFilter=Sukonfig\u016Bruotas LDAP filtras neprasideda "(" ir nesibaigia ")" simboliais.
+ldapErrorMissingClientId=Privaloma nurodyti kliento ID kai srities roli\u0173 susiejimas n\u0117ra nenaudojamas.
+ldapErrorCantPreserveGroupInheritanceWithUIDMembershipType=Grupi\u0173 paveld\u0117jimo ir UID naryst\u0117s tipas kartu negali b\u016Bti naudojami.
+ldapErrorCantWriteOnlyForReadOnlyLdap=Negalima nustatyti ra\u0161ymo r\u0117\u017Eimo kuomet LDAP teik\u0117jo r\u0117\u017Eimas ne WRITABLE
+ldapErrorCantWriteOnlyAndReadOnly=Negalima nustatyti tik ra\u0161yti ir tik skaityti kartu
+
+clientRedirectURIsFragmentError=Nurodykite URI fragment\u0105, kurio negali b\u016Bti peradresuojamuose URI adresuose
+clientRootURLFragmentError=Nurodykite URL fragment\u0105, kurio negali b\u016Bti \u0161akniniame URL adrese
+
+pairwiseMalformedClientRedirectURI=Klientas pateik\u0117 neteising\u0105 nukreipimo nuorod\u0105.
+pairwiseClientRedirectURIsMissingHost=Kliento nukreipimo nuorodos privalo b\u016Bti nurodytos su serverio vardo komponentu.
+pairwiseClientRedirectURIsMultipleHosts=Kuomet nesukonfig\u016Bruotas sektoriaus identifikatoriaus URL, kliento nukreipimo nuorodos privalo talpinti ne daugiau kaip vien\u0105 skirting\u0105 serverio vardo komponent\u0105.
+pairwiseMalformedSectorIdentifierURI=Neteisinga sektoriaus identifikatoriaus URI.
+pairwiseFailedToGetRedirectURIs=Nepavyko gauti nukreipimo nuorod\u0173 i\u0161 sektoriaus identifikatoriaus URI.
+pairwiseRedirectURIsMismatch=Kliento nukreipimo nuoroda neatitinka nukreipimo nuorodo\u0173 i\u0161 sektoriaus identifikatoriaus URI.

admin/messages/messages_nl.properties

@@ -0,0 +1,27 @@
+invalidPasswordMinLengthMessage=Ongeldig wachtwoord: de minimale lengte is {0} karakters.
+invalidPasswordMinLowerCaseCharsMessage=Ongeldig wachtwoord: het moet minstens {0} kleine letters bevatten.
+invalidPasswordMinDigitsMessage=Ongeldig wachtwoord: het moet minstens {0} getallen bevatten.
+invalidPasswordMinUpperCaseCharsMessage=Ongeldig wachtwoord: het moet minstens {0} hoofdletters bevatten.
+invalidPasswordMinSpecialCharsMessage=Ongeldig wachtwoord: het moet minstens {0} speciale karakters bevatten.
+invalidPasswordNotUsernameMessage=Ongeldig wachtwoord: het mag niet overeenkomen met de gebruikersnaam.
+invalidPasswordRegexPatternMessage=Ongeldig wachtwoord: het voldoet niet aan het door de beheerder ingestelde patroon.
+invalidPasswordHistoryMessage=Ongeldig wachtwoord: het mag niet overeen komen met een van de laatste {0} wachtwoorden.
+invalidPasswordGenericMessage=Ongeldig wachtwoord: het nieuwe wachtwoord voldoet niet aan het wachtwoordbeleid.
+
+ldapErrorInvalidCustomFilter=LDAP filter met aangepaste configuratie start niet met "(" of eindigt niet met ")".
+ldapErrorConnectionTimeoutNotNumber=Verbindingstimeout moet een getal zijn
+ldapErrorReadTimeoutNotNumber=Lees-timeout moet een getal zijn
+ldapErrorMissingClientId=Client ID moet ingesteld zijn als Realm Roles Mapping niet gebruikt wordt.
+ldapErrorCantPreserveGroupInheritanceWithUIDMembershipType=Kan groepsovererving niet behouden bij UID-lidmaatschapstype.
+ldapErrorCantWriteOnlyForReadOnlyLdap=Alleen-schrijven niet mogelijk als LDAP provider mode niet WRITABLE is
+ldapErrorCantWriteOnlyAndReadOnly=Alleen-schrijven en alleen-lezen mogen niet tegelijk ingesteld zijn
+
+clientRedirectURIsFragmentError=Redirect URIs mogen geen URI fragment bevatten
+clientRootURLFragmentError=Root URL mag geen URL fragment bevatten
+
+pairwiseMalformedClientRedirectURI=Client heeft een ongeldige redirect URI.
+pairwiseClientRedirectURIsMissingHost=Client redirect URIs moeten een geldige host-component bevatten.
+pairwiseClientRedirectURIsMultipleHosts=Zonder een geconfigureerde Sector Identifier URI mogen client redirect URIs niet meerdere host componenten hebben.
+pairwiseMalformedSectorIdentifierURI=Onjuist notatie in Sector Identifier URI.
+pairwiseFailedToGetRedirectURIs=Kon geen redirect URIs verkrijgen van de Sector Identifier URI.
+pairwiseRedirectURIsMismatch=Client redirect URIs komen niet overeen met redict URIs ontvangen van de Sector Identifier URI.

admin/messages/messages_no.properties

@@ -0,0 +1,14 @@
+invalidPasswordMinLengthMessage=Ugyldig passord: minimum lengde {0}.
+invalidPasswordMinLowerCaseCharsMessage=Ugyldig passord: m\u00E5 inneholde minst {0} sm\u00E5 bokstaver.
+invalidPasswordMinDigitsMessage=Ugyldig passord: m\u00E5 inneholde minst {0} sifre.
+invalidPasswordMinUpperCaseCharsMessage=Ugyldig passord: m\u00E5 inneholde minst {0} store bokstaver.
+invalidPasswordMinSpecialCharsMessage=Ugyldig passord: m\u00E5 inneholde minst {0} spesialtegn.
+invalidPasswordNotUsernameMessage=Ugyldig passord: kan ikke v\u00E6re likt brukernavn.
+invalidPasswordRegexPatternMessage=Ugyldig passord: tilfredsstiller ikke kravene for passord-m\u00F8nster.
+invalidPasswordHistoryMessage=Ugyldig passord: kan ikke v\u00E6re likt noen av de {0} foreg\u00E5ende passordene.
+
+ldapErrorInvalidCustomFilter=Tilpasset konfigurasjon av LDAP-filter starter ikke med "(" eller slutter ikke med ")".
+ldapErrorMissingClientId=KlientID m\u00E5 v\u00E6re tilgjengelig i config n\u00E5r sikkerhetsdomenerollemapping ikke brukes.
+ldapErrorCantPreserveGroupInheritanceWithUIDMembershipType=Ikke mulig \u00E5 bevare gruppearv og samtidig bruke UID medlemskapstype.
+ldapErrorCantWriteOnlyForReadOnlyLdap=Kan ikke sette write-only n\u00E5r LDAP leverand\u00F8r-modus ikke er WRITABLE
+ldapErrorCantWriteOnlyAndReadOnly=Kan ikke sette b\u00E5de write-only og read-only

admin/messages/messages_pt_BR.properties

@@ -0,0 +1,18 @@
+#encoding: utf-8
+invalidPasswordMinLengthMessage=Senha inválida: deve conter ao menos {0} caracteres.
+invalidPasswordMinLowerCaseCharsMessage=Senha inválida: deve conter ao menos {0} caracteres minúsculos.
+invalidPasswordMinDigitsMessage=Senha inválida: deve conter ao menos {0} digitos numéricos.
+invalidPasswordMinUpperCaseCharsMessage=Senha inválida: deve conter ao menos {0} caracteres maiúsculos.
+invalidPasswordMinSpecialCharsMessage=Senha inválida: deve conter ao menos {0} caracteres especiais.
+invalidPasswordNotUsernameMessage=Senha inválida: não deve ser igual ao nome de usuário.
+invalidPasswordRegexPatternMessage=Senha inválida: falha ao passar por padrões.
+invalidPasswordHistoryMessage=Senha inválida: não deve ser igual às últimas {0} senhas.
+
+ldapErrorInvalidCustomFilter=Filtro LDAP não inicia com "(" ou não termina com ")".
+ldapErrorMissingClientId=ID do cliente precisa ser definido na configuração quando mapeamentos de Roles do Realm não é utilizado.
+ldapErrorCantPreserveGroupInheritanceWithUIDMembershipType=Não é possível preservar herança de grupos e usar tipo de associação de UID ao mesmo tempo.
+ldapErrorCantWriteOnlyForReadOnlyLdap=Não é possível definir modo de somente escrita quando o provedor LDAP não suporta escrita
+ldapErrorCantWriteOnlyAndReadOnly=Não é possível definir somente escrita e somente leitura ao mesmo tempo
+
+clientRedirectURIsFragmentError=URIs de redirecionamento não podem conter fragmentos
+clientRootURLFragmentError=URL raiz não pode conter fragmentos

admin/messages/messages_ru.properties

@@ -0,0 +1,26 @@
+# encoding: utf-8
+invalidPasswordMinLengthMessage=Некорректный пароль: длина пароля должна быть не менее {0} символов(а).
+invalidPasswordMinDigitsMessage=Некорректный пароль: должен содержать не менее {0} цифр(ы).
+invalidPasswordMinLowerCaseCharsMessage=Некорректный пароль: пароль должен содержать не менее {0} символов(а) в нижнем регистре.
+invalidPasswordMinUpperCaseCharsMessage=Некорректный пароль: пароль должен содержать не менее {0} символов(а) в верхнем регистре.
+invalidPasswordMinSpecialCharsMessage=Некорректный пароль: пароль должен содержать не менее {0} спецсимволов(а).
+invalidPasswordNotUsernameMessage=Некорректный пароль: пароль не должен совпадать с именем пользователя.
+invalidPasswordRegexPatternMessage=Некорректный пароль: пароль не прошел проверку по регулярному выражению.
+invalidPasswordHistoryMessage=Некорректный пароль: пароль не должен совпадать с последним(и) {0} паролем(ями).
+invalidPasswordGenericMessage=Некорректный пароль: новый пароль не соответствует правилам пароля.
+
+ldapErrorInvalidCustomFilter=Сконфигурированный пользователем фильтр LDAP не должен начинаться с "(" или заканчиваться на ")".
+ldapErrorMissingClientId=Client ID должен быть настроен в конфигурации, если не используется сопоставление ролей в realm.
+ldapErrorCantPreserveGroupInheritanceWithUIDMembershipType=Не удалось унаследовать группу и использовать членство UID типа вместе.
+ldapErrorCantWriteOnlyForReadOnlyLdap=Невозможно установить режим "только на запись", когда LDAP провайдер не в режиме WRITABLE
+ldapErrorCantWriteOnlyAndReadOnly=Невозможно одновременно установить режимы "только на чтение" и "только на запись"
+
+clientRedirectURIsFragmentError=URI перенаправления не должен содержать фрагмент URI
+clientRootURLFragmentError=Корневой URL не должен содержать фрагмент URL 
+
+pairwiseMalformedClientRedirectURI=Клиент содержит некорректный URI перенаправления.
+pairwiseClientRedirectURIsMissingHost=URI перенаправления клиента должен содержать корректный компонент хоста.
+pairwiseClientRedirectURIsMultipleHosts=Без конфигурации по части идентификатора URI, URI перенаправления клиента не может содержать несколько компонентов хоста.
+pairwiseMalformedSectorIdentifierURI=Искаженная часть идентификатора URI.
+pairwiseFailedToGetRedirectURIs=Не удалось получить идентификаторы URI перенаправления из части идентификатора URI.
+pairwiseRedirectURIsMismatch=Клиент URI переадресации не соответствует URI переадресации, полученной из части идентификатора URI.

admin/messages/messages_zh_CN.properties

@@ -0,0 +1,26 @@
+# encoding: utf-8
+invalidPasswordMinLengthMessage=无效的密码：最短长度 {0}.
+invalidPasswordMinLowerCaseCharsMessage=无效的密码：至少包含 {0} 小写字母
+invalidPasswordMinDigitsMessage=无效的密码：至少包含 {0} 个数字
+invalidPasswordMinUpperCaseCharsMessage=无效的密码：最短长度 {0} 大写字母
+invalidPasswordMinSpecialCharsMessage=无效的密码：最短长度 {0} 特殊字符
+invalidPasswordNotUsernameMessage=无效的密码： 不可以与用户名相同
+invalidPasswordRegexPatternMessage=无效的密码： 无法与正则表达式匹配
+invalidPasswordHistoryMessage=无效的密码：不能与最后使用的 {0} 个密码相同
+
+ldapErrorInvalidCustomFilter=定制的 LDAP过滤器不是以 "(" 开头或以 ")"结尾.
+ldapErrorConnectionTimeoutNotNumber=Connection Timeout 必须是个数字
+ldapErrorMissingClientId=当域角色映射未启用时，客户端 ID 需要指定。
+ldapErrorCantPreserveGroupInheritanceWithUIDMembershipType=无法在使用UID成员类型的同时维护组继承属性。
+ldapErrorCantWriteOnlyForReadOnlyLdap=当LDAP提供方不是可写模式时，无法设置只写
+ldapErrorCantWriteOnlyAndReadOnly=无法同时设置只读和只写
+
+clientRedirectURIsFragmentError=重定向URL不应包含URI片段
+clientRootURLFragmentError=根URL 不应包含 URL 片段
+
+pairwiseMalformedClientRedirectURI=客户端包含一个无效的重定向URL
+pairwiseClientRedirectURIsMissingHost=客户端重定向URL需要有一个有效的主机
+pairwiseClientRedirectURIsMultipleHosts=Without a configured Sector Identifier URI, client redirect URIs must not contain multiple host components.
+pairwiseMalformedSectorIdentifierURI=Malformed Sector Identifier URI.
+pairwiseFailedToGetRedirectURIs=无法从服务器获得重定向URL
+pairwiseRedirectURIsMismatch=客户端的重定向URI与服务器端获取的URI配置不匹配。

admin/resources/js/authz/authz-app.js

@@ -0,0 +1,543 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2016 Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+module.requires.push('ui.ace');
+
+module.config(['$routeProvider', function ($routeProvider) {
+    $routeProvider
+        .when('/realms/:realm/authz', {
+            templateUrl: resourceUrl + '/partials/authz/resource-server-list.html',
+            resolve: {
+                realm: function (RealmLoader) {
+                    return RealmLoader();
+                }
+            },
+            controller: 'ResourceServerCtrl'
+        }).when('/realms/:realm/clients/:client/authz/resource-server/create', {
+        templateUrl: resourceUrl + '/partials/authz/resource-server-detail.html',
+        resolve: {
+            realm: function (RealmLoader) {
+                return RealmLoader();
+            },
+            client : function(ClientLoader) {
+                return ClientLoader();
+            },
+            clients: function (ClientListLoader) {
+                return ClientListLoader();
+            }
+        },
+        controller: 'ResourceServerDetailCtrl'
+    }).when('/realms/:realm/clients/:client/authz/resource-server', {
+        templateUrl: resourceUrl + '/partials/authz/resource-server-detail.html',
+        resolve: {
+            realm: function (RealmLoader) {
+                return RealmLoader();
+            },
+            client : function(ClientLoader) {
+                return ClientLoader();
+            },
+            clients: function (ClientListLoader) {
+                return ClientListLoader();
+            },
+            serverInfo: function (ServerInfoLoader) {
+                return ServerInfoLoader();
+            }
+        },
+        controller: 'ResourceServerDetailCtrl'
+    }).when('/realms/:realm/clients/:client/authz/resource-server/export-settings', {
+              templateUrl: resourceUrl + '/partials/authz/resource-server-export-settings.html',
+              resolve: {
+                  realm: function (RealmLoader) {
+                      return RealmLoader();
+                  },
+                  client : function(ClientLoader) {
+                      return ClientLoader();
+                  },
+                  clients: function (ClientListLoader) {
+                      return ClientListLoader();
+                  },
+                  serverInfo: function (ServerInfoLoader) {
+                      return ServerInfoLoader();
+                  }
+              },
+              controller: 'ResourceServerDetailCtrl'
+    }).when('/realms/:realm/clients/:client/authz/resource-server/evaluate', {
+        templateUrl: resourceUrl + '/partials/authz/policy/resource-server-policy-evaluate.html',
+        resolve: {
+            realm: function (RealmLoader) {
+                return RealmLoader();
+            },
+            client : function(ClientLoader) {
+                return ClientLoader();
+            },
+            clients: function (ClientListLoader) {
+                return ClientListLoader();
+            },
+            roles: function (RoleListLoader) {
+                return new RoleListLoader();
+            }
+        },
+        controller: 'PolicyEvaluateCtrl'
+    }).when('/realms/:realm/clients/:client/authz/resource-server/evaluate/result', {
+        templateUrl: resourceUrl + '/partials/authz/policy/resource-server-policy-evaluate-result.html',
+        resolve: {
+            realm: function (RealmLoader) {
+                return RealmLoader();
+            },
+            client : function(ClientLoader) {
+                return ClientLoader();
+            },
+        },
+        controller: 'PolicyEvaluateCtrl'
+    }).when('/realms/:realm/clients/:client/authz/resource-server/resource', {
+        templateUrl: resourceUrl + '/partials/authz/resource-server-resource-list.html',
+        resolve: {
+            realm: function (RealmLoader) {
+                return RealmLoader();
+            },
+            client : function(ClientLoader) {
+                return ClientLoader();
+            }
+        },
+        controller: 'ResourceServerResourceCtrl'
+    }).when('/realms/:realm/clients/:client/authz/resource-server/resource/create', {
+        templateUrl: resourceUrl + '/partials/authz/resource-server-resource-detail.html',
+        resolve: {
+            realm: function (RealmLoader) {
+                return RealmLoader();
+            },
+            client : function(ClientLoader) {
+                return ClientLoader();
+            }
+        },
+        controller: 'ResourceServerResourceDetailCtrl'
+    }).when('/realms/:realm/clients/:client/authz/resource-server/resource/:rsrid', {
+        templateUrl: resourceUrl + '/partials/authz/resource-server-resource-detail.html',
+        resolve: {
+            realm: function (RealmLoader) {
+                return RealmLoader();
+            },
+            client : function(ClientLoader) {
+                return ClientLoader();
+            }
+        },
+        controller: 'ResourceServerResourceDetailCtrl'
+    }).when('/realms/:realm/clients/:client/authz/resource-server/scope', {
+        templateUrl: resourceUrl + '/partials/authz/resource-server-scope-list.html',
+        resolve: {
+            realm: function (RealmLoader) {
+                return RealmLoader();
+            },
+            client : function(ClientLoader) {
+                return ClientLoader();
+            }
+        },
+        controller: 'ResourceServerScopeCtrl'
+    }).when('/realms/:realm/clients/:client/authz/resource-server/scope/create', {
+        templateUrl: resourceUrl + '/partials/authz/resource-server-scope-detail.html',
+        resolve: {
+            realm: function (RealmLoader) {
+                return RealmLoader();
+            },
+            client : function(ClientLoader) {
+                return ClientLoader();
+            }
+        },
+        controller: 'ResourceServerScopeDetailCtrl'
+    }).when('/realms/:realm/clients/:client/authz/resource-server/scope/:id', {
+        templateUrl: resourceUrl + '/partials/authz/resource-server-scope-detail.html',
+        resolve: {
+            realm: function (RealmLoader) {
+                return RealmLoader();
+            },
+            client : function(ClientLoader) {
+                return ClientLoader();
+            }
+        },
+        controller: 'ResourceServerScopeDetailCtrl'
+    }).when('/realms/:realm/clients/:client/authz/resource-server/permission', {
+        templateUrl: resourceUrl + '/partials/authz/permission/resource-server-permission-list.html',
+        resolve: {
+            realm: function (RealmLoader) {
+                return RealmLoader();
+            },
+            client : function(ClientLoader) {
+                return ClientLoader();
+            }
+        },
+        controller: 'ResourceServerPermissionCtrl'
+    }).when('/realms/:realm/clients/:client/authz/resource-server/policy', {
+        templateUrl: resourceUrl + '/partials/authz/policy/resource-server-policy-list.html',
+        resolve: {
+            realm: function (RealmLoader) {
+                return RealmLoader();
+            },
+            client : function(ClientLoader) {
+                return ClientLoader();
+            }
+        },
+        controller: 'ResourceServerPolicyCtrl'
+    }).when('/realms/:realm/clients/:client/authz/resource-server/policy/rules/create', {
+        templateUrl: resourceUrl + '/partials/authz/policy/provider/resource-server-policy-drools-detail.html',
+        resolve: {
+            realm: function (RealmLoader) {
+                return RealmLoader();
+            },
+            client : function(ClientLoader) {
+                return ClientLoader();
+            }
+        },
+        controller: 'ResourceServerPolicyDroolsDetailCtrl'
+    }).when('/realms/:realm/clients/:client/authz/resource-server/policy/rules/:id', {
+        templateUrl: resourceUrl + '/partials/authz/policy/provider/resource-server-policy-drools-detail.html',
+        resolve: {
+            realm: function (RealmLoader) {
+                return RealmLoader();
+            },
+            client : function(ClientLoader) {
+                return ClientLoader();
+            }
+        },
+        controller: 'ResourceServerPolicyDroolsDetailCtrl'
+    }).when('/realms/:realm/clients/:client/authz/resource-server/permission/resource/create', {
+        templateUrl: resourceUrl + '/partials/authz/permission/provider/resource-server-policy-resource-detail.html',
+        resolve: {
+            realm: function (RealmLoader) {
+                return RealmLoader();
+            },
+            client : function(ClientLoader) {
+                return ClientLoader();
+            }
+        },
+        controller: 'ResourceServerPolicyResourceDetailCtrl'
+    }).when('/realms/:realm/clients/:client/authz/resource-server/permission/resource/:id', {
+        templateUrl: resourceUrl + '/partials/authz/permission/provider/resource-server-policy-resource-detail.html',
+        resolve: {
+            realm: function (RealmLoader) {
+                return RealmLoader();
+            },
+            client : function(ClientLoader) {
+                return ClientLoader();
+            }
+        },
+        controller: 'ResourceServerPolicyResourceDetailCtrl'
+    }).when('/realms/:realm/clients/:client/authz/resource-server/permission/scope/create', {
+        templateUrl: resourceUrl + '/partials/authz/permission/provider/resource-server-policy-scope-detail.html',
+        resolve: {
+            realm: function (RealmLoader) {
+                return RealmLoader();
+            },
+            client : function(ClientLoader) {
+                return ClientLoader();
+            }
+        },
+        controller: 'ResourceServerPolicyScopeDetailCtrl'
+    }).when('/realms/:realm/clients/:client/authz/resource-server/permission/scope/:id', {
+        templateUrl: resourceUrl + '/partials/authz/permission/provider/resource-server-policy-scope-detail.html',
+        resolve: {
+            realm: function (RealmLoader) {
+                return RealmLoader();
+            },
+            client : function(ClientLoader) {
+                return ClientLoader();
+            }
+        },
+        controller: 'ResourceServerPolicyScopeDetailCtrl'
+    }).when('/realms/:realm/clients/:client/authz/resource-server/policy/user/create', {
+        templateUrl: resourceUrl + '/partials/authz/policy/provider/resource-server-policy-user-detail.html',
+        resolve: {
+            realm: function (RealmLoader) {
+                return RealmLoader();
+            },
+            client : function(ClientLoader) {
+                return ClientLoader();
+            }
+        },
+        controller: 'ResourceServerPolicyUserDetailCtrl'
+    }).when('/realms/:realm/clients/:client/authz/resource-server/policy/user/:id', {
+        templateUrl: resourceUrl + '/partials/authz/policy/provider/resource-server-policy-user-detail.html',
+        resolve: {
+            realm: function (RealmLoader) {
+                return RealmLoader();
+            },
+            client : function(ClientLoader) {
+                return ClientLoader();
+            }
+        },
+        controller: 'ResourceServerPolicyUserDetailCtrl'
+    }).when('/realms/:realm/clients/:client/authz/resource-server/policy/client/create', {
+        templateUrl: resourceUrl + '/partials/authz/policy/provider/resource-server-policy-client-detail.html',
+        resolve: {
+            realm: function (RealmLoader) {
+                return RealmLoader();
+            },
+            client : function(ClientLoader) {
+                return ClientLoader();
+            }
+        },
+        controller: 'ResourceServerPolicyClientDetailCtrl'
+    }).when('/realms/:realm/clients/:client/authz/resource-server/policy/client/:id', {
+        templateUrl: resourceUrl + '/partials/authz/policy/provider/resource-server-policy-client-detail.html',
+        resolve: {
+            realm: function (RealmLoader) {
+                return RealmLoader();
+            },
+            client : function(ClientLoader) {
+                return ClientLoader();
+            }
+        },
+        controller: 'ResourceServerPolicyClientDetailCtrl'
+    }).when('/realms/:realm/clients/:client/authz/resource-server/policy/role/create', {
+        templateUrl: resourceUrl + '/partials/authz/policy/provider/resource-server-policy-role-detail.html',
+        resolve: {
+            realm: function (RealmLoader) {
+                return RealmLoader();
+            },
+            client : function(ClientLoader) {
+                return ClientLoader();
+            }
+        },
+        controller: 'ResourceServerPolicyRoleDetailCtrl'
+    }).when('/realms/:realm/clients/:client/authz/resource-server/policy/role/:id', {
+        templateUrl: resourceUrl + '/partials/authz/policy/provider/resource-server-policy-role-detail.html',
+        resolve: {
+            realm: function (RealmLoader) {
+                return RealmLoader();
+            },
+            client : function(ClientLoader) {
+                return ClientLoader();
+            }
+        },
+        controller: 'ResourceServerPolicyRoleDetailCtrl'
+    }).when('/realms/:realm/clients/:client/authz/resource-server/policy/group/create', {
+          templateUrl: resourceUrl + '/partials/authz/policy/provider/resource-server-policy-group-detail.html',
+          resolve: {
+              realm: function (RealmLoader) {
+                  return RealmLoader();
+              },
+              client : function(ClientLoader) {
+                  return ClientLoader();
+              }
+          },
+          controller: 'ResourceServerPolicyGroupDetailCtrl'
+      }).when('/realms/:realm/clients/:client/authz/resource-server/policy/group/:id', {
+          templateUrl: resourceUrl + '/partials/authz/policy/provider/resource-server-policy-group-detail.html',
+          resolve: {
+              realm: function (RealmLoader) {
+                  return RealmLoader();
+              },
+              client : function(ClientLoader) {
+                  return ClientLoader();
+              }
+          },
+          controller: 'ResourceServerPolicyGroupDetailCtrl'
+      }).when('/realms/:realm/clients/:client/authz/resource-server/policy/js/create', {
+        templateUrl: resourceUrl + '/partials/authz/policy/provider/resource-server-policy-js-detail.html',
+        resolve: {
+            realm: function (RealmLoader) {
+                return RealmLoader();
+            },
+            client : function(ClientLoader) {
+                return ClientLoader();
+            }
+        },
+        controller: 'ResourceServerPolicyJSDetailCtrl'
+    }).when('/realms/:realm/clients/:client/authz/resource-server/policy/js/:id', {
+        templateUrl: resourceUrl + '/partials/authz/policy/provider/resource-server-policy-js-detail.html',
+        resolve: {
+            realm: function (RealmLoader) {
+                return RealmLoader();
+            },
+            client : function(ClientLoader) {
+                return ClientLoader();
+            }
+        },
+        controller: 'ResourceServerPolicyJSDetailCtrl'
+    }).when('/realms/:realm/clients/:client/authz/resource-server/policy/time/create', {
+        templateUrl: resourceUrl + '/partials/authz/policy/provider/resource-server-policy-time-detail.html',
+        resolve: {
+            realm: function (RealmLoader) {
+                return RealmLoader();
+            },
+            client : function(ClientLoader) {
+                return ClientLoader();
+            }
+        },
+        controller: 'ResourceServerPolicyTimeDetailCtrl'
+    }).when('/realms/:realm/clients/:client/authz/resource-server/policy/time/:id', {
+        templateUrl: resourceUrl + '/partials/authz/policy/provider/resource-server-policy-time-detail.html',
+        resolve: {
+            realm: function (RealmLoader) {
+                return RealmLoader();
+            },
+            client : function(ClientLoader) {
+                return ClientLoader();
+            }
+        },
+        controller: 'ResourceServerPolicyTimeDetailCtrl'
+    }).when('/realms/:realm/clients/:client/authz/resource-server/policy/aggregate/create', {
+        templateUrl: resourceUrl + '/partials/authz/policy/provider/resource-server-policy-aggregate-detail.html',
+        resolve: {
+            realm: function (RealmLoader) {
+                return RealmLoader();
+            },
+            client : function(ClientLoader) {
+                return ClientLoader();
+            }
+        },
+        controller: 'ResourceServerPolicyAggregateDetailCtrl'
+    }).when('/realms/:realm/clients/:client/authz/resource-server/policy/aggregate/:id', {
+        templateUrl: resourceUrl + '/partials/authz/policy/provider/resource-server-policy-aggregate-detail.html',
+        resolve: {
+            realm: function (RealmLoader) {
+                return RealmLoader();
+            },
+            client : function(ClientLoader) {
+                return ClientLoader();
+            }
+        },
+        controller: 'ResourceServerPolicyAggregateDetailCtrl'
+    }).when('/realms/:realm/roles/:role/permissions', {
+        templateUrl : resourceUrl + '/partials/authz/mgmt/realm-role-permissions.html',
+        resolve : {
+            realm : function(RealmLoader) {
+                return RealmLoader();
+            },
+            role : function(RoleLoader) {
+                return RoleLoader();
+            }
+        },
+        controller : 'RealmRolePermissionsCtrl'
+    }).when('/realms/:realm/clients/:client/roles/:role/permissions', {
+        templateUrl : resourceUrl + '/partials/authz/mgmt/client-role-permissions.html',
+        resolve : {
+            realm : function(RealmLoader) {
+                return RealmLoader();
+            },
+            client : function(ClientLoader) {
+                return ClientLoader();
+            },
+            role : function(RoleLoader) {
+                return RoleLoader();
+            }
+        },
+        controller : 'ClientRolePermissionsCtrl'
+    }).when('/realms/:realm/users-permissions', {
+        templateUrl : resourceUrl + '/partials/authz/mgmt/users-permissions.html',
+        resolve : {
+            realm : function(RealmLoader) {
+                return RealmLoader();
+            }
+        },
+        controller : 'UsersPermissionsCtrl'
+    })
+        .when('/realms/:realm/clients/:client/permissions', {
+            templateUrl : resourceUrl + '/partials/authz/mgmt/client-permissions.html',
+            resolve : {
+                realm : function(RealmLoader) {
+                    return RealmLoader();
+                },
+                client : function(ClientLoader) {
+                    return ClientLoader();
+                }
+            },
+            controller : 'ClientPermissionsCtrl'
+        })
+        .when('/realms/:realm/groups/:group/permissions', {
+            templateUrl : resourceUrl + '/partials/authz/mgmt/group-permissions.html',
+            resolve : {
+                realm : function(RealmLoader) {
+                    return RealmLoader();
+                },
+                group : function(GroupLoader) {
+                    return GroupLoader();
+                }
+            },
+            controller : 'GroupPermissionsCtrl'
+        })
+        .when('/realms/:realm/identity-provider-settings/provider/:provider_id/:alias/permissions', {
+            templateUrl : function(params){ return resourceUrl + '/partials/authz/mgmt/broker-permissions.html'; },
+            resolve : {
+                realm : function(RealmLoader) {
+                    return RealmLoader();
+                },
+                identityProvider : function(IdentityProviderLoader) {
+                    return IdentityProviderLoader();
+                }
+             },
+            controller : 'IdentityProviderPermissionCtrl'
+        })
+    ;
+}]);
+
+module.directive('kcTabsResourceServer', function () {
+    return {
+        scope: true,
+        restrict: 'E',
+        replace: true,
+        templateUrl: resourceUrl + '/templates/authz/kc-tabs-resource-server.html'
+    }
+});
+
+module.filter('unique', function () {
+
+    return function (items, filterOn) {
+
+        if (filterOn === false) {
+            return items;
+        }
+
+        if ((filterOn || angular.isUndefined(filterOn)) && angular.isArray(items)) {
+            var hashCheck = {}, newItems = [];
+
+            var extractValueToCompare = function (item) {
+                if (angular.isObject(item) && angular.isString(filterOn)) {
+                    return item[filterOn];
+                } else {
+                    return item;
+                }
+            };
+
+            angular.forEach(items, function (item) {
+                var valueToCheck, isDuplicate = false;
+
+                for (var i = 0; i < newItems.length; i++) {
+                    if (angular.equals(extractValueToCompare(newItems[i]), extractValueToCompare(item))) {
+                        isDuplicate = true;
+                        break;
+                    }
+                }
+                if (!isDuplicate) {
+                    newItems.push(item);
+                }
+
+            });
+            items = newItems;
+        }
+        return items;
+    };
+});
+
+module.filter('toCamelCase', function () {
+    return function (input) {
+        input = input || '';
+        return input.replace(/\w\S*/g, function (txt) {
+            return txt.charAt(0).toUpperCase() + txt.substr(1).toLowerCase();
+        });
+    };
+})

admin/resources/js/authz/authz-services.js

@@ -0,0 +1,204 @@
+module.factory('ResourceServer', function($resource) {
+    return $resource(authUrl + '/admin/realms/:realm/clients/:client/authz/resource-server', {
+        realm : '@realm',
+        client: '@client'
+    }, {
+        'update' : {method : 'PUT'},
+        'import' : {url: authUrl + '/admin/realms/:realm/clients/:client/authz/resource-server/import', method : 'POST'},
+        'settings' : {url: authUrl + '/admin/realms/:realm/clients/:client/authz/resource-server/settings', method : 'GET'}
+    });
+});
+
+module.factory('ResourceServerResource', function($resource) {
+    return $resource(authUrl + '/admin/realms/:realm/clients/:client/authz/resource-server/resource/:rsrid', {
+        realm : '@realm',
+        client: '@client',
+        rsrid : '@rsrid'
+    }, {
+        'update' : {method : 'PUT'},
+        'search' : {url: authUrl + '/admin/realms/:realm/clients/:client/authz/resource-server/resource/search', method : 'GET'},
+        'scopes' : {url: authUrl + '/admin/realms/:realm/clients/:client/authz/resource-server/resource/:rsrid/scopes', method : 'GET', isArray: true},
+        'permissions' : {url: authUrl + '/admin/realms/:realm/clients/:client/authz/resource-server/resource/:rsrid/permissions', method : 'GET', isArray: true}
+    });
+});
+
+module.factory('ResourceServerScope', function($resource) {
+    return $resource(authUrl + '/admin/realms/:realm/clients/:client/authz/resource-server/scope/:id', {
+        realm : '@realm',
+        client: '@client',
+        id : '@id'
+    }, {
+        'update' : {method : 'PUT'},
+        'search' : {url: authUrl + '/admin/realms/:realm/clients/:client/authz/resource-server/scope/search', method : 'GET'},
+        'resources' : {url: authUrl + '/admin/realms/:realm/clients/:client/authz/resource-server/scope/:id/resources', method : 'GET', isArray: true},
+        'permissions' : {url: authUrl + '/admin/realms/:realm/clients/:client/authz/resource-server/scope/:id/permissions', method : 'GET', isArray: true},
+    });
+});
+
+module.factory('ResourceServerPolicy', function($resource) {
+    return $resource(authUrl + '/admin/realms/:realm/clients/:client/authz/resource-server/policy/:type/:id', {
+        realm : '@realm',
+        client: '@client',
+        id : '@id',
+        type: '@type'
+    }, {
+        'update' : {method : 'PUT'},
+        'search' : {url: authUrl + '/admin/realms/:realm/clients/:client/authz/resource-server/policy/search', method : 'GET'},
+        'associatedPolicies' : {url: authUrl + '/admin/realms/:realm/clients/:client/authz/resource-server/policy/:id/associatedPolicies', method : 'GET', isArray: true},
+        'dependentPolicies' : {url: authUrl + '/admin/realms/:realm/clients/:client/authz/resource-server/policy/:id/dependentPolicies', method : 'GET', isArray: true},
+        'scopes' : {url: authUrl + '/admin/realms/:realm/clients/:client/authz/resource-server/policy/:id/scopes', method : 'GET', isArray: true},
+        'resources' : {url: authUrl + '/admin/realms/:realm/clients/:client/authz/resource-server/policy/:id/resources', method : 'GET', isArray: true}
+    });
+});
+
+module.factory('ResourceServerPermission', function($resource) {
+    return $resource(authUrl + '/admin/realms/:realm/clients/:client/authz/resource-server/permission/:type/:id', {
+        realm : '@realm',
+        client: '@client',
+        type: '@type',
+        id : '@id'
+    }, {
+        'update' : {method : 'PUT'},
+        'search' : {url: authUrl + '/admin/realms/:realm/clients/:client/authz/resource-server/permission/search', method : 'GET'},
+        'searchPolicies' : {url: authUrl + '/admin/realms/:realm/clients/:client/authz/resource-server/policy', method : 'GET', isArray: true},
+        'associatedPolicies' : {url: authUrl + '/admin/realms/:realm/clients/:client/authz/resource-server/policy/:id/associatedPolicies', method : 'GET', isArray: true},
+        'dependentPolicies' : {url: authUrl + '/admin/realms/:realm/clients/:client/authz/resource-server/policy/:id/dependentPolicies', method : 'GET', isArray: true},
+        'scopes' : {url: authUrl + '/admin/realms/:realm/clients/:client/authz/resource-server/permission/:id/scopes', method : 'GET', isArray: true},
+        'resources' : {url: authUrl + '/admin/realms/:realm/clients/:client/authz/resource-server/permission/:id/resources', method : 'GET', isArray: true}
+    });
+});
+
+module.factory('PolicyProvider', function($resource) {
+    return $resource(authUrl + '/admin/realms/:realm/clients/:client/authz/resource-server/policy/providers', {
+        realm : '@realm',
+        client: '@client'
+    });
+});
+
+module.service('AuthzDialog', function($modal) {
+    var dialog = {};
+
+    var openDialog = function(title, message, btns, template) {
+        var controller = function($scope, $modalInstance, $sce, title, message, btns) {
+            $scope.title = title;
+            $scope.message = $sce.trustAsHtml(message);
+            $scope.btns = btns;
+
+            $scope.ok = function () {
+                $modalInstance.close();
+            };
+            $scope.cancel = function () {
+                $modalInstance.dismiss('cancel');
+            };
+        };
+
+        return $modal.open({
+            templateUrl: resourceUrl + template,
+            controller: controller,
+            resolve: {
+                title: function() {
+                    return title;
+                },
+                message: function() {
+                    return message;
+                },
+                btns: function() {
+                    return btns;
+                }
+            }
+        }).result;
+    }
+
+    dialog.confirmDeleteWithMsg = function(name, type, msg, success) {
+        var title = 'Delete ' + type;
+        msg += 'Are you sure you want to permanently delete the ' + type + ' <strong>' + name + '</strong> ?';
+        var btns = {
+            ok: {
+                label: 'Delete',
+                cssClass: 'btn btn-danger'
+            },
+            cancel: {
+                label: 'Cancel',
+                cssClass: 'btn btn-default'
+            }
+        }
+
+        openDialog(title, msg, btns, '/templates/authz/kc-authz-modal.html').then(success);
+    };
+
+    dialog.confirmDelete = function(name, type, success) {
+        var title = 'Delete ' + type;
+        var msg = 'Are you sure you want to permanently delete the ' + type + ' <strong>' + name + '</strong> ?';
+        var btns = {
+            ok: {
+                label: 'Delete',
+                cssClass: 'btn btn-danger'
+            },
+            cancel: {
+                label: 'Cancel',
+                cssClass: 'btn btn-default'
+            }
+        }
+
+        openDialog(title, msg, btns, '/templates/authz/kc-authz-modal.html').then(success);
+    }
+
+    return dialog;
+});
+
+module.factory('RoleManagementPermissions', function($resource) {
+    return $resource(authUrl + '/admin/realms/:realm/roles-by-id/:role/management/permissions', {
+        realm : '@realm',
+        role : '@role'
+    }, {
+        update: {
+            method: 'PUT'
+        }
+    });
+});
+
+module.factory('UsersManagementPermissions', function($resource) {
+    return $resource(authUrl + '/admin/realms/:realm/users-management-permissions', {
+        realm : '@realm'
+    }, {
+        update: {
+            method: 'PUT'
+        }
+    });
+});
+
+module.factory('ClientManagementPermissions', function($resource) {
+    return $resource(authUrl + '/admin/realms/:realm/clients/:client/management/permissions', {
+        realm : '@realm',
+        client : '@client'
+    }, {
+        update: {
+            method: 'PUT'
+        }
+    });
+});
+
+module.factory('IdentityProviderManagementPermissions', function($resource) {
+    return $resource(authUrl + '/admin/realms/:realm/identity-provider/instances/:alias/management/permissions', {
+        realm : '@realm',
+        alias : '@alias'
+    }, {
+        update: {
+            method: 'PUT'
+        }
+    });
+});
+
+module.factory('GroupManagementPermissions', function($resource) {
+    return $resource(authUrl + '/admin/realms/:realm/groups/:group/management/permissions', {
+        realm : '@realm',
+        group : '@group'
+    }, {
+        update: {
+            method: 'PUT'
+        }
+    });
+});
+
+
+

admin/resources/js/controllers/groups.js

@@ -0,0 +1,503 @@
+module.controller('GroupListCtrl', function($scope, $route, $q, realm, Groups, GroupsCount, Group, GroupChildren, Notifications, $location, Dialog) {
+    $scope.realm = realm;
+    $scope.groupList = [
+        {
+            "id" : "realm",
+            "name": "Groups",
+            "subGroups" : []
+        }
+    ];
+
+
+    $scope.searchTerms = '';
+    $scope.currentPage = 1;
+    $scope.currentPageInput = $scope.currentPage;
+    $scope.pageSize = 20;
+    $scope.tree = [];
+
+    var refreshGroups = function (search) {
+        console.log('refreshGroups');
+
+        var first = ($scope.currentPage * $scope.pageSize) - $scope.pageSize;
+        console.log('first:' + first);
+        var queryParams = {
+            realm : realm.id,
+            first : first,
+            max : $scope.pageSize
+        };
+        var countParams = {
+            realm : realm.id,
+            top : 'true'
+        };
+
+        if(angular.isDefined(search) && search !== '') {
+            queryParams.search = search;
+            countParams.search = search;
+        }
+
+        var promiseGetGroups = $q.defer();
+        Groups.query(queryParams, function(entry) {
+            promiseGetGroups.resolve(entry);
+        }, function() {
+            promiseGetGroups.reject('Unable to fetch ' + queryParams);
+        });
+        var promiseGetGroupsChain   = promiseGetGroups.promise.then(function(groups) {
+            console.log('*** group call groups size: ' + groups.length);
+            console.log('*** group call groups size: ' + groups.length);
+            $scope.groupList = [
+                {
+                    "id" : "realm",
+                    "name": "Groups",
+                    "subGroups" : groups
+                }
+            ];
+        });
+
+        var promiseCount = $q.defer();
+        GroupsCount.query(countParams, function(entry) {
+            promiseCount.resolve(entry);
+        }, function() {
+            promiseCount.reject('Unable to fetch ' + countParams);
+        });
+        var promiseCountChain   = promiseCount.promise.then(function(groupsCount) {
+            $scope.numberOfPages = Math.ceil(groupsCount.count/$scope.pageSize);
+         });
+    };
+    refreshGroups();
+
+    $scope.$watch('currentPage', function(newValue, oldValue) {
+        if(newValue !== oldValue) {
+            refreshGroups($scope.searchTerms);
+        }
+    });
+
+    $scope.clearSearch = function() {
+        $scope.searchTerms = '';
+        $scope.currentPage = 1;
+        refreshGroups();
+    };
+
+    $scope.searchGroup = function() {
+        $scope.currentPage = 1;
+        refreshGroups($scope.searchTerms);
+    };
+
+    $scope.edit = function(selected) {
+        if (selected.id === 'realm') return;
+        $location.url("/realms/" + realm.realm + "/groups/" + selected.id);
+    };
+
+    $scope.cut = function(selected) {
+        $scope.cutNode = selected;
+    };
+
+    $scope.isDisabled = function() {
+        if (!$scope.tree.currentNode) return true;
+        return $scope.tree.currentNode.id === 'realm';
+    };
+
+    $scope.paste = function(selected) {
+        if (selected === null) return;
+        if ($scope.cutNode === null) return;
+        if (selected.id === $scope.cutNode.id) return;
+        if (selected.id === 'realm') {
+            Groups.save({realm: realm.realm}, {id:$scope.cutNode.id}, function() {
+                $route.reload();
+                Notifications.success("Group moved.");
+
+            });
+
+        } else {
+            GroupChildren.save({realm: realm.realm, groupId: selected.id}, {id:$scope.cutNode.id}, function() {
+                $route.reload();
+                Notifications.success("Group moved.");
+
+            });
+
+        }
+
+    };
+
+    $scope.remove = function(selected) {
+        if (selected === null) return;
+        Dialog.confirmDelete(selected.name, 'group', function() {
+            Group.remove({ realm: realm.realm, groupId : selected.id }, function() {
+                $route.reload();
+                Notifications.success("The group has been deleted.");
+            });
+        });
+
+    };
+
+    $scope.createGroup = function(selected) {
+        var parent = 'realm';
+        if (selected) {
+            parent = selected.id;
+        }
+        $location.url("/create/group/" + realm.realm + '/parent/' + parent);
+
+    };
+    var isLeaf = function(node) {
+        return node.id !== "realm" && (!node.subGroups || node.subGroups.length === 0);
+    };
+
+    $scope.getGroupClass = function(node) {
+        if (node.id === "realm") {
+            return 'pficon pficon-users';
+        }
+        if (isLeaf(node)) {
+            return 'normal';
+        }
+        if (node.subGroups.length && node.collapsed) return 'collapsed';
+        if (node.subGroups.length && !node.collapsed) return 'expanded';
+        return 'collapsed';
+
+    };
+
+    $scope.getSelectedClass = function(node) {
+        if (node.selected) {
+            return 'selected';
+        } else if ($scope.cutNode && $scope.cutNode.id === node.id) {
+            return 'cut';
+        }
+        return undefined;
+    }
+
+});
+
+module.controller('GroupCreateCtrl', function($scope, $route, realm, parentId, Groups, Group, GroupChildren, Notifications, $location) {
+    $scope.realm = realm;
+    $scope.group = {};
+    $scope.save = function() {
+        console.log('save!!!');
+        if (parentId === 'realm') {
+            console.log('realm');
+            Groups.save({realm: realm.realm}, $scope.group, function(data, headers) {
+                var l = headers().location;
+
+
+                var id = l.substring(l.lastIndexOf("/") + 1);
+
+                $location.url("/realms/" + realm.realm + "/groups/" + id);
+                Notifications.success("Group Created.");
+            })
+
+        } else {
+            GroupChildren.save({realm: realm.realm, groupId: parentId}, $scope.group, function(data, headers) {
+                var l = headers().location;
+
+
+                var id = l.substring(l.lastIndexOf("/") + 1);
+
+                $location.url("/realms/" + realm.realm + "/groups/" + id);
+                Notifications.success("Group Created.");
+            })
+
+        }
+
+    };
+    $scope.cancel = function() {
+        $location.url("/realms/" + realm.realm + "/groups");
+    };
+});
+
+module.controller('GroupTabCtrl', function(Dialog, $scope, Current, Group, Notifications, $location) {
+    $scope.removeGroup = function() {
+        Dialog.confirmDelete($scope.group.name, 'group', function() {
+            Group.remove({
+                realm : Current.realm.realm,
+                groupId : $scope.group.id
+            }, function() {
+                $location.url("/realms/" + Current.realm.realm + "/groups");
+                Notifications.success("The group has been deleted.");
+            });
+        });
+    };
+});
+
+module.controller('GroupDetailCtrl', function(Dialog, $scope, realm, group, Group, Notifications, $location) {
+    $scope.realm = realm;
+
+    if (!group.attributes) {
+        group.attributes = {}
+    }
+    convertAttributeValuesToString(group);
+
+
+    $scope.group = angular.copy(group);
+
+    $scope.changed = false; // $scope.create;
+    $scope.$watch('group', function() {
+        if (!angular.equals($scope.group, group)) {
+            $scope.changed = true;
+        }
+    }, true);
+
+    $scope.save = function() {
+        convertAttributeValuesToLists();
+
+        Group.update({
+            realm: realm.realm,
+            groupId: $scope.group.id
+        }, $scope.group, function () {
+            $scope.changed = false;
+            convertAttributeValuesToString($scope.group);
+            group = angular.copy($scope.group);
+            Notifications.success("Your changes have been saved to the group.");
+        });
+    };
+
+    function convertAttributeValuesToLists() {
+        var attrs = $scope.group.attributes;
+        for (var attribute in attrs) {
+            if (typeof attrs[attribute] === "string") {
+                attrs[attribute] = attrs[attribute].split("##");
+            }
+        }
+    }
+
+    function convertAttributeValuesToString(group) {
+        var attrs = group.attributes;
+        for (var attribute in attrs) {
+            if (typeof attrs[attribute] === "object") {
+                attrs[attribute] = attrs[attribute].join("##");
+            }
+        }
+    }
+
+    $scope.reset = function() {
+        $scope.group = angular.copy(group);
+        $scope.changed = false;
+    };
+
+    $scope.cancel = function() {
+        $location.url("/realms/" + realm.realm + "/groups");
+    };
+
+    $scope.addAttribute = function() {
+        $scope.group.attributes[$scope.newAttribute.key] = $scope.newAttribute.value;
+        delete $scope.newAttribute;
+    }
+
+    $scope.removeAttribute = function(key) {
+        delete $scope.group.attributes[key];
+    }
+});
+
+module.controller('GroupRoleMappingCtrl', function($scope, $http, realm, group, clients, client, Notifications, GroupRealmRoleMapping,
+                                                   GroupClientRoleMapping, GroupAvailableRealmRoleMapping, GroupAvailableClientRoleMapping,
+                                                   GroupCompositeRealmRoleMapping, GroupCompositeClientRoleMapping) {
+    $scope.realm = realm;
+    $scope.group = group;
+    $scope.selectedRealmRoles = [];
+    $scope.selectedRealmMappings = [];
+    $scope.realmMappings = [];
+    $scope.clients = clients;
+    $scope.client = client;
+    $scope.clientRoles = [];
+    $scope.clientComposite = [];
+    $scope.selectedClientRoles = [];
+    $scope.selectedClientMappings = [];
+    $scope.clientMappings = [];
+    $scope.dummymodel = [];
+
+    $scope.realmMappings = GroupRealmRoleMapping.query({realm : realm.realm, groupId : group.id});
+    $scope.realmRoles = GroupAvailableRealmRoleMapping.query({realm : realm.realm, groupId : group.id});
+    $scope.realmComposite = GroupCompositeRealmRoleMapping.query({realm : realm.realm, groupId : group.id});
+
+    $scope.addRealmRole = function() {
+        var roles = $scope.selectedRealmRoles;
+        $scope.selectedRealmRoles = [];
+        $http.post(authUrl + '/admin/realms/' + realm.realm + '/groups/' + group.id + '/role-mappings/realm',
+            roles).then(function() {
+            $scope.realmMappings = GroupRealmRoleMapping.query({realm : realm.realm, groupId : group.id});
+            $scope.realmRoles = GroupAvailableRealmRoleMapping.query({realm : realm.realm, groupId : group.id});
+            $scope.realmComposite = GroupCompositeRealmRoleMapping.query({realm : realm.realm, groupId : group.id});
+            $scope.selectedRealmMappings = [];
+            $scope.selectRealmRoles = [];
+            if ($scope.targetClient) {
+                console.log('load available');
+                $scope.clientComposite = GroupCompositeClientRoleMapping.query({realm : realm.realm, groupId : group.id, client : $scope.targetClient.id});
+                $scope.clientRoles = GroupAvailableClientRoleMapping.query({realm : realm.realm, groupId : group.id, client : $scope.targetClient.id});
+                $scope.clientMappings = GroupClientRoleMapping.query({realm : realm.realm, groupId : group.id, client : $scope.targetClient.id});
+                $scope.selectedClientRoles = [];
+                $scope.selectedClientMappings = [];
+            }
+            Notifications.success("Role mappings updated.");
+
+        });
+    };
+
+    $scope.deleteRealmRole = function() {
+        $http.delete(authUrl + '/admin/realms/' + realm.realm + '/groups/' + group.id + '/role-mappings/realm',
+            {data : $scope.selectedRealmMappings, headers : {"content-type" : "application/json"}}).then(function() {
+            $scope.realmMappings = GroupRealmRoleMapping.query({realm : realm.realm, groupId : group.id});
+            $scope.realmRoles = GroupAvailableRealmRoleMapping.query({realm : realm.realm, groupId : group.id});
+            $scope.realmComposite = GroupCompositeRealmRoleMapping.query({realm : realm.realm, groupId : group.id});
+            $scope.selectedRealmMappings = [];
+            $scope.selectRealmRoles = [];
+            if ($scope.targetClient) {
+                console.log('load available');
+                $scope.clientComposite = GroupCompositeClientRoleMapping.query({realm : realm.realm, groupId : group.id, client : $scope.targetClient.id});
+                $scope.clientRoles = GroupAvailableClientRoleMapping.query({realm : realm.realm, groupId : group.id, client : $scope.targetClient.id});
+                $scope.clientMappings = GroupClientRoleMapping.query({realm : realm.realm, groupId : group.id, client : $scope.targetClient.id});
+                $scope.selectedClientRoles = [];
+                $scope.selectedClientMappings = [];
+            }
+            Notifications.success("Role mappings updated.");
+        });
+    };
+
+    $scope.addClientRole = function() {
+        $http.post(authUrl + '/admin/realms/' + realm.realm + '/groups/' + group.id + '/role-mappings/clients/' + $scope.targetClient.id,
+            $scope.selectedClientRoles).then(function() {
+            $scope.clientMappings = GroupClientRoleMapping.query({realm : realm.realm, groupId : group.id, client : $scope.targetClient.id});
+            $scope.clientRoles = GroupAvailableClientRoleMapping.query({realm : realm.realm, groupId : group.id, client : $scope.targetClient.id});
+            $scope.clientComposite = GroupCompositeClientRoleMapping.query({realm : realm.realm, groupId : group.id, client : $scope.targetClient.id});
+            $scope.selectedClientRoles = [];
+            $scope.selectedClientMappings = [];
+            $scope.realmComposite = GroupCompositeRealmRoleMapping.query({realm : realm.realm, groupId : group.id});
+            $scope.realmRoles = GroupAvailableRealmRoleMapping.query({realm : realm.realm, groupId : group.id});
+            Notifications.success("Role mappings updated.");
+        });
+    };
+
+    $scope.deleteClientRole = function() {
+        $http.delete(authUrl + '/admin/realms/' + realm.realm + '/groups/' + group.id + '/role-mappings/clients/' + $scope.targetClient.id,
+            {data : $scope.selectedClientMappings, headers : {"content-type" : "application/json"}}).then(function() {
+            $scope.clientMappings = GroupClientRoleMapping.query({realm : realm.realm, groupId : group.id, client : $scope.targetClient.id});
+            $scope.clientRoles = GroupAvailableClientRoleMapping.query({realm : realm.realm, groupId : group.id, client : $scope.targetClient.id});
+            $scope.clientComposite = GroupCompositeClientRoleMapping.query({realm : realm.realm, groupId : group.id, client : $scope.targetClient.id});
+            $scope.selectedClientRoles = [];
+            $scope.selectedClientMappings = [];
+            $scope.realmComposite = GroupCompositeRealmRoleMapping.query({realm : realm.realm, groupId : group.id});
+            $scope.realmRoles = GroupAvailableRealmRoleMapping.query({realm : realm.realm, groupId : group.id});
+            Notifications.success("Role mappings updated.");
+        });
+    };
+
+
+    $scope.changeClient = function() {
+        if ($scope.targetClient) {
+            $scope.clientComposite = GroupCompositeClientRoleMapping.query({realm : realm.realm, groupId : group.id, client : $scope.targetClient.id});
+            $scope.clientRoles = GroupAvailableClientRoleMapping.query({realm : realm.realm, groupId : group.id, client : $scope.targetClient.id});
+            $scope.clientMappings = GroupClientRoleMapping.query({realm : realm.realm, groupId : group.id, client : $scope.targetClient.id});
+        } else {
+            $scope.clientRoles = null;
+            $scope.clientMappings = null;
+            $scope.clientComposite = null;
+        }
+        $scope.selectedClientRoles = [];
+        $scope.selectedClientMappings = [];
+    };
+
+
+
+});
+
+module.controller('GroupMembersCtrl', function($scope, realm, group, GroupMembership) {
+    $scope.realm = realm;
+    $scope.page = 0;
+    $scope.group = group;
+
+    $scope.query = {
+        realm: realm.realm,
+        groupId: group.id,
+        max : 5,
+        first : 0
+    };
+
+
+    $scope.firstPage = function() {
+        $scope.query.first = 0;
+        $scope.searchQuery();
+    };
+
+    $scope.previousPage = function() {
+        $scope.query.first -= parseInt($scope.query.max);
+        if ($scope.query.first < 0) {
+            $scope.query.first = 0;
+        }
+        $scope.searchQuery();
+    };
+
+    $scope.nextPage = function() {
+        $scope.query.first += parseInt($scope.query.max);
+        $scope.searchQuery();
+    };
+
+    $scope.searchQuery = function() {
+        console.log("query.search: " + $scope.query.search);
+        $scope.searchLoaded = false;
+
+        $scope.users = GroupMembership.query($scope.query, function() {
+            console.log('search loaded');
+            $scope.searchLoaded = true;
+            $scope.lastSearch = $scope.query.search;
+        });
+    };
+
+    $scope.searchQuery();
+
+});
+
+module.controller('DefaultGroupsCtrl', function($scope, $route, realm, groups, DefaultGroups, Notifications) {
+    $scope.realm = realm;
+    $scope.groupList = groups;
+    $scope.selectedGroup = null;
+    $scope.tree = [];
+
+    DefaultGroups.query({realm: realm.realm}, function(data) {
+        $scope.defaultGroups = data;
+
+    });
+
+    $scope.addDefaultGroup = function() {
+        if (!$scope.tree.currentNode) {
+            Notifications.error('Please select a group to add');
+            return;
+        }
+
+        DefaultGroups.update({realm: realm.realm, groupId: $scope.tree.currentNode.id}, function() {
+            Notifications.success('Added default group');
+            $route.reload();
+        });
+
+    };
+
+    $scope.removeDefaultGroup = function() {
+        DefaultGroups.remove({realm: realm.realm, groupId: $scope.selectedGroup.id}, function() {
+            Notifications.success('Removed default group');
+            $route.reload();
+        });
+
+    };
+
+    var isLeaf = function(node) {
+        return node.id !== "realm" && (!node.subGroups || node.subGroups.length === 0);
+    };
+
+    $scope.getGroupClass = function(node) {
+        if (node.id === "realm") {
+            return 'pficon pficon-users';
+        }
+        if (isLeaf(node)) {
+            return 'normal';
+        }
+        if (node.subGroups.length && node.collapsed) return 'collapsed';
+        if (node.subGroups.length && !node.collapsed) return 'expanded';
+        return 'collapsed';
+
+    };
+
+    $scope.getSelectedClass = function(node) {
+        if (node.selected) {
+            return 'selected';
+        } else if ($scope.cutNode && $scope.cutNode.id === node.id) {
+            return 'cut';
+        }
+        return undefined;
+    }
+
+});
+

admin/resources/js/controllers/roles.js

@@ -0,0 +1,48 @@
+module.controller('RoleMembersCtrl', function($scope, realm, role, RoleMembership, Dialog, Notifications, $location, RealmRoleRemover) {
+    $scope.realm = realm;
+    $scope.page = 0;
+    $scope.role = role;
+
+    $scope.query = {
+        realm: realm.realm,
+        role: role.name,
+        max : 5,
+        first : 0
+    }
+
+    $scope.remove = function() {
+        RealmRoleRemover.remove($scope.role, realm, Dialog, $location, Notifications);
+    };
+    
+    $scope.firstPage = function() {
+        $scope.query.first = 0;
+        $scope.searchQuery();
+    }
+
+    $scope.previousPage = function() {
+        $scope.query.first -= parseInt($scope.query.max);
+        if ($scope.query.first < 0) {
+            $scope.query.first = 0;
+        }
+        $scope.searchQuery();
+    }
+
+    $scope.nextPage = function() {
+        $scope.query.first += parseInt($scope.query.max);
+        $scope.searchQuery();
+    }
+
+    $scope.searchQuery = function() {
+        console.log("query.search: " + $scope.query.search);
+        $scope.searchLoaded = false;
+
+        $scope.users = RoleMembership.query($scope.query, function() {
+            console.log('search loaded');
+            $scope.searchLoaded = true;
+            $scope.lastSearch = $scope.query.search;
+        });
+    };
+
+    $scope.searchQuery();
+
+});

admin/resources/js/loaders.js

@@ -0,0 +1,536 @@
+'use strict';
+
+var module = angular.module('keycloak.loaders', [ 'keycloak.services', 'ngResource' ]);
+
+module.factory('Loader', function($q) {
+	var loader = {};
+	loader.get = function(service, id) {
+		return function() {
+			var i = id && id();
+			var delay = $q.defer();
+			service.get(i, function(entry) {
+				delay.resolve(entry);
+			}, function() {
+				delay.reject('Unable to fetch ' + i);
+			});
+			return delay.promise;
+		};
+	};
+	loader.query = function(service, id) {
+		return function() {
+			var i = id && id();
+			var delay = $q.defer();
+			service.query(i, function(entry) {
+				delay.resolve(entry);
+			}, function() {
+				delay.reject('Unable to fetch ' + i);
+			});
+			return delay.promise;
+		};
+	};
+	return loader;
+});
+
+module.factory('RealmListLoader', function(Loader, Realm, $q) {
+	return Loader.get(Realm);
+});
+
+module.factory('ServerInfoLoader', function(Loader, ServerInfo) {
+    return function() {
+        return ServerInfo.promise;
+    };
+});
+
+module.factory('RealmLoader', function(Loader, Realm, $route, $q) {
+	return Loader.get(Realm, function() {
+		return {
+			id : $route.current.params.realm
+		}
+	});
+});
+
+module.factory('RealmKeysLoader', function(Loader, RealmKeys, $route, $q) {
+    return Loader.get(RealmKeys, function() {
+        return {
+            id : $route.current.params.realm
+        }
+    });
+});
+
+module.factory('RealmEventsConfigLoader', function(Loader, RealmEventsConfig, $route, $q) {
+    return Loader.get(RealmEventsConfig, function() {
+        return {
+            id : $route.current.params.realm
+        }
+    });
+});
+
+module.factory('UserListLoader', function(Loader, User, $route, $q) {
+    return Loader.query(User, function() {
+        return {
+            realm : $route.current.params.realm
+        }
+    });
+});
+
+module.factory('RequiredActionsListLoader', function(Loader, RequiredActions, $route, $q) {
+    return Loader.query(RequiredActions, function() {
+        return {
+            realm : $route.current.params.realm
+        }
+    });
+});
+
+module.factory('UnregisteredRequiredActionsListLoader', function(Loader, UnregisteredRequiredActions, $route, $q) {
+    return Loader.query(UnregisteredRequiredActions, function() {
+        return {
+            realm : $route.current.params.realm
+        }
+    });
+});
+
+module.factory('RealmSessionStatsLoader', function(Loader, RealmSessionStats, $route, $q) {
+    return Loader.get(RealmSessionStats, function() {
+        return {
+            realm : $route.current.params.realm
+        }
+    });
+});
+
+module.factory('RealmClientSessionStatsLoader', function(Loader, RealmClientSessionStats, $route, $q) {
+    return Loader.query(RealmClientSessionStats, function() {
+        return {
+            realm : $route.current.params.realm
+        }
+    });
+});
+
+module.factory('ClientProtocolMapperLoader', function(Loader, ClientProtocolMapper, $route, $q) {
+    return Loader.get(ClientProtocolMapper, function() {
+        return {
+            realm : $route.current.params.realm,
+            client : $route.current.params.client,
+            id: $route.current.params.id
+        }
+    });
+});
+
+module.factory('ClientTemplateProtocolMapperLoader', function(Loader, ClientTemplateProtocolMapper, $route, $q) {
+    return Loader.get(ClientTemplateProtocolMapper, function() {
+        return {
+            realm : $route.current.params.realm,
+            template : $route.current.params.template,
+            id: $route.current.params.id
+        }
+    });
+});
+
+module.factory('UserLoader', function(Loader, User, $route, $q) {
+    return Loader.get(User, function() {
+        return {
+            realm : $route.current.params.realm,
+            userId : $route.current.params.user
+        }
+    });
+});
+
+module.factory('ComponentLoader', function(Loader, Components, $route, $q) {
+    return Loader.get(Components, function() {
+        return {
+            realm : $route.current.params.realm,
+            componentId: $route.current.params.componentId
+        }
+    });
+});
+
+module.factory('LDAPMapperLoader', function(Loader, Components, $route, $q) {
+    return Loader.get(Components, function() {
+        return {
+            realm : $route.current.params.realm,
+            componentId: $route.current.params.mapperId
+        }
+    });
+});
+
+module.factory('ComponentsLoader', function(Loader, Components, $route, $q) {
+    var componentsLoader = {};
+
+    componentsLoader.loadComponents = function(parent, componentType) {
+        return Loader.query(Components, function() {
+            return {
+                realm : $route.current.params.realm,
+                parent : parent,
+                type: componentType
+            }
+        })();
+    };
+
+    return componentsLoader;
+});
+
+module.factory('SubComponentTypesLoader', function(Loader, SubComponentTypes, $route, $q) {
+    var componentsLoader = {};
+
+    componentsLoader.loadComponents = function(parent, componentType) {
+        return Loader.query(SubComponentTypes, function() {
+            return {
+                realm : $route.current.params.realm,
+                componentId : parent,
+                type: componentType
+            }
+        })();
+    };
+
+    return componentsLoader;
+});
+
+module.factory('UserSessionStatsLoader', function(Loader, UserSessionStats, $route, $q) {
+    return Loader.get(UserSessionStats, function() {
+        return {
+            realm : $route.current.params.realm,
+            user : $route.current.params.user
+        }
+    });
+});
+
+module.factory('UserSessionsLoader', function(Loader, UserSessions, $route, $q) {
+    return Loader.query(UserSessions, function() {
+        return {
+            realm : $route.current.params.realm,
+            user : $route.current.params.user
+        }
+    });
+});
+
+module.factory('UserOfflineSessionsLoader', function(Loader, UserOfflineSessions, $route, $q) {
+    return Loader.query(UserOfflineSessions, function() {
+        return {
+            realm : $route.current.params.realm,
+            user : $route.current.params.user,
+            client : $route.current.params.client
+        }
+    });
+});
+
+module.factory('UserFederatedIdentityLoader', function(Loader, UserFederatedIdentities, $route, $q) {
+    return Loader.query(UserFederatedIdentities, function() {
+        return {
+            realm : $route.current.params.realm,
+            user : $route.current.params.user
+        }
+    });
+});
+
+module.factory('UserConsentsLoader', function(Loader, UserConsents, $route, $q) {
+    return Loader.query(UserConsents, function() {
+        return {
+            realm : $route.current.params.realm,
+            user : $route.current.params.user
+        }
+    });
+});
+
+
+
+module.factory('RoleLoader', function(Loader, RoleById, $route, $q) {
+    return Loader.get(RoleById, function() {
+        return {
+            realm : $route.current.params.realm,
+            role : $route.current.params.role
+        }
+    });
+});
+
+module.factory('RoleListLoader', function(Loader, Role, $route, $q) {
+    return Loader.query(Role, function() {
+        return {
+            realm : $route.current.params.realm
+        }
+    });
+});
+
+module.factory('ClientRoleLoader', function(Loader, RoleById, $route, $q) {
+    return Loader.get(RoleById, function() {
+        return {
+            realm : $route.current.params.realm,
+            client : $route.current.params.client,
+            role : $route.current.params.role
+        }
+    });
+});
+
+module.factory('ClientSessionStatsLoader', function(Loader, ClientSessionStats, $route, $q) {
+    return Loader.get(ClientSessionStats, function() {
+        return {
+            realm : $route.current.params.realm,
+            client : $route.current.params.client
+        }
+    });
+});
+
+module.factory('ClientSessionCountLoader', function(Loader, ClientSessionCount, $route, $q) {
+    return Loader.get(ClientSessionCount, function() {
+        return {
+            realm : $route.current.params.realm,
+            client : $route.current.params.client
+        }
+    });
+});
+
+module.factory('ClientOfflineSessionCountLoader', function(Loader, ClientOfflineSessionCount, $route, $q) {
+    return Loader.get(ClientOfflineSessionCount, function() {
+        return {
+            realm : $route.current.params.realm,
+            client : $route.current.params.client
+        }
+    });
+});
+
+module.factory('ClientClaimsLoader', function(Loader, ClientClaims, $route, $q) {
+    return Loader.get(ClientClaims, function() {
+        return {
+            realm : $route.current.params.realm,
+            client : $route.current.params.client
+        }
+    });
+});
+
+module.factory('ClientRoleListLoader', function(Loader, ClientRole, $route, $q) {
+    return Loader.query(ClientRole, function() {
+        return {
+            realm : $route.current.params.realm,
+            client : $route.current.params.client
+        }
+    });
+});
+
+
+
+module.factory('ClientLoader', function(Loader, Client, $route, $q) {
+    return Loader.get(Client, function() {
+        return {
+            realm : $route.current.params.realm,
+            client : $route.current.params.client
+        }
+    });
+});
+
+module.factory('ClientListLoader', function(Loader, Client, $route, $q) {
+    return Loader.query(Client, function() {
+        return {
+            realm : $route.current.params.realm
+        }
+    });
+});
+
+module.factory('ClientTemplateLoader', function(Loader, ClientTemplate, $route, $q) {
+    return Loader.get(ClientTemplate, function() {
+        return {
+            realm : $route.current.params.realm,
+            template : $route.current.params.template
+        }
+    });
+});
+
+module.factory('ClientTemplateListLoader', function(Loader, ClientTemplate, $route, $q) {
+    return Loader.query(ClientTemplate, function() {
+        return {
+            realm : $route.current.params.realm
+        }
+    });
+});
+
+module.factory('ClientServiceAccountUserLoader', function(Loader, ClientServiceAccountUser, $route, $q) {
+    return Loader.get(ClientServiceAccountUser, function() {
+        return {
+            realm : $route.current.params.realm,
+            client : $route.current.params.client
+        }
+    });
+});
+
+
+module.factory('RoleMappingLoader', function(Loader, RoleMapping, $route, $q) {
+	var realm = $route.current.params.realm || $route.current.params.client;
+
+	return Loader.query(RoleMapping, function() {
+		return {
+			realm : realm,
+			role : $route.current.params.role
+		}
+	});
+});
+
+module.factory('IdentityProviderLoader', function(Loader, IdentityProvider, $route, $q) {
+    return Loader.get(IdentityProvider, function () {
+        return {
+            realm: $route.current.params.realm,
+            alias: $route.current.params.alias
+        }
+    });
+});
+
+module.factory('IdentityProviderFactoryLoader', function(Loader, IdentityProviderFactory, $route, $q) {
+    return Loader.get(IdentityProviderFactory, function () {
+        return {
+            realm: $route.current.params.realm,
+            provider_id: $route.current.params.provider_id
+        }
+    });
+});
+
+module.factory('IdentityProviderMapperTypesLoader', function(Loader, IdentityProviderMapperTypes, $route, $q) {
+    return Loader.get(IdentityProviderMapperTypes, function () {
+        return {
+            realm: $route.current.params.realm,
+            alias: $route.current.params.alias
+        }
+    });
+});
+
+module.factory('IdentityProviderMappersLoader', function(Loader, IdentityProviderMappers, $route, $q) {
+    return Loader.query(IdentityProviderMappers, function () {
+        return {
+            realm: $route.current.params.realm,
+            alias: $route.current.params.alias
+        }
+    });
+});
+
+module.factory('IdentityProviderMapperLoader', function(Loader, IdentityProviderMapper, $route, $q) {
+    return Loader.get(IdentityProviderMapper, function () {
+        return {
+            realm: $route.current.params.realm,
+            alias: $route.current.params.alias,
+            mapperId: $route.current.params.mapperId
+        }
+    });
+});
+
+module.factory('AuthenticationFlowsLoader', function(Loader, AuthenticationFlows, $route, $q) {
+    return Loader.query(AuthenticationFlows, function() {
+        return {
+            realm : $route.current.params.realm,
+            flow: ''
+        }
+    });
+});
+
+module.factory('AuthenticationFormProvidersLoader', function(Loader, AuthenticationFormProviders, $route, $q) {
+    return Loader.query(AuthenticationFormProviders, function() {
+        return {
+            realm : $route.current.params.realm
+        }
+    });
+});
+
+module.factory('AuthenticationFormActionProvidersLoader', function(Loader, AuthenticationFormActionProviders, $route, $q) {
+    return Loader.query(AuthenticationFormActionProviders, function() {
+        return {
+            realm : $route.current.params.realm
+        }
+    });
+});
+
+module.factory('AuthenticatorProvidersLoader', function(Loader, AuthenticatorProviders, $route, $q) {
+    return Loader.query(AuthenticatorProviders, function() {
+        return {
+            realm : $route.current.params.realm
+        }
+    });
+});
+
+module.factory('ClientAuthenticatorProvidersLoader', function(Loader, ClientAuthenticatorProviders, $route, $q) {
+    return Loader.query(ClientAuthenticatorProviders, function() {
+        return {
+            realm : $route.current.params.realm
+        }
+    });
+});
+
+module.factory('AuthenticationFlowLoader', function(Loader, AuthenticationFlows, $route, $q) {
+    return Loader.get(AuthenticationFlows, function() {
+        return {
+            realm : $route.current.params.realm,
+            flow: $route.current.params.flow
+        }
+    });
+});
+
+module.factory('AuthenticationConfigDescriptionLoader', function(Loader, AuthenticationConfigDescription, $route, $q) {
+    return Loader.get(AuthenticationConfigDescription, function () {
+        return {
+            realm: $route.current.params.realm,
+            provider: $route.current.params.provider
+        }
+    });
+});
+
+module.factory('PerClientAuthenticationConfigDescriptionLoader', function(Loader, PerClientAuthenticationConfigDescription, $route, $q) {
+    return Loader.get(PerClientAuthenticationConfigDescription, function () {
+        return {
+            realm: $route.current.params.realm
+        }
+    });
+});
+
+module.factory('ExecutionIdLoader', function($route) {
+    return function() { return $route.current.params.executionId; };
+});
+
+module.factory('AuthenticationConfigLoader', function(Loader, AuthenticationConfig, $route, $q) {
+    return Loader.get(AuthenticationConfig, function () {
+        return {
+            realm: $route.current.params.realm,
+            config: $route.current.params.config
+        }
+    });
+});
+
+module.factory('GroupListLoader', function(Loader, Groups, $route, $q) {
+    return Loader.query(Groups, function() {
+        return {
+            realm : $route.current.params.realm
+        }
+    });
+});
+
+module.factory('GroupCountLoader', function(Loader, GroupsCount, $route, $q) {
+    return Loader.query(GroupsCount, function() {
+        return {
+            realm : $route.current.params.realm,
+            top : true
+        }
+    });
+});
+
+module.factory('GroupLoader', function(Loader, Group, $route, $q) {
+    return Loader.get(Group, function() {
+        return {
+            realm : $route.current.params.realm,
+            groupId : $route.current.params.group
+        }
+    });
+});
+
+module.factory('ClientInitialAccessLoader', function(Loader, ClientInitialAccess, $route) {
+    return Loader.query(ClientInitialAccess, function() {
+        return {
+            realm: $route.current.params.realm
+        }
+    });
+});
+
+module.factory('ClientRegistrationPolicyProvidersLoader', function(Loader, ClientRegistrationPolicyProviders, $route) {
+    return Loader.query(ClientRegistrationPolicyProviders, function() {
+        return {
+            realm: $route.current.params.realm
+        }
+    });
+});
+
+
+
+
+
+

admin/resources/partials/authentication-flow-bindings.html

@@ -0,0 +1,83 @@
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+    <h1>{{:: 'authentication' | translate}}</h1>
+
+    <kc-tabs-authentication></kc-tabs-authentication>
+
+    <form class="form-horizontal" name="realmForm" novalidate kc-read-only="!access.manageRealm">
+        <div class="form-group">
+            <label for="browser" class="col-md-2 control-label">{{:: 'browser-flow' | translate}}</label>
+            <div class="col-md-2">
+                <div>
+                    <select id="browser" ng-model="realm.browserFlow" class="form-control" ng-options="flow.alias as flow.alias for flow in flows">
+                    </select>
+                </div>
+            </div>
+            <kc-tooltip>{{:: 'browser-flow.tooltip' | translate}}</kc-tooltip>
+        </div>
+        <div class="form-group">
+            <label for="registration" class="col-md-2 control-label">{{:: 'registration-flow' | translate}}</label>
+            <div class="col-md-2">
+                <div>
+                    <select id="registration" ng-model="realm.registrationFlow" class="form-control" ng-options="flow.alias as flow.alias for flow in flows">
+                    </select>
+                </div>
+            </div>
+            <kc-tooltip>{{:: 'registration-flow.tooltip' | translate}}</kc-tooltip>
+        </div>
+        <div class="form-group">
+            <label for="grant" class="col-md-2 control-label">{{:: 'direct-grant-flow' | translate}}</label>
+            <div class="col-md-2">
+                <div>
+                    <select id="grant" ng-model="realm.directGrantFlow" class="form-control" ng-options="flow.alias as flow.alias for flow in flows">
+                    </select>
+                </div>
+            </div>
+            <kc-tooltip>{{:: 'direct-grant-flow.tooltip' | translate}}</kc-tooltip>
+        </div>
+
+        <div class="form-group">
+            <label for="resetCredentials" class="col-md-2 control-label">{{:: 'reset-credentials' | translate}}</label>
+            <div class="col-md-2">
+                <div>
+                    <select id="resetCredentials" ng-model="realm.resetCredentialsFlow" class="form-control" ng-options="flow.alias as flow.alias for flow in flows">
+                    </select>
+                </div>
+            </div>
+            <kc-tooltip>{{:: 'reset-credentials.tooltip' | translate}}</kc-tooltip>
+        </div>
+
+        <div class="form-group">
+            <label for="clientAuthentication" class="col-md-2 control-label">{{:: 'client-authentication' | translate}}</label>
+            <div class="col-md-2">
+                <div>
+                    <select id="clientAuthentication" ng-model="realm.clientAuthenticationFlow" class="form-control" ng-options="flow.alias as flow.alias for flow in clientFlows">
+                    </select>
+                </div>
+            </div>
+            <kc-tooltip>{{:: 'client-authentication.tooltip' | translate}}</kc-tooltip>
+        </div>
+
+
+        <div class="form-group" data-ng-show="serverInfo.featureEnabled('DOCKER')">
+            <label for="dockerAuth" class="col-md-2 control-label">{{:: 'docker-auth' | translate}}</label>
+            <div class="col-md-2">
+                <div>
+                    <select id="dockerAuth" ng-model="realm.dockerAuthenticationFlow" class="form-control" ng-options="flow.alias as flow.alias for flow in flows">
+                    </select>
+                </div>
+            </div>
+            <kc-tooltip>{{:: 'docker-auth.tooltip' | translate}}</kc-tooltip>
+        </div>
+
+        <div class="form-group" data-ng-show="access.manageRealm">
+            <div class="col-md-10 col-md-offset-2">
+                <button kc-save data-ng-disabled="!changed">{{:: 'save' | translate}}</button>
+                <button kc-reset data-ng-disabled="!changed">{{:: 'cancel' | translate}}</button>
+            </div>
+        </div>
+    </form>
+
+</div>
+
+
+<kc-menu></kc-menu>

admin/resources/partials/authentication-flows.html

@@ -0,0 +1,69 @@
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+    <h1>{{:: 'authentication' | translate}}</h1>
+
+    <kc-tabs-authentication></kc-tabs-authentication>
+
+    <table class="table table-striped table-bordered">
+        <thead>
+        <tr>
+            <th colspan="{{levelmax + 1 + choicesmax + 4}}" class="kc-table-actions">
+                <div class="dropdown pull-left">
+                    <select class="form-control" ng-model="flow"
+                            ng-options="(flow.alias|capitalize) for flow in flows"
+                            data-ng-change="selectFlow(flow)">
+                    </select>
+                </div>
+                &nbsp;&nbsp;<i class="fa fa-question-circle text-muted" tooltip-trigger="mouseover mouseout" tooltip="{{flow.description}}" tooltip-placement="right"> </i>
+                <div class="pull-right" data-ng-show="access.manageRealm">
+                    <button class="btn btn-default" data-ng-click="createFlow()">{{:: 'new' | translate}}</button>
+                    <button class="btn btn-default" data-ng-click="copyFlow()">{{:: 'copy' | translate}}</button>
+                    <button class="btn btn-default" data-ng-hide="flow.builtIn" data-ng-click="deleteFlow()">{{:: 'delete' | translate}}</button>
+                    <button class="btn btn-default" data-ng-hide="flow.builtIn" data-ng-click="addExecution()">{{:: 'add-execution' | translate}}</button>
+                    <button class="btn btn-default" data-ng-hide="flow.builtIn || flow.providerId === 'client-flow'" data-ng-click="addFlow()">{{:: 'add-flow' | translate}}</button>
+                </div>
+            </th>
+         </tr>
+        <tr data-ng-hide="executions.length == 0">
+            <th colspan="{{levelmax + 1}}">{{:: 'auth-type' | translate}}</th>
+            <th colspan="{{choicesmax}}">{{:: 'requirement' | translate}}</th>
+            <th>&nbsp;</th>
+        </tr>
+        </thead>
+        <tbody>
+        <tr ng-repeat="execution in executions" data-ng-show="executions.length > 0">
+            <td ng-repeat="lev in execution.preLevels"></td>
+            <td class="kc-sorter">
+                    <button data-ng-hide="flow.builtIn" data-ng-disabled="$first" class="btn btn-default btn-sm" data-ng-click="raisePriority(execution)"><i class="fa fa-angle-up"></i></button>
+                    <button data-ng-hide="flow.builtIn" data-ng-disabled="$last" class="btn btn-default btn-sm" data-ng-click="lowerPriority(execution)"><i class="fa fa-angle-down"></i></button>
+                    <span>{{execution.displayName|capitalize}}<span ng-if="execution.alias">({{execution.alias}})</span></span>
+            </td>
+            <td ng-repeat="lev in execution.postLevels"></td>
+            <td ng-repeat="choice in execution.requirementChoices">
+            <label>
+                <input type="radio" ng-model="execution.requirement" ng-value="choice" ng-change="updateExecution(execution)">
+                {{choice}}
+            </label>
+
+            </td>
+            <td ng-repeat="emptee in execution.empties"></td>
+            <td>
+                <div class="dropdown" data-ng-hide="flow.builtIn && !execution.configurable">
+                    <a href="#" class="dropdown-toggle" data-toggle="dropdown">{{:: 'actions' | translate}} <b class="caret"></b></a>
+                    <ul class="dropdown-menu"  >
+                        <li data-ng-hide="flow.builtIn"><a href="" ng-click="removeExecution(execution)">{{:: 'delete' | translate}}</a></li>
+                        <li data-ng-hide="flow.builtIn || !execution.authenticationFlow"><a href="" ng-click="addSubFlowExecution(execution)">{{:: 'add-execution' | translate}}</a></li>
+                        <li data-ng-hide="flow.builtIn || !execution.authenticationFlow"><a href="" ng-click="addSubFlow(execution)">{{:: 'add-flow' | translate}}</a></li>
+                        <li data-ng-show="execution.configurable && execution.authenticationConfig == null"><a href="#/create/authentication/{{realm.realm}}/flows/{{flow.id}}/execution/{{execution.id}}/provider/{{execution.providerId}}">{{:: 'config' | translate}}</a></li>
+                        <li data-ng-show="execution.configurable && execution.authenticationConfig != null"><a href="#/realms/{{realm.realm}}/authentication/flows/{{flow.id}}/config/{{execution.providerId}}/{{execution.authenticationConfig}}">{{:: 'config' | translate}}</a></li>
+                    </ul>
+                </div>
+            </td>
+         </tr>
+        <tr data-ng-show="executions.length == 0">
+            <td>{{:: 'no-executions-available' | translate}}</td>
+        </tr>
+        </tbody>
+    </table>
+</div>
+
+<kc-menu></kc-menu>

admin/resources/partials/authenticator-config.html

@@ -0,0 +1,55 @@
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+
+    <ol class="breadcrumb">
+        <li><a href="#/realms/{{realm.realm}}/authentication/flows">{{:: 'authentication-flows' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/authentication/flows/{{flow.alias}}">{{flow.alias | capitalize}}</a></li>
+        <li class="active" data-ng-show="create">{{:: 'create-authenticator-config' | translate}}</li>
+        <li class="active" data-ng-show="!create && config.alias">{{config.alias}}</li>
+        <li class="active" data-ng-show="!create && !config.alias">{{config.id}}</li>
+    </ol>
+
+    <h1 data-ng-show="create">{{:: 'create-authenticator-config' | translate}}</h1>
+    <h1 data-ng-hide="create">
+        <span data-ng-show="config.alias">{{config.alias|capitalize}}</span>
+        <span data-ng-show="!config.alias">{{config.id}}</span>
+        <a><i class="pficon pficon-delete clickable" data-ng-show="!create && access.manageRealm" data-ng-hide="changed" data-ng-click="remove()"></i></a>
+    </h1>
+
+    <form class="form-horizontal" name="realmForm" novalidate kc-read-only="!access.manageRealm">
+        <input type="text" readonly value="this is not a login form" style="display: none;">
+        <input type="password" readonly value="this is not a login form" style="display: none;">
+
+        <fieldset>
+            <div class="form-group clearfix" data-ng-show="!create">
+                <label class="col-md-2 control-label" for="configId">{{:: 'id' | translate}} </label>
+                <div class="col-md-6">
+                    <input class="form-control" id="configId" type="text" ng-model="config.id" readonly>
+                </div>
+            </div>
+            <div class="form-group clearfix">
+                <label class="col-md-2 control-label" for="name">{{:: 'alias' | translate}}</label>
+                <div class="col-md-6">
+                    <input class="form-control" id="name" type="text" ng-model="config.alias" data-ng-readonly="!create">
+                </div>
+                <kc-tooltip>{{:: 'authenticator.alias.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <kc-provider-config realm="realm" config="config.config" properties="configType.properties"></kc-provider-config>
+        </fieldset>
+
+        <div class="form-group">
+            <div class="col-md-10 col-md-offset-2" data-ng-show="create && access.manageRealm">
+                <button kc-save>{{:: 'save' | translate}}</button>
+                <button kc-cancel data-ng-click="cancel()">{{:: 'cancel' | translate}}</button>
+            </div>
+        </div>
+
+        <div class="form-group">
+            <div class="col-md-10 col-md-offset-2" data-ng-show="!create && access.manageRealm">
+                <button kc-save  data-ng-disabled="!changed">{{:: 'save' | translate}}</button>
+                <button kc-reset data-ng-disabled="!changed">{{:: 'cancel' | translate}}</button>
+            </div>
+        </div>
+    </form>
+</div>
+
+<kc-menu></kc-menu>

admin/resources/partials/authz/mgmt/broker-permissions.html

@@ -0,0 +1,40 @@
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+    <ol class="breadcrumb">
+        <li><a href="#/realms/{{realm.realm}}/identity-provider-settings">{{:: 'identity-providers' | translate}}</a></li>
+        <li data-ng-show="!newIdentityProvider && identityProvider.displayName">{{identityProvider.displayName}}</li>
+        <li data-ng-show="!newIdentityProvider && !identityProvider.displayName">{{identityProvider.alias}}</li>
+    </ol>
+
+    <kc-tabs-identity-provider></kc-tabs-identity-provider>
+
+    <form class=form-horizontal" name="enableForm" novalidate kc-read-only="!access.manageIdentityProviders || !access.manageAuthorization">
+        <fieldset class="border-top">
+        <div class="form-group">
+            <label class="col-md-2 control-label" for="permissionsEnabled">{{:: 'permissions-enabled-role' | translate}}</label>
+            <div class="col-md-6">
+                <input ng-model="permissions.enabled" name="permissionsEnabled" id="permissionsEnabled" ng-disabled="!access.manageAuthorization" onoffswitch on-text="{{:: 'onText' | translate}}" off-text="{{:: 'offText' | translate}}"/>
+            </div>
+            <kc-tooltip>{{:: 'permissions-enabled-role.tooltip' | translate}}</kc-tooltip>
+        </div>
+        </fieldset>
+    </form>
+    <table class="datatable table table-striped table-bordered dataTable no-footer" data-ng-show="permissions.enabled">
+        <thead>
+        <tr>
+            <th>{{:: 'scope-name' | translate}}</th>
+            <th>{{:: 'description' | translate}}</th>
+            <th colspan="2">{{:: 'actions' | translate}}</th>
+        </tr>
+        </thead>
+        <tbody>
+        <tr ng-repeat="(scopeName, scopeId) in permissions.scopePermissions">
+            <td><a href="#/realms/{{realm.realm}}/clients/{{realmManagementClientId}}/authz/resource-server/permission/scope/{{scopeId}}">{{scopeName}}</a></td>
+            <td translate="{{scopeName}}-authz-idp-scope-description"></td>
+            <td class="kc-action-cell" kc-open="/realms/{{realm.realm}}/clients/{{realmManagementClientId}}/authz/resource-server/permission/scope/{{scopeId}}">{{:: 'edit' | translate}}</td>
+        </tr>
+        </tbody>
+    </table>
+
+</div>
+
+<kc-menu></kc-menu>

admin/resources/partials/authz/mgmt/client-permissions.html

@@ -0,0 +1,39 @@
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+    <ol class="breadcrumb">
+        <li><a href="#/realms/{{realm.realm}}/clients">{{:: 'clients' | translate}}</a></li>
+        <li>{{client.clientId}}</li>
+    </ol>
+
+    <kc-tabs-client></kc-tabs-client>
+
+    <form class=form-horizontal" name="enableForm" novalidate kc-read-only="!client.access.manage || !access.manageAuthorization">
+        <fieldset class="border-top">
+        <div class="form-group">
+            <label class="col-md-2 control-label" for="permissionsEnabled">{{:: 'permissions-enabled-role' | translate}}</label>
+            <div class="col-md-6">
+                <input ng-model="permissions.enabled" name="permissionsEnabled" id="permissionsEnabled" ng-disabled="!access.manageAuthorization" onoffswitch on-text="{{:: 'onText' | translate}}" off-text="{{:: 'offText' | translate}}"/>
+            </div>
+            <kc-tooltip>{{:: 'permissions-enabled-role.tooltip' | translate}}</kc-tooltip>
+        </div>
+        </fieldset>
+    </form>
+    <table class="datatable table table-striped table-bordered dataTable no-footer" data-ng-show="permissions.enabled">
+        <thead>
+        <tr>
+            <th>{{:: 'scope-name' | translate}}</th>
+            <th>{{:: 'description' | translate}}</th>
+            <th colspan="2">{{:: 'actions' | translate}}</th>
+        </tr>
+        </thead>
+        <tbody>
+        <tr ng-repeat="(scopeName, scopeId) in permissions.scopePermissions">
+            <td><a href="#/realms/{{realm.realm}}/clients/{{realmManagementClientId}}/authz/resource-server/permission/scope/{{scopeId}}">{{scopeName}}</a></td>
+            <td translate="{{scopeName}}-authz-client-scope-description"></td>
+            <td class="kc-action-cell" kc-open="/realms/{{realm.realm}}/clients/{{realmManagementClientId}}/authz/resource-server/permission/scope/{{scopeId}}">{{:: 'edit' | translate}}</td>
+        </tr>
+        </tbody>
+    </table>
+
+</div>
+
+<kc-menu></kc-menu>

admin/resources/partials/authz/mgmt/client-role-permissions.html

@@ -0,0 +1,40 @@
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+    <ol class="breadcrumb">
+        <li><a href="#/realms/{{realm.realm}}/clients">{{:: 'clients' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}">{{client.clientId}}</a></li>
+        <li>{{role.name}}</li>
+    </ol>
+
+    <kc-tabs-client-role></kc-tabs-client-role>
+
+    <form class=form-horizontal" name="enableForm" novalidate kc-read-only="!client.access.manage || !access.manageAuthorization">
+        <fieldset class="border-top">
+        <div class="form-group">
+            <label class="col-md-2 control-label" for="permissionsEnabled">{{:: 'permissions-enabled-role' | translate}}</label>
+            <div class="col-md-6">
+                <input ng-model="permissions.enabled" name="permissionsEnabled" id="permissionsEnabled" ng-disabled="!access.manageAuthorization" onoffswitch on-text="{{:: 'onText' | translate}}" off-text="{{:: 'offText' | translate}}"/>
+            </div>
+            <kc-tooltip>{{:: 'permissions-enabled-role.tooltip' | translate}}</kc-tooltip>
+        </div>
+        </fieldset>
+    </form>
+    <table class="datatable table table-striped table-bordered dataTable no-footer" data-ng-show="permissions.enabled">
+        <thead>
+        <tr>
+            <th>{{:: 'scope-name' | translate}}</th>
+            <th>{{:: 'description' | translate}}</th>
+            <th colspan="2">{{:: 'actions' | translate}}</th>
+        </tr>
+        </thead>
+        <tbody>
+        <tr ng-repeat="(scopeName, scopeId) in permissions.scopePermissions">
+            <td><a href="#/realms/{{realm.realm}}/clients/{{realmManagementClientId}}/authz/resource-server/permission/scope/{{scopeId}}">{{scopeName}}</a></td>
+            <td translate="{{scopeName}}-authz-role-scope-description"></td>
+            <td class="kc-action-cell" kc-open="/realms/{{realm.realm}}/clients/{{realmManagementClientId}}/authz/resource-server/permission/scope/{{scopeId}}">{{:: 'edit' | translate}}</td>
+        </tr>
+        </tbody>
+    </table>
+
+</div>
+
+<kc-menu></kc-menu>

admin/resources/partials/authz/mgmt/group-permissions.html

@@ -0,0 +1,39 @@
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+    <ol class="breadcrumb">
+        <li><a href="#/realms/{{realm.realm}}/groups">{{:: 'groups' | translate}}</a></li>
+        <li>{{group.name}}</li>
+    </ol>
+
+    <kc-tabs-group></kc-tabs-group>
+
+    <form class=form-horizontal" name="enableForm" novalidate kc-read-only="!group.access.manage || !access.manageAuthorization">
+        <fieldset class="border-top">
+        <div class="form-group">
+            <label class="col-md-2 control-label" for="permissionsEnabled">{{:: 'permissions-enabled-role' | translate}}</label>
+            <div class="col-md-6">
+                <input ng-model="permissions.enabled" name="permissionsEnabled" id="permissionsEnabled" ng-disabled="!access.manageAuthorization" onoffswitch on-text="{{:: 'onText' | translate}}" off-text="{{:: 'offText' | translate}}"/>
+            </div>
+            <kc-tooltip>{{:: 'permissions-enabled-role.tooltip' | translate}}</kc-tooltip>
+        </div>
+        </fieldset>
+    </form>
+    <table class="datatable table table-striped table-bordered dataTable no-footer" data-ng-show="permissions.enabled">
+        <thead>
+        <tr>
+            <th>{{:: 'scope-name' | translate}}</th>
+            <th>{{:: 'description' | translate}}</th>
+            <th colspan="2">{{:: 'actions' | translate}}</th>
+        </tr>
+        </thead>
+        <tbody>
+        <tr ng-repeat="(scopeName, scopeId) in permissions.scopePermissions">
+            <td><a href="#/realms/{{realm.realm}}/clients/{{realmManagementClientId}}/authz/resource-server/permission/scope/{{scopeId}}">{{scopeName}}</a></td>
+            <td translate="{{scopeName}}-authz-group-scope-description"></td>
+            <td class="kc-action-cell" kc-open="/realms/{{realm.realm}}/clients/{{realmManagementClientId}}/authz/resource-server/permission/scope/{{scopeId}}">{{:: 'edit' | translate}}</td>
+        </tr>
+        </tbody>
+    </table>
+
+</div>
+
+<kc-menu></kc-menu>

admin/resources/partials/authz/mgmt/realm-role-permissions.html

@@ -0,0 +1,39 @@
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+    <ol class="breadcrumb">
+        <li><a href="#/realms/{{realm.realm}}/roles">{{:: 'roles' | translate}}</a></li>
+        <li>{{role.name}}</li>
+    </ol>
+
+    <kc-tabs-role></kc-tabs-role>
+
+    <form class=form-horizontal" name="enableForm" novalidate kc-read-only="!access.manageAuthorization">
+        <fieldset class="border-top">
+        <div class="form-group">
+            <label class="col-md-2 control-label" for="permissionsEnabled">{{:: 'permissions-enabled-role' | translate}}</label>
+            <div class="col-md-6">
+                <input ng-model="permissions.enabled" name="permissionsEnabled" id="permissionsEnabled" ng-disabled="!access.manageAuthorization" onoffswitch on-text="{{:: 'onText' | translate}}" off-text="{{:: 'offText' | translate}}"/>
+            </div>
+            <kc-tooltip>{{:: 'permissions-enabled-role.tooltip' | translate}}</kc-tooltip>
+        </div>
+        </fieldset>
+    </form>
+    <table class="datatable table table-striped table-bordered dataTable no-footer" data-ng-show="permissions.enabled">
+        <thead>
+        <tr>
+            <th>{{:: 'scope-name' | translate}}</th>
+            <th>{{:: 'description' | translate}}</th>
+            <th colspan="2">{{:: 'actions' | translate}}</th>
+        </tr>
+        </thead>
+        <tbody>
+        <tr ng-repeat="(scopeName, scopeId) in permissions.scopePermissions">
+            <td><a href="#/realms/{{realm.realm}}/clients/{{realmManagementClientId}}/authz/resource-server/permission/scope/{{scopeId}}">{{scopeName}}</a></td>
+            <td translate="{{scopeName}}-authz-role-scope-description"></td>
+            <td class="kc-action-cell" kc-open="/realms/{{realm.realm}}/clients/{{realmManagementClientId}}/authz/resource-server/permission/scope/{{scopeId}}">{{:: 'edit' | translate}}</td>
+        </tr>
+        </tbody>
+    </table>
+
+</div>
+
+<kc-menu></kc-menu>

admin/resources/partials/authz/mgmt/users-permissions.html

@@ -0,0 +1,35 @@
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+
+    <kc-tabs-users></kc-tabs-users>
+
+    <form class=form-horizontal" name="enableForm" novalidate kc-read-only="!access.manageAuthorization">
+        <fieldset class="border-top">
+        <div class="form-group">
+            <label class="col-md-2 control-label" for="permissionsEnabled">{{:: 'permissions-enabled-users' | translate}}</label>
+            <div class="col-md-6">
+                <input ng-model="permissions.enabled" name="permissionsEnabled" id="permissionsEnabled" ng-disabled="!access.manageAuthorization" onoffswitch on-text="{{:: 'onText' | translate}}" off-text="{{:: 'offText' | translate}}"/>
+            </div>
+            <kc-tooltip>{{:: 'permissions-enabled-users.tooltip' | translate}}</kc-tooltip>
+        </div>
+        </fieldset>
+    </form>
+    <table class="datatable table table-striped table-bordered dataTable no-footer" data-ng-show="permissions.enabled">
+        <thead>
+        <tr>
+            <th>{{:: 'scope-name' | translate}}</th>
+            <th>{{:: 'description' | translate}}</th>
+            <th colspan="2">{{:: 'actions' | translate}}</th>
+        </tr>
+        </thead>
+        <tbody>
+        <tr ng-repeat="(scopeName, scopeId) in permissions.scopePermissions">
+            <td><a href="#/realms/{{realm.realm}}/clients/{{realmManagementClientId}}/authz/resource-server/permission/scope/{{scopeId}}">{{scopeName}}</a></td>
+            <td translate="{{scopeName}}-authz-users-scope-description"></td>
+            <td class="kc-action-cell" kc-open="/realms/{{realm.realm}}/clients/{{realmManagementClientId}}/authz/resource-server/permission/scope/{{scopeId}}">{{:: 'edit' | translate}}</td>
+        </tr>
+        </tbody>
+    </table>
+
+</div>
+
+<kc-menu></kc-menu>

admin/resources/partials/authz/permission/provider/resource-server-policy-resource-detail.html

@@ -0,0 +1,91 @@
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+
+    <ol class="breadcrumb">
+        <li><a href="#/realms/{{realm.realm}}/clients">{{:: 'clients' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}">{{client.clientId}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server">{{:: 'authz-authorization' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/permission">{{:: 'authz-permissions' | translate}}</a></li>
+        <li data-ng-show="create">{{:: 'authz-add-resource-permission' | translate}}</li>
+        <li data-ng-hide="create">{{originalPolicy.name}}</li>
+    </ol>
+
+    <h1 data-ng-show="create">{{:: 'authz-add-resource-permission' | translate}}</h1>
+    <h1 data-ng-hide="create">{{originalPolicy.name|capitalize}}<i class="pficon pficon-delete clickable" data-ng-click="remove()"></i></h1>
+
+    <form class="form-horizontal" name="clientForm" novalidate>
+        <fieldset class="border-top">
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="name">{{:: 'name' | translate}} <span class="required">*</span></label>
+                <div class="col-sm-6">
+                    <input class="form-control" type="text" id="name" name="name" data-ng-model="policy.name" autofocus required data-ng-blur="checkNewNameAvailability()">
+                </div>
+                <kc-tooltip>{{:: 'authz-permission-name.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="description">{{:: 'description' | translate}} </label>
+                <div class="col-sm-6">
+                    <input class="form-control" type="text" id="description" name="description" data-ng-model="policy.description">
+                </div>
+                <kc-tooltip>{{:: 'authz-permission-description.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="applyToResourceTypeFlag">{{:: 'authz-permission-resource-apply-to-resource-type' | translate}}</label>
+                <div class="col-md-6">
+                    <input ng-model="applyToResourceTypeFlag" id="applyToResourceTypeFlag" onoffswitch data-ng-click="applyToResourceType()"/>
+                </div>
+                <kc-tooltip>{{:: 'authz-permission-resource-apply-to-resource-type.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group clearfix" data-ng-hide="applyToResourceTypeFlag">
+                <label class="col-md-2 control-label" for="resources">{{:: 'authz-resources' | translate}} <span class="required">*</span></label>
+
+                <div class="col-md-6">
+                    <input type="hidden" ui-select2="resourcesUiSelect" id="resources" data-ng-model="selectedResource" data-placeholder="{{:: 'authz-select-resource' | translate}}..." data-ng-required="!applyToResourceTypeFlag"/>
+                </div>
+                <kc-tooltip>{{:: 'authz-permission-resource-resource.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group clearfix" data-ng-show="applyToResourceTypeFlag">
+                <label class="col-md-2 control-label" for="resourceType">{{:: 'authz-resource-type' | translate}} <span class="required">*</span></label>
+
+                <div class="col-md-6">
+                    <input class="form-control" type="text" id="resourceType" name="policy.resourceType" data-ng-model="policy.resourceType" data-ng-required="applyToResourceTypeFlag">
+                </div>
+
+                <kc-tooltip>{{:: 'authz-permission-resource-type.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group clearfix">
+                <label class="col-md-2 control-label" for="policies">{{:: 'authz-policy-apply-policy' | translate}} <span class="required">*</span></label>
+
+                <div class="col-md-6">
+                    <input type="hidden" ui-select2="policiesUiSelect" id="policies" data-ng-model="selectedPolicies" data-placeholder="{{:: 'authz-select-a-policy' | translate}}..." multiple required />
+                </div>
+
+                <kc-tooltip>{{:: 'authz-policy-apply-policy.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group clearfix">
+                <label class="col-md-2 control-label" for="decisionStrategy">{{:: 'authz-policy-decision-strategy' | translate}}</label>
+
+                <div class="col-sm-2">
+                    <select class="form-control" id="decisionStrategy"
+                            data-ng-model="policy.decisionStrategy"
+                            ng-change="selectDecisionStrategy()">
+                        <option value="UNANIMOUS">{{:: 'authz-policy-decision-strategy-unanimous' | translate}}</option>
+                        <option value="AFFIRMATIVE">{{:: 'authz-policy-decision-strategy-affirmative' | translate}}</option>
+                        <option value="CONSENSUS">{{:: 'authz-policy-decision-strategy-consensus' | translate}}</option>
+                    </select>
+                </div>
+
+                <kc-tooltip>{{:: 'authz-policy-decision-strategy.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <input type="hidden" data-ng-model="policy.type"/>
+        </fieldset>
+
+        <div class="form-group" data-ng-show="access.manageAuthorization">
+            <div class="col-md-10 col-md-offset-2">
+                <button kc-save data-ng-disabled="!changed || (selectedPolicies == null || selectedPolicies.length == 0)">{{:: 'save' | translate}}</button>
+                <button kc-reset data-ng-disabled="!changed">{{:: 'cancel' | translate}}</button>
+            </div>
+        </div>
+    </form>
+</div>
+
+<kc-menu></kc-menu>

admin/resources/partials/authz/permission/provider/resource-server-policy-scope-detail.html

@@ -0,0 +1,94 @@
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+
+    <ol class="breadcrumb">
+        <li><a href="#/realms/{{realm.realm}}/clients">{{:: 'clients' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}">{{client.clientId}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server">{{:: 'authz-authorization' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/permission">{{:: 'authz-permissions' | translate}}</a></li>
+        <li data-ng-show="create">{{:: 'authz-add-scope-permission' | translate}}</li>
+        <li data-ng-hide="create">{{originalPolicy.name}}</li>
+    </ol>
+
+    <h1 data-ng-show="create">{{:: 'authz-add-scope-permission' | translate}}</h1>
+    <h1 data-ng-hide="create">{{originalPolicy.name|capitalize}}<i class="pficon pficon-delete clickable" data-ng-click="remove()"></i></h1>
+
+    <form class="form-horizontal" name="clientForm" novalidate>
+        <fieldset class="border-top">
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="name">{{:: 'name' | translate}} <span class="required">*</span></label>
+                <div class="col-sm-6">
+                    <input class="form-control" type="text" id="name" name="name" data-ng-model="policy.name" autofocus required data-ng-blur="checkNewNameAvailability()">
+                </div>
+                <kc-tooltip>{{:: 'authz-permission-name.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="description">{{:: 'description' | translate}} </label>
+                <div class="col-sm-6">
+                    <input class="form-control" type="text" id="description" name="description" data-ng-model="policy.description">
+                </div>
+                <kc-tooltip>{{:: 'authz-permission-description.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group clearfix">
+                <label class="col-md-2 control-label" for="resources">{{:: 'authz-resource' | translate}}</label>
+
+                <div class="col-md-6">
+                    <input type="hidden" ui-select2="resourcesUiSelect" data-ng-change="selectResource()" id="resources" data-ng-model="selectedResource" data-placeholder="{{:: 'authz-any-resource' | translate}}..." />
+                </div>
+                <kc-tooltip>{{:: 'authz-permission-scope-resource.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group clearfix" data-ng-show="selectedResource">
+                <label class="col-md-2 control-label" for="resourceScopes">{{:: 'authz-scopes' | translate}} <span class="required">*</span></label>
+                <div class="col-md-6">
+                    <select ui-select2 id="resourceScopes"
+                            data-ng-model="selectedScopes"
+                            data-placeholder="{{:: 'authz-any-scope' | translate}}..." multiple
+                            data-ng-required="selectedResource != null">
+                        <option ng-repeat="scope in resourceScopes" value="{{scope.id}}">{{scope.name}}</option>
+                    </select>
+                </div>
+                <kc-tooltip>{{:: 'authz-permission-scope-scope.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group clearfix" data-ng-show="!selectedResource">
+                <label class="col-md-2 control-label" for="scopes">{{:: 'authz-scopes' | translate}} <span class="required">*</span></label>
+
+                <div class="col-md-6">
+                    <input type="hidden" ui-select2="scopesUiSelect" id="scopes" data-ng-model="selectedScopes" data-placeholder="{{:: 'authz-any-scope' | translate}}..." multiple data-ng-required="selectedResource == null" />
+                </div>
+                <kc-tooltip>{{:: 'authz-permission-scope-scope.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group clearfix">
+                <label class="col-md-2 control-label" for="policies">{{:: 'authz-policy-apply-policy' | translate}} <span class="required">*</span></label>
+
+                <div class="col-md-6">
+                    <input type="hidden" ui-select2="policiesUiSelect" id="policies" data-ng-model="selectedPolicies" data-placeholder="{{:: 'authz-select-a-policy' | translate}}..." multiple required />
+                </div>
+
+                <kc-tooltip>{{:: 'authz-policy-apply-policy.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group clearfix">
+                <label class="col-md-2 control-label" for="decisionStrategy">{{:: 'authz-policy-decision-strategy' | translate}}</label>
+
+                <div class="col-sm-2">
+                    <select class="form-control" id="decisionStrategy"
+                            data-ng-model="policy.decisionStrategy"
+                            ng-change="selectDecisionStrategy()">
+                        <option value="UNANIMOUS">{{:: 'authz-policy-decision-strategy-unanimous' | translate}}</option>
+                        <option value="AFFIRMATIVE">{{:: 'authz-policy-decision-strategy-affirmative' | translate}}</option>
+                        <option value="CONSENSUS">{{:: 'authz-policy-decision-strategy-consensus' | translate}}</option>
+                    </select>
+                </div>
+
+                <kc-tooltip>{{:: 'authz-policy-decision-strategy.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <input type="hidden" data-ng-model="policy.type"/>
+        </fieldset>
+        <div class="form-group" data-ng-show="access.manageAuthorization">
+            <div class="col-md-10 col-md-offset-2">
+                <button kc-save data-ng-disabled="!changed || ((selectedPolicies == null || selectedPolicies.length == 0) || (selectedScopes == null || selectedScopes.length == 0))">{{:: 'save' | translate}}</button>
+                <button kc-reset data-ng-disabled="!changed">{{:: 'cancel' | translate}}</button>
+            </div>
+        </div>
+    </form>
+</div>
+
+<kc-menu></kc-menu>

admin/resources/partials/authz/permission/resource-server-permission-list.html

@@ -0,0 +1,127 @@
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+
+    <ol class="breadcrumb">
+        <li><a href="#/realms/{{realm.realm}}/clients">{{:: 'clients' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}">{{client.clientId}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server">{{:: 'authz-authorization' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/permission">{{:: 'authz-permissions' | translate}}</a></li>
+    </ol>
+
+    <kc-tabs-resource-server></kc-tabs-resource-server>
+
+    <table class="table table-striped table-bordered">
+        <thead>
+            <tr>
+                <th class="kc-table-actions" colspan="5">
+                    <div class="form-inline">
+                        <div class="form-group">
+                            {{:: 'filter' | translate}}:&nbsp;&nbsp;
+                            <div class="input-group">
+                                <input type="text" placeholder="{{:: 'name' | translate}}" data-ng-model="query.name" class="form-control search" onkeydown="if (event.keyCode == 13) document.getElementById('policySearch').click()">
+                                <div class="input-group-addon">
+                                    <i class="fa fa-search" id="policySearch" type="submit" data-ng-click="firstPage()"></i>
+                                </div>
+                            </div>
+                            <div class="input-group">
+                                <input type="text" placeholder="{{:: 'authz-resource' | translate}}" data-ng-model="query.resource" class="form-control search" onkeydown="if (event.keyCode == 13) document.getElementById('policySearch').click()">
+                                <div class="input-group-addon">
+                                    <i class="fa fa-search" type="submit" data-ng-click="firstPage()"></i>
+                                </div>
+                            </div>
+                            <div class="input-group">
+                                <input type="text" placeholder="{{:: 'authz-scope' | translate}}" data-ng-model="query.scope" class="form-control search" onkeydown="if (event.keyCode == 13) document.getElementById('policySearch').click()">
+                                <div class="input-group-addon">
+                                    <i class="fa fa-search" type="submit" data-ng-click="firstPage()"></i>
+                                </div>
+                            </div>
+                            <div class="input-group">
+                                <select class="form-control search" data-ng-model="query.type"
+                                        ng-options="p.type as p.name group by p.group for p in policyProviders track by p.type" data-ng-change="firstPage()">
+                                    <option value="" selected ng-click="query.type = ''">{{:: 'authz-all-types' | translate}}</option>
+                                </select>
+                            </div>
+                        </div>
+                        <div class="input-group">
+                            <select class="form-control search" data-ng-model="detailsFilter" data-ng-change="searchQuery();">
+                                <option value="" selected>Hide Details</option>
+                                <option value="true">Show Details</option>
+                            </select>
+                        </div>
+                        <div class="pull-right">
+                            <select class="form-control" ng-model="policyType"
+                                    ng-options="p.name for p in policyProviders track by p.type"
+                                    id="create-permission"
+                                    data-ng-change="addPolicy(policyType);">
+                                <option value="" disabled selected>{{:: 'authz-create-permission' | translate}}...</option>
+                            </select>
+                        </div>
+                    </div>
+                </th>
+            </tr>
+            <tr data-ng-hide="policies.length == 0">
+                <th>{{:: 'name' | translate}}</th>
+                <th>{{:: 'description' | translate}}</th>
+                <th>{{:: 'type' | translate}}</th>
+                <th colspan="3">{{:: 'actions' | translate}}</th>
+            </tr>
+        </thead>
+        <tfoot data-ng-show="policies && (policies.length >= query.max || query.first > 0)">
+        <tr>
+            <td colspan="8">
+                <div class="table-nav">
+                    <button data-ng-click="firstPage()" class="first" ng-disabled="query.first == 0">{{:: 'first-page' | translate}}</button>
+                    <button data-ng-click="previousPage()" class="prev" ng-disabled="query.first == 0">{{:: 'previous-page' | translate}}</button>
+                    <button data-ng-click="nextPage()" class="next" ng-disabled="policies.length < query.max">{{:: 'next-page' | translate}}</button>
+                </div>
+            </td>
+        </tr>
+        </tfoot>
+        <tbody>
+            <tr ng-repeat-start="policy in policies | filter: {name: search.name, type: search.type} | orderBy:'name'">
+                <td><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/permission/{{policy.type}}/{{policy.id}}">{{policy.name}}</a></td>
+                <td>{{policy.description}}</td>
+                <td>{{policy.type}}</td>
+                <td ng-if="!policy.details.loaded" class="kc-action-cell" data-ng-click="showDetails(policy);">
+                    {{:: 'authz-show-details' | translate}}
+                </td>
+                <td ng-if="policy.details.loaded" class="kc-action-cell" data-ng-click="showDetails(policy);">
+                    {{:: 'authz-hide-details' | translate}}
+                </td>
+                <td class="kc-action-cell" ng-click="delete(policy);">
+                    {{:: 'delete' | translate}}
+                </td>
+            </tr>
+            <tr ng-if="policy.details && policy.details.loaded" ng-repeat-end="">
+                <td colspan="5">
+                    <div id="details">
+                        <table class="table kc-authz-table-expanded table-striped">
+                            <thead>
+                            <tr>
+                                <th>Associated Policies</th>
+                            </tr>
+                            </thead>
+                            <tbody>
+                            <tr>
+                                <td>
+                                    <span data-ng-show="policy.associatedPolicies && !policy.associatedPolicies.length">{{:: 'authz-no-permission-assigned' | translate}}</span>
+                                    <ul ng-repeat="dep in policy.associatedPolicies" data-ng-show="policy.associatedPolicies.length > 0">
+                                        <li>
+                                            <a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/policy/{{dep.type}}/{{dep.id}}">{{dep.name}}</a>
+                                        </li>
+                                    </ul>
+                                </td>
+                            </tr>
+                            </tbody>
+                        </table>
+                    </div>
+                </td>
+            </tr>
+            <tr data-ng-show="(policies | filter:search).length == 0">
+                <td class="text-muted" colspan="3" data-ng-show="search.name">{{:: 'no-results' | translate}}</td>
+                <td class="text-muted" colspan="3" data-ng-hide="search.name">{{:: 'authz-no-permissions-available' | translate}}</td>
+            </tr>
+        </tbody>
+    </table>
+</div>
+
+<kc-menu></kc-menu>

admin/resources/partials/authz/policy/provider/resource-server-policy-aggregate-detail.html

@@ -0,0 +1,81 @@
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+
+    <ol class="breadcrumb">
+        <li><a href="#/realms/{{realm.realm}}/clients">{{:: 'clients' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}">{{client.clientId}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server">{{:: 'authz-authorization' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/policy">{{:: 'authz-policies' | translate}}</a></li>
+        <li data-ng-show="create">{{:: 'authz-add-aggregated-policy' | translate}}</li>
+        <li data-ng-hide="create">{{:: 'authz-aggregated' | translate}}</li>
+        <li data-ng-hide="create">{{originalPolicy.name}}</li>
+    </ol>
+
+    <h1 data-ng-show="create">{{:: 'authz-add-aggregated-policy' | translate}}</h1>
+    <h1 data-ng-hide="create">{{originalPolicy.name|capitalize}}<i class="pficon pficon-delete clickable" data-ng-show="!create"
+                                                         data-ng-click="remove()"></i></h1>
+
+    <form class="form-horizontal" name="clientForm" novalidate>
+        <fieldset class="border-top">
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="name">{{:: 'name' | translate}} <span class="required">*</span></label>
+                <div class="col-sm-6">
+                    <input class="form-control" type="text" id="name" name="name" data-ng-model="policy.name" autofocus required data-ng-blur="checkNewNameAvailability()">
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-name.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="description">{{:: 'description' | translate}} </label>
+                <div class="col-sm-6">
+                    <input class="form-control" type="text" id="description" name="description" data-ng-model="policy.description">
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-description.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group clearfix">
+                <label class="col-md-2 control-label" for="policies">{{:: 'authz-policy-apply-policy' | translate}} <span class="required">*</span></label>
+
+                <div class="col-md-6">
+                    <input type="hidden" ui-select2="policiesUiSelect" id="policies" data-ng-model="selectedPolicies" data-placeholder="{{:: 'authz-select-a-policy' | translate}}..." multiple required />
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-apply-policy.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group clearfix">
+                <label class="col-md-2 control-label" for="policy.decisionStrategy">{{:: 'authz-policy-decision-strategy' | translate}}</label>
+
+                <div class="col-sm-2">
+                    <select class="form-control" id="policy.decisionStrategy"
+                            data-ng-model="policy.decisionStrategy"
+                            ng-change="selectDecisionStrategy()">
+                        <option value="UNANIMOUS">{{:: 'authz-policy-decision-strategy-unanimous' | translate}}</option>
+                        <option value="AFFIRMATIVE">{{:: 'authz-policy-decision-strategy-affirmative' | translate}}</option>
+                        <option value="CONSENSUS">{{:: 'authz-policy-decision-strategy-consensus' | translate}}</option>
+                    </select>
+                </div>
+
+                <kc-tooltip>{{:: 'authz-policy-decision-strategy.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group clearfix">
+                <label class="col-md-2 control-label" for="logic">{{:: 'authz-policy-logic' | translate}}</label>
+
+                <div class="col-sm-1">
+                    <select class="form-control" id="logic" name="logic"
+                            data-ng-model="policy.logic">
+                        <option value="POSITIVE">{{:: 'authz-policy-logic-positive' | translate}}</option>
+                        <option value="NEGATIVE">{{:: 'authz-policy-logic-negative' | translate}}</option>
+                    </select>
+                </div>
+
+                <kc-tooltip>{{:: 'authz-policy-logic.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <input type="hidden" data-ng-model="policy.type"/>
+        </fieldset>
+
+        <div class="form-group" data-ng-show="access.manageAuthorization">
+            <div class="col-md-10 col-md-offset-2">
+                <button kc-save data-ng-disabled="!changed || (selectedPolicies == null || selectedPolicies.length == 0)">{{:: 'save' | translate}}</button>
+                <button kc-reset data-ng-disabled="!changed">{{:: 'cancel' | translate}}</button>
+            </div>
+        </div>
+    </form>
+</div>
+
+<kc-menu></kc-menu>

admin/resources/partials/authz/policy/provider/resource-server-policy-client-detail.html

@@ -0,0 +1,91 @@
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+
+    <ol class="breadcrumb">
+        <li><a href="#/realms/{{realm.realm}}/clients">{{:: 'clients' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}">{{client.clientId}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server">{{:: 'authz-authorization' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/policy">{{:: 'authz-policies' | translate}}</a></li>
+        <li data-ng-show="create">{{:: 'authz-add-client-policy' | translate}}</li>
+        <li data-ng-hide="create">{{:: 'client' | translate}}</li>
+        <li data-ng-hide="create">{{originalPolicy.name}}</li>
+    </ol>
+
+    <h1 data-ng-show="create">{{:: 'authz-add-client-policy' | translate}}</h1>
+    <h1 data-ng-hide="create">{{originalPolicy.name|capitalize}}<i class="pficon pficon-delete clickable" data-ng-show="!create"
+                                                                   data-ng-click="remove()"></i></h1>
+
+    <form class="form-horizontal" name="clientForm" novalidate>
+        <fieldset class="border-top">
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="name">{{:: 'name' | translate}} <span class="required">*</span></label>
+                <div class="col-sm-6">
+                    <input class="form-control" type="text" id="name" name="name" data-ng-model="policy.name" autofocus required data-ng-blur="checkNewNameAvailability()">
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-name.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="description">{{:: 'description' | translate}} </label>
+                <div class="col-sm-6">
+                    <input class="form-control" type="text" id="description" name="description" data-ng-model="policy.description">
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-description.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group clearfix">
+                <label class="col-md-2 control-label" for="clients">{{:: 'clients' | translate}} <span class="required">*</span></label>
+
+                <div class="col-md-6">
+                    <input type="hidden" ui-select2="clientsUiSelect" id="clients" data-ng-model="selectedClient" data-ng-change="selectClient(selectedClient);" data-placeholder="Select an client..." data-ng-required="selectedClients.length == 0">
+                    </input>
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-client-clients.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group clearfix" style="margin-top: -15px;">
+                <label class="col-md-2 control-label"></label>
+                <div class="col-sm-3">
+                    <table class="table table-striped table-bordered" id="selected-clients">
+                        <thead>
+                        <tr data-ng-hide="!selectedClients.length">
+                            <th>{{:: 'clientId' | translate}}</th>
+                            <th>{{:: 'actions' | translate}}</th>
+                        </tr>
+                        </thead>
+                        <tbody>
+                        <tr ng-repeat="client in selectedClients | orderBy:'clientId'">
+                            <td>{{client.clientId}}</td>
+                            <td class="kc-action-cell">
+                                <button class="btn btn-default btn-block btn-sm" ng-click="removeFromList(client);">{{:: 'remove' | translate}}</button>
+                            </td>
+                        </tr>
+                        <tr data-ng-show="!selectedClients.length">
+                            <td class="text-muted" colspan="3">{{:: 'authz-no-clients-assigned' | translate}}</td>
+                        </tr>
+                        </tbody>
+                    </table>
+                </div>
+            </div>
+            <div class="form-group clearfix">
+                <label class="col-md-2 control-label" for="logic">{{:: 'authz-policy-logic' | translate}}</label>
+
+                <div class="col-sm-1">
+                    <select class="form-control" id="logic"
+                            data-ng-model="policy.logic">
+                        <option value="POSITIVE">{{:: 'authz-policy-logic-positive' | translate}}</option>
+                        <option value="NEGATIVE">{{:: 'authz-policy-logic-negative' | translate}}</option>
+                    </select>
+                </div>
+
+                <kc-tooltip>{{:: 'authz-policy-logic.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <input type="hidden" data-ng-model="policy.type"/>
+        </fieldset>
+
+        <div class="form-group" data-ng-show="access.manageAuthorization">
+            <div class="col-md-10 col-md-offset-2">
+                <button kc-save data-ng-disabled="!changed">{{:: 'save' | translate}}</button>
+                <button kc-reset data-ng-disabled="!changed">{{:: 'cancel' | translate}}</button>
+            </div>
+        </div>
+    </form>
+</div>
+
+<kc-menu></kc-menu>

admin/resources/partials/authz/policy/provider/resource-server-policy-drools-detail.html

@@ -0,0 +1,124 @@
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+
+    <ol class="breadcrumb">
+        <li><a href="#/realms/{{realm.realm}}/clients">{{:: 'clients' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}">{{client.clientId}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server">{{:: 'authz-authorization' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/policy">{{:: 'authz-policies' | translate}}</a></li>
+        <li data-ng-show="create">{{:: 'authz-add-drools-policy' | translate}}</li>
+        <li data-ng-hide="create">Rules</li>
+        <li data-ng-hide="create">{{originalPolicy.name}}</li>
+    </ol>
+
+    <h1 data-ng-show="create">{{:: 'authz-add-drools-policy' | translate}}</h1>
+    <h1 data-ng-hide="create">{{originalPolicy.name|capitalize}}<i class="pficon pficon-delete clickable" data-ng-show="!create"
+                                                         data-ng-click="remove()"></i></h1>
+
+    <form class="form-horizontal" name="clientForm" novalidate>
+        <fieldset class="border-top">
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="name">{{:: 'name' | translate}} <span class="required">*</span></label>
+                <div class="col-sm-6">
+                    <input class="form-control" type="text" id="name" name="name" data-ng-model="policy.name" autofocus required data-ng-blur="checkNewNameAvailability()">
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-name.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="description">{{:: 'description' | translate}} </label>
+                <div class="col-sm-6">
+                    <input class="form-control" type="text" id="description" name="description" data-ng-model="policy.description">
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-description.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="artifactGroupId">{{:: 'authz-policy-drools-maven-artifact' | translate}} <span class="required" data-ng-show="create">*</span></label>
+                <button data-ng-click="resolveModules()" id="resolveModule" class="btn btn-primary">{{:: 'authz-policy-drools-maven-artifact-resolve' | translate}}</button>
+                <div class="col-sm-3">
+                    <input class="form-control" type="text" id="artifactGroupId" name="artifactGroupId" data-ng-model="policy.artifactGroupId" placeholder="Group Identifier" required>
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-drools-maven-artifact.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="artifactId"></label>
+                <div class="col-sm-3">
+                    <input class="form-control" type="text" id="artifactId" name="artifactId" data-ng-model="policy.artifactId" autofocus placeholder="Artifact Identifier" required>
+                </div>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="artifactVersion"></label>
+                <div class="col-sm-3">
+                    <input class="form-control" type="text" id="artifactVersion" name="artifactVersion" data-ng-model="policy.artifactVersion" autofocus placeholder="Version" required>
+                </div>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="moduleName">{{:: 'authz-policy-drools-module' | translate}} <span class="required" data-ng-show="create">*</span></label>
+                <div class="col-sm-3">
+                    <div>
+                        <select class="form-control" id="moduleName"
+                                ng-model="policy.moduleName"
+                                ng-options="moduleName as moduleName for moduleName in drools.moduleNames"
+                                ng-change="resolveSessions()"
+                                ng-disabled="!drools.moduleNames.length"
+                                required>
+                        </select>
+                    </div>
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-drools-module.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="sessionName">{{:: 'authz-policy-drools-session' | translate}} <span class="required" data-ng-show="create">*</span></label>
+                <div class="col-sm-3">
+                    <div>
+                        <select class="form-control" id="sessionName"
+                                ng-model="policy.sessionName"
+                                ng-options="sessionName as sessionName for sessionName in drools.moduleSessions"
+                                ng-disabled="!drools.moduleSessions.length"
+                                required>
+                        </select>
+                    </div>
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-drools-session.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="scannerPeriod">{{:: 'authz-policy-drools-update-period' | translate}}</label>
+                <div class="col-md-6 time-selector">
+                    <input class="form-control" type="number" required min="1" max="31536000" data-ng-model="policy.scannerPeriod" id="scannerPeriod"
+                           name="scannerPeriod"
+                           ng-disabled="!policy.sessionName"/>
+                    <select class="form-control" id="scannerPeriodUnit" name="scannerPeriodUnit"
+                            data-ng-model="policy.scannerPeriodUnit"
+                            ng-disabled="!policy.sessionName">
+                        <option value="Seconds">{{:: 'seconds' | translate}}</option>
+                        <option value="Minutes">{{:: 'minutes' | translate}}</option>
+                        <option value="Hours">{{:: 'hours' | translate}}</option>
+                        <option value="Days">{{:: 'days' | translate}}</option>
+                    </select>
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-drools-update-period.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group clearfix">
+                <label class="col-md-2 control-label" for="logic">{{:: 'authz-policy-logic' | translate}}</label>
+
+                <div class="col-sm-1">
+                    <select class="form-control" id="logic"
+                            data-ng-model="policy.logic">
+                        <option value="POSITIVE">{{:: 'authz-policy-logic-positive' | translate}}</option>
+                        <option value="NEGATIVE">{{:: 'authz-policy-logic-negative' | translate}}</option>
+                    </select>
+                </div>
+
+                <kc-tooltip>{{:: 'authz-policy-logic.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <input type="hidden" data-ng-model="policy.type"/>
+        </fieldset>
+
+        <div class="form-group" data-ng-show="access.manageAuthorization">
+            <div class="col-md-10 col-md-offset-2">
+                <button kc-save data-ng-disabled="!changed">{{:: 'save' | translate}}</button>
+                <button kc-reset data-ng-disabled="!changed">{{:: 'cancel' | translate}}</button>
+            </div>
+        </div>
+    </form>
+</div>
+
+<kc-menu></kc-menu>

admin/resources/partials/authz/policy/provider/resource-server-policy-group-detail.html

@@ -0,0 +1,124 @@
+<!--
+  ~ * Copyright 2017 Red Hat, Inc. and/or its affiliates
+  ~ * and other contributors as indicated by the @author tags.
+  ~ *
+  ~ * Licensed under the Apache License, Version 2.0 (the "License");
+  ~ * you may not use this file except in compliance with the License.
+  ~ * You may obtain a copy of the License at
+  ~ *
+  ~ * http://www.apache.org/licenses/LICENSE-2.0
+  ~ *
+  ~ * Unless required by applicable law or agreed to in writing, software
+  ~ * distributed under the License is distributed on an "AS IS" BASIS,
+  ~ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~ * See the License for the specific language governing permissions and
+  ~ * limitations under the License.
+  -->
+
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+
+    <ol class="breadcrumb">
+        <li><a href="#/realms/{{realm.realm}}/clients">{{:: 'clients' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}">{{client.clientId}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server">{{:: 'authz-authorization' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/policy">{{:: 'authz-policies' | translate}}</a></li>
+        <li data-ng-show="create">{{:: 'authz-add-group-policy' | translate}}</li>
+        <li data-ng-hide="create">{{:: 'groups' | translate}}</li>
+        <li data-ng-hide="create">{{originalPolicy.name}}</li>
+    </ol>
+
+    <h1 data-ng-show="create">{{:: 'authz-add-group-policy' | translate}}</h1>
+    <h1 data-ng-hide="create">{{originalPolicy.name|capitalize}}<i class="pficon pficon-delete clickable" data-ng-show="!create"
+                                                         data-ng-click="remove()"></i></h1>
+
+    <form class="form-horizontal" name="groupPolicyForm" novalidate>
+        <fieldset class="border-top">
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="name">{{:: 'name' | translate}} <span class="required">*</span></label>
+                <div class="col-sm-6">
+                    <input class="form-control" type="text" id="name" name="name" data-ng-model="policy.name" autofocus required data-ng-blur="checkNewNameAvailability()">
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-name.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="description">{{:: 'description' | translate}} </label>
+                <div class="col-sm-6">
+                    <input class="form-control" type="text" id="description" name="description" data-ng-model="policy.description">
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-description.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="groupsClaim">{{:: 'authz-policy-group-claim' | translate}} <span class="required">*</span></label>
+                <div class="col-sm-6">
+                    <input class="form-control" type="text" id="groupsClaim" name="groupsClaim" data-ng-model="policy.groupsClaim" required>
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-group-claim.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="selectedGroups">{{:: 'groups' | translate}} <span class="required">*</span></label>
+                <div class="col-md-6">
+                    <div tree-id="tree"
+                        angular-treeview="true"
+                        tree-model="groupList"
+                        node-id="id"
+                        node-label="name"
+                        node-children="subGroups" >
+                    </div>
+                    <button data-ng-click="selectGroup(tree.currentNode)" id="selectGroup" class="btn btn-primary" data-ng-disabled="tree.currentNode == null">Select</button>
+                    <input class="form-control" type="text" id="selectedGroups" name="selectedGroups" data-ng-model="noop" data-ng-required="selectedGroups.length <= 0" autofocus required data-ng-show="false">
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-user-users.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group" data-ng-if="selectedGroups.length > 0">
+                <label class="col-md-2 control-label"></label>
+                <div class="col-md-5">
+                    <table class="table table-striped table-bordered" id="selected-groups">
+                        <thead>
+                            <tr>
+                                <th>{{:: 'path' | translate}}</th>
+                                <th class="col-sm-3">Extend to Children</th>
+                                <th>{{:: 'actions' | translate}}</th>
+                            </tr>
+                        </thead>
+                        <tbody>
+                            <tr ng-repeat="group in selectedGroups | orderBy:'name' track by $index">
+                                <td>{{group.path}}</td>
+                                <td>
+                                    <input type="checkbox" ng-model="group.extendChildren" id="{{role.id}}" data-ng-click="extendChildren()">
+                                </td>
+                                <td class="kc-action-cell">
+                                    <button class="btn btn-default btn-block btn-sm" ng-click="removeFromList(group);">{{:: 'remove' | translate}}</button>
+                                </td>
+                            </tr>
+                            <tr data-ng-show="!selectedGroups.length">
+                                <td class="text-muted" colspan="3">{{:: 'authz-no-groups-assigned' | translate}}</td>
+                            </tr>
+                        </tbody>
+                    </table>
+                </div>
+            </div>
+            <div class="form-group clearfix">
+                <label class="col-md-2 control-label" for="logic">{{:: 'authz-policy-logic' | translate}}</label>
+
+                <div class="col-sm-1">
+                    <select class="form-control" id="logic"
+                            data-ng-model="policy.logic">
+                        <option value="POSITIVE">{{:: 'authz-policy-logic-positive' | translate}}</option>
+                        <option value="NEGATIVE">{{:: 'authz-policy-logic-negative' | translate}}</option>
+                    </select>
+                </div>
+
+                <kc-tooltip>{{:: 'authz-policy-logic.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <input type="hidden" data-ng-model="policy.type"/>
+        </fieldset>
+        <div class="form-group" data-ng-show="access.manageAuthorization">
+            <div class="col-md-10 col-md-offset-2">
+                <button kc-save data-ng-disabled="!changed">{{:: 'save' | translate}}</button>
+                <button kc-reset data-ng-disabled="!changed">{{:: 'cancel' | translate}}</button>
+            </div>
+        </div>
+    </form>
+</div>
+
+<kc-menu></kc-menu>

admin/resources/partials/authz/policy/provider/resource-server-policy-js-detail.html

@@ -0,0 +1,67 @@
+<style>
+    .ace_editor { height: 200px; }
+</style>
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+
+    <ol class="breadcrumb">
+        <li><a href="#/realms/{{realm.realm}}/clients">{{:: 'clients' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}">{{client.clientId}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server">{{:: 'authz-authorization' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/policy">{{:: 'authz-policies' | translate}}</a></li>
+        <li data-ng-show="create">{{:: 'authz-add-js-policy' | translate}}</li>
+        <li data-ng-hide="create">JavaScript</li>
+        <li data-ng-hide="create">{{originalPolicy.name}}</li>
+    </ol>
+
+    <h1 data-ng-show="create">{{:: 'authz-add-js-policy' | translate}}</h1>
+    <h1 data-ng-hide="create">{{originalPolicy.name|capitalize}}<i class="pficon pficon-delete clickable" data-ng-click="remove()"></i></h1>
+
+    <form class="form-horizontal" name="clientForm" novalidate>
+        <fieldset class="border-top">
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="name">{{:: 'name' | translate}} <span class="required">*</span></label>
+                <div class="col-sm-6">
+                    <input class="form-control" type="text" id="name" name="name" data-ng-model="policy.name" autofocus required data-ng-blur="checkNewNameAvailability()">
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-name.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="description">{{:: 'description' | translate}} </label>
+                <div class="col-sm-6">
+                    <input class="form-control" type="text" id="description" name="description" data-ng-model="policy.description">
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-description.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="code">{{:: 'authz-policy-js-code' | translate}} </label>
+                <div class="col-sm-6">
+                    <div ui-ace="{ onLoad : initEditor }" id="code" data-ng-model="policy.code"></div>
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-js-code.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group clearfix">
+                <label class="col-md-2 control-label" for="logic">{{:: 'authz-policy-logic' | translate}}</label>
+
+                <div class="col-sm-1">
+                    <select class="form-control" id="logic"
+                            data-ng-model="policy.logic">
+                        <option value="POSITIVE">{{:: 'authz-policy-logic-positive' | translate}}</option>
+                        <option value="NEGATIVE">{{:: 'authz-policy-logic-negative' | translate}}</option>
+                    </select>
+                </div>
+
+                <kc-tooltip>{{:: 'authz-policy-logic.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <input type="hidden" data-ng-model="policy.type"/>
+        </fieldset>
+
+        <div class="form-group" data-ng-show="access.manageAuthorization">
+            <div class="col-md-10 col-md-offset-2">
+                <button kc-save data-ng-disabled="!changed">{{:: 'save' | translate}}</button>
+                <button kc-reset data-ng-disabled="!changed">{{:: 'cancel' | translate}}</button>
+            </div>
+        </div>
+    </form>
+</div>
+
+<kc-menu></kc-menu>

admin/resources/partials/authz/policy/provider/resource-server-policy-role-detail.html

@@ -0,0 +1,166 @@
+<!--
+  ~ JBoss, Home of Professional Open Source.
+  ~ Copyright 2016 Red Hat, Inc., and individual contributors
+  ~ as indicated by the @author tags.
+  ~
+  ~ Licensed under the Apache License, Version 2.0 (the "License");
+  ~ you may not use this file except in compliance with the License.
+  ~ You may obtain a copy of the License at
+  ~
+  ~     http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing, software
+  ~ distributed under the License is distributed on an "AS IS" BASIS,
+  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~ See the License for the specific language governing permissions and
+  ~ limitations under the License.
+  -->
+
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+
+    <ol class="breadcrumb">
+        <li><a href="#/realms/{{realm.realm}}/clients">{{:: 'clients' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}">{{client.clientId}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server">{{:: 'authz-authorization' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/policy">{{:: 'authz-policies' | translate}}</a></li>
+        <li data-ng-show="create">{{:: 'authz-add-role-policy' | translate}}</li>
+        <li data-ng-hide="create">{{:: 'roles' | translate}}</li>
+        <li data-ng-hide="create">{{originalPolicy.name}}</li>
+    </ol>
+
+    <h1 data-ng-show="create">{{:: 'authz-add-role-policy' | translate}}</h1>
+    <h1 data-ng-hide="create">{{originalPolicy.name|capitalize}}<i class="pficon pficon-delete clickable" data-ng-show="!create"
+                                                         data-ng-click="remove()"></i></h1>
+
+    <form class="form-horizontal" name="clientForm" novalidate>
+        <fieldset class="border-top">
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="name">{{:: 'name' | translate}} <span class="required">*</span></label>
+                <div class="col-sm-6">
+                    <input class="form-control" type="text" id="name" name="name" data-ng-model="policy.name" autofocus required data-ng-blur="checkNewNameAvailability()">
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-name.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="description">{{:: 'description' | translate}} </label>
+                <div class="col-sm-6">
+                    <input class="form-control" type="text" id="description" name="description" data-ng-model="policy.description">
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-description.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group clearfix">
+                <label class="col-md-2 control-label" for="roles">{{:: 'realm-roles' | translate}} <span class="required">*</span></label>
+
+                <div class="col-md-4">
+                    <select ui-select2="{ minimumInputLength: 1}" id="roles" data-ng-model="selectedRole" data-ng-change="selectRole(selectedRole);" data-placeholder="{{:: 'select-a-role' | translate}}..."
+                            ng-options="role as role.name for role in roles" data-ng-required="selectedRoles.length == 0">
+                        <option></option>
+                    </select>
+                </div>
+
+                <kc-tooltip>{{:: 'authz-policy-role-realm-roles.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group clearfix" style="margin-top: -15px;">
+                <label class="col-md-2 control-label"></label>
+                <div class="col-sm-4" data-ng-show="hasRealmRole()">
+                    <table class="table table-striped table-bordered" id="selected-realm-roles">
+                        <thead>
+                        <tr>
+                            <th class="col-sm-5">{{:: 'name' | translate}}</th>
+                            <th>{{:: 'authz-required' | translate}}</th>
+                            <th>{{:: 'actions' | translate}}</th>
+                        </tr>
+                        </thead>
+                        <tbody>
+                        <tr ng-repeat="role in selectedRoles | orderBy:'name'" ng-if="!role.clientRole">
+                            <td>{{role.name}}</td>
+                            <td><input type="checkbox" ng-model="role.required" id="{{role.id}}"></td>
+                            <td class="kc-action-cell">
+                                <button class="btn btn-default btn-block btn-sm" ng-click="removeFromList(role);">{{:: 'remove' | translate}}</button>
+                            </td>
+                        </tr>
+                        <tr data-ng-show="!selectedRoles.length">
+                            <td class="text-muted" colspan="3">{{:: 'authz-no-roles-assigned' | translate}}</td>
+                        </tr>
+                        </tbody>
+                    </table>
+                </div>
+            </div>
+            <div class="form-group clearfix">
+                <label class="col-md-2 control-label" for="clients">{{:: 'clients' | translate}}</label>
+
+                <div class="col-md-4">
+                    <select class="form-control" id="clients"
+                            ng-model="selectedClient"
+                            ng-change="selectClient()"
+                            data-ng-options="current as current.clientId for current in clients">
+                        <option value="">{{:: 'selectOne' | translate}}...</option>
+                    </select>
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-role-clients.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group clearfix">
+                <label class="col-md-2 control-label" for="clientRoles">{{:: 'client-roles' | translate}} <span class="required">*</span></label>
+
+                <div class="col-md-4">
+                    <select ui-select2="{ minimumInputLength: 1}" id="clientRoles" data-ng-model="selectedRole" data-ng-change="selectRole(selectedRole);" data-placeholder="{{:: 'select-a-role' | translate}}..."
+                            ng-options="role as role.name for role in clientRoles" data-ng-required="selectedRoles.length == 0" data-ng-disabled="!selectedClient">
+                        <option></option>
+                    </select>
+                </div>
+
+                <kc-tooltip>{{:: 'authz-policy-role-client-roles.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group clearfix" style="margin-top: -15px;">
+                <label class="col-md-2 control-label"></label>
+                <div class="col-sm-4" data-ng-show="hasClientRole()">
+                    <table class="table table-striped table-bordered" id="selected-client-roles">
+                        <thead>
+                            <tr>
+                                <th class="col-sm-5">{{:: 'name' | translate}}</th>
+                                <th class="col-sm-5">{{:: 'client' | translate}}</th>
+                                <th>{{:: 'authz-required' | translate}}</th>
+                                <th>{{:: 'actions' | translate}}</th>
+                            </tr>
+                        </thead>
+                        <tbody>
+                            <tr ng-repeat="role in selectedRoles | orderBy:'name'" ng-if="role.clientRole">
+                                <td>{{role.name}}</td>
+                                <td>{{role.container.name}}</td>
+                                <td><input type="checkbox" ng-model="role.required" id="{{role.id}}"></td>
+                                <td class="kc-action-cell">
+                                    <button class="btn btn-default btn-block btn-sm" ng-click="removeFromList(role);">{{:: 'remove' | translate}}</button>
+                                </td>
+                            </tr>
+                            <tr data-ng-show="!selectedRoles.length">
+                                <td class="text-muted" colspan="3">{{:: 'authz-no-roles-assigned' | translate}}</td>
+                            </tr>
+                        </tbody>
+                    </table>
+                </div>
+            </div>
+            <div class="form-group clearfix">
+                <label class="col-md-2 control-label" for="logic">{{:: 'authz-policy-logic' | translate}}</label>
+
+                <div class="col-sm-1">
+                    <select class="form-control" id="logic"
+                            data-ng-model="policy.logic">
+                        <option value="POSITIVE">{{:: 'authz-policy-logic-positive' | translate}}</option>
+                        <option value="NEGATIVE">{{:: 'authz-policy-logic-negative' | translate}}</option>
+                    </select>
+                </div>
+
+                <kc-tooltip>{{:: 'authz-policy-logic.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <input type="hidden" data-ng-model="policy.type"/>
+        </fieldset>
+        <div class="form-group" data-ng-show="access.manageAuthorization">
+            <div class="col-md-10 col-md-offset-2">
+                <button kc-save data-ng-disabled="!changed">{{:: 'save' | translate}}</button>
+                <button kc-reset data-ng-disabled="!changed">{{:: 'cancel' | translate}}</button>
+            </div>
+        </div>
+    </form>
+</div>
+
+<kc-menu></kc-menu>

admin/resources/partials/authz/policy/provider/resource-server-policy-time-detail.html

@@ -0,0 +1,117 @@
+<style>
+    .ace_editor { height: 200px; }
+</style>
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+
+    <ol class="breadcrumb">
+        <li><a href="#/realms/{{realm.realm}}/clients">{{:: 'clients' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}">{{client.clientId}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server">{{:: 'authz-authorization' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/policy">{{:: 'authz-policies' | translate}}</a></li>
+        <li data-ng-show="create">{{:: 'authz-add-time-policy' | translate}}</li>
+        <li data-ng-hide="create">{{:: 'time' | translate}}</li>
+        <li data-ng-hide="create">{{originalPolicy.name}}</li>
+    </ol>
+
+
+    <h1 data-ng-show="create">{{:: 'authz-add-time-policy' | translate}}</h1>
+    <h1 data-ng-hide="create">{{originalPolicy.name|capitalize}}<i class="pficon pficon-delete clickable" data-ng-click="remove()"></i></h1>
+
+    <form class="form-horizontal" name="clientForm" novalidate>
+        <fieldset class="border-top">
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="name">{{:: 'name' | translate}} <span class="required">*</span></label>
+                <div class="col-sm-6">
+                    <input class="form-control" type="text" id="name" name="name" data-ng-model="policy.name" autofocus required data-ng-blur="checkNewNameAvailability()">
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-name.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="description">{{:: 'description' | translate}} </label>
+                <div class="col-sm-6">
+                    <input class="form-control" type="text" id="description" name="description" data-ng-model="policy.description">
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-description.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="notBefore">{{:: 'not-before' | translate}}</label>
+
+                <div class="col-md-6 time-selector">
+                    <input class="form-control" style="width: 150px" type="text" id="notBefore" name="notBefore" data-ng-model="policy.notBefore" placeholder="yyyy-MM-dd hh:mm:ss" data-ng-required="isRequired()">
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-time-not-before.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="notOnOrAfter">{{:: 'authz-policy-time-not-on-after' | translate}}</label>
+
+                <div class="col-md-6 time-selector">
+                    <input class="form-control" style="width: 150px" type="text" id="notOnOrAfter" name="notOnOrAfter" data-ng-model="policy.notOnOrAfter" placeholder="yyyy-MM-dd hh:mm:ss" data-ng-required="isRequired()">
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-time-not-on-after.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="dayMonth">{{:: 'authz-policy-time-day-month' | translate}}</label>
+
+                <div class="col-md-6 time-selector">
+                    <input class="form-control" type="number" min="1" max="31" data-ng-model="policy.dayMonth" id="dayMonth" name="dayMonth" data-ng-required="isRequired()"/>&nbsp;&nbsp;to&nbsp;&nbsp;<input class="form-control" type="number" min="{{policy.dayMonth}}" max="31" data-ng-model="policy.dayMonthEnd" id="dayMonthEnd" name="dayMonthEnd"/>
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-time-day-month.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="month">{{:: 'authz-policy-time-month' | translate}}</label>
+
+                <div class="col-md-6 time-selector">
+                    <input class="form-control" type="number" min="1" max="12" data-ng-model="policy.month" id="month" name="month" data-ng-required="isRequired()"/>&nbsp;&nbsp;to&nbsp;&nbsp;<input class="form-control" type="number" min="{{policy.month}}" max="12" data-ng-model="policy.monthEnd" id="monthEnd" name="monthEnd"/>
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-time-month.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="year">{{:: 'authz-policy-time-year' | translate}}</label>
+
+                <div class="col-md-6 time-selector">
+                    <input class="form-control" type="number" data-ng-model="policy.year" id="year" name="year" data-ng-required="isRequired()"/>&nbsp;&nbsp;to&nbsp;&nbsp;<input class="form-control" type="number" min="{{policy.year}}" max="2050" data-ng-model="policy.yearEnd" id="yearEnd" name="yearEnd"/>
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-time-year.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="hour">{{:: 'authz-policy-time-hour' | translate}}</label>
+
+                <div class="col-md-6 time-selector">
+                    <input class="form-control" type="number" min="0" max="23" data-ng-model="policy.hour" id="hour" name="hour" data-ng-required="isRequired()"/>&nbsp;&nbsp;to&nbsp;&nbsp;<input class="form-control" type="number" min="{{policy.hour}}" max="23" data-ng-model="policy.hourEnd" id="hourEnd" name="hourEnd"/>
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-time-hour.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="minute">{{:: 'authz-policy-time-minute' | translate}}</label>
+
+                <div class="col-md-6 time-selector">
+                    <input class="form-control" type="number" min="0" max="59" data-ng-model="policy.minute" id="minute" name="minute" data-ng-required="isRequired()"/>&nbsp;&nbsp;to&nbsp;&nbsp;<input class="form-control" type="number" min="{{policy.minute}}" max="59" data-ng-model="policy.minuteEnd" id="minuteEnd" name="minuteEnd"/>
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-time-minute.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group clearfix">
+                <label class="col-md-2 control-label" for="logic">{{:: 'authz-policy-logic' | translate}}</label>
+
+                <div class="col-sm-1">
+                    <select class="form-control" id="logic"
+                            data-ng-model="policy.logic">
+                        <option value="POSITIVE">{{:: 'authz-policy-logic-positive' | translate}}</option>
+                        <option value="NEGATIVE">{{:: 'authz-policy-logic-negative' | translate}}</option>
+                    </select>
+                </div>
+
+                <kc-tooltip>{{:: 'authz-policy-logic.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <input type="hidden" data-ng-model="policy.type"/>
+        </fieldset>
+
+        <div class="form-group" data-ng-show="access.manageAuthorization">
+            <div class="col-md-10 col-md-offset-2">
+                <button kc-save data-ng-disabled="!changed">{{:: 'save' | translate}}</button>
+                <button kc-reset data-ng-disabled="!changed">{{:: 'cancel' | translate}}</button>
+            </div>
+        </div>
+    </form>
+</div>
+
+<kc-menu></kc-menu>

admin/resources/partials/authz/policy/provider/resource-server-policy-user-detail.html

@@ -0,0 +1,91 @@
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+
+    <ol class="breadcrumb">
+        <li><a href="#/realms/{{realm.realm}}/clients">{{:: 'clients' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}">{{client.clientId}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server">{{:: 'authz-authorization' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/policy">{{:: 'authz-policies' | translate}}</a></li>
+        <li data-ng-show="create">{{:: 'authz-add-user-policy' | translate}}</li>
+        <li data-ng-hide="create">{{:: 'user' | translate}}</li>
+        <li data-ng-hide="create">{{originalPolicy.name}}</li>
+    </ol>
+
+    <h1 data-ng-show="create">{{:: 'authz-add-user-policy' | translate}}</h1>
+    <h1 data-ng-hide="create">{{originalPolicy.name|capitalize}}<i class="pficon pficon-delete clickable" data-ng-show="!create"
+                                                         data-ng-click="remove()"></i></h1>
+
+    <form class="form-horizontal" name="clientForm" novalidate>
+        <fieldset class="border-top">
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="name">{{:: 'name' | translate}} <span class="required">*</span></label>
+                <div class="col-sm-6">
+                    <input class="form-control" type="text" id="name" name="name" data-ng-model="policy.name" autofocus required data-ng-blur="checkNewNameAvailability()">
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-name.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="description">{{:: 'description' | translate}} </label>
+                <div class="col-sm-6">
+                    <input class="form-control" type="text" id="description" name="description" data-ng-model="policy.description">
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-description.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group clearfix">
+                <label class="col-md-2 control-label" for="users">{{:: 'users' | translate}} <span class="required">*</span></label>
+
+                <div class="col-md-6">
+                    <input type="hidden" ui-select2="usersUiSelect" id="users" data-ng-model="selectedUser" data-ng-change="selectUser(selectedUser);" data-placeholder="Select an user..." data-ng-required="selectedUsers.length == 0"">
+                    </input>
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-user-users.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group clearfix" style="margin-top: -15px;">
+                <label class="col-md-2 control-label"></label>
+                <div class="col-sm-3">
+                    <table class="table table-striped table-bordered" id="selected-users">
+                        <thead>
+                            <tr data-ng-hide="!selectedUsers.length">
+                                <th>{{:: 'username' | translate}}</th>
+                                <th>{{:: 'actions' | translate}}</th>
+                            </tr>
+                        </thead>
+                        <tbody>
+                            <tr ng-repeat="user in selectedUsers | orderBy:'username'">
+                                <td>{{user.username}}</td>
+                                <td class="kc-action-cell">
+                                    <button class="btn btn-default btn-block btn-sm" ng-click="removeFromList(selectedUsers, user);">{{:: 'remove' | translate}}</button>
+                                </td>
+                            </tr>
+                            <tr data-ng-show="!selectedUsers.length">
+                                <td class="text-muted" colspan="3">{{:: 'authz-no-users-assigned' | translate}}</td>
+                            </tr>
+                        </tbody>
+                    </table>
+                </div>
+            </div>
+            <div class="form-group clearfix">
+                <label class="col-md-2 control-label" for="logic">{{:: 'authz-policy-logic' | translate}}</label>
+
+                <div class="col-sm-1">
+                    <select class="form-control" id="logic"
+                            data-ng-model="policy.logic">
+                        <option value="POSITIVE">{{:: 'authz-policy-logic-positive' | translate}}</option>
+                        <option value="NEGATIVE">{{:: 'authz-policy-logic-negative' | translate}}</option>
+                    </select>
+                </div>
+
+                <kc-tooltip>{{:: 'authz-policy-logic.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <input type="hidden" data-ng-model="policy.type"/>
+        </fieldset>
+
+        <div class="form-group" data-ng-show="access.manageAuthorization">
+            <div class="col-md-10 col-md-offset-2">
+                <button kc-save data-ng-disabled="!changed">{{:: 'save' | translate}}</button>
+                <button kc-reset data-ng-disabled="!changed">{{:: 'cancel' | translate}}</button>
+            </div>
+        </div>
+    </form>
+</div>
+
+<kc-menu></kc-menu>

admin/resources/partials/authz/policy/resource-server-policy-evaluate-result.html

@@ -0,0 +1,66 @@
+<fieldset>
+    <form class="form-horizontal" name="clientForm" novalidate>
+        <span data-ng-show="evaluationResult.results.length == 0"><strong>{{:: 'authz-evaluation-no-result' | translate}}</strong></span>
+        <fieldset class="border-top" data-ng-repeat="result in evaluationResult.results">
+            <legend collapsed><span class="text">{{result.resource.name}}</span>
+            </legend>
+            <div class="form-group">
+                <label class="col-md-2 control-label">{{:: 'authz-result' | translate}}</label>
+
+                <div class="col-sm-2">
+                    <div>
+                        <span style="color: green"
+                              data-ng-show="result.status == 'PERMIT'"><strong>{{result.status}}</strong></span>
+                        <span style="color: red"
+                              data-ng-hide="result.status == 'PERMIT'"><strong>{{result.status}}</strong></span>
+                    </div>
+                </div>
+                <kc-tooltip>{{:: 'authz-evaluation-result.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label">{{:: 'authz-scopes' | translate}}</label>
+
+                <div class="col-sm-2">
+                    <span data-ng-show="result.allowedScopes.length == 0">{{:: 'authz-no-scopes-available' | translate}}</span>
+
+                    <div>
+                        <ul>
+                            <li data-ng-repeat="scope in result.allowedScopes">
+                                {{scope.name}}
+                            </li>
+                        </ul>
+                    </div>
+                </div>
+                <kc-tooltip>{{:: 'authz-evaluation-scopes.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group" data-ng-show="!evaluationResult.entitlements">
+                <label class="col-md-2 control-label">{{:: 'authz-policies' | translate}}</label>
+
+                <div class="col-sm-6">
+                    <span data-ng-show="result.policies.length == 0">{{:: 'authz-evaluation-no-policies-resource' | translate}}</span>
+                    <div>
+                        <div>
+                            <li data-ng-repeat="policyResult in result.policies">
+                                <strong><a
+                                        href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/permission/{{policyResult.policy.type}}/{{policyResult.policy.id}}">{{policyResult.policy.name}}</a></strong>
+                                decision was <span style="color: green" data-ng-show="policyResult.status == 'PERMIT'"><strong>{{policyResult.status}}</strong></span>
+                                <span style="color: red" data-ng-hide="policyResult.status == 'PERMIT'"><strong>{{policyResult.status}}</strong></span>
+                                by <strong>{{policyResult.policy.decisionStrategy}}</strong> decision. {{policyResult.policy.scopes.length > 0 ? (policyResult.status == 'DENY' ? 'Denied Scopes:' : 'Granted Scopes:') : ''}} <span data-ng-repeat="scope in policyResult.policy.scopes"><strong style="color: {{(policyResult.status == 'DENY' ? 'red' : 'green')}}">{{scope}}{{$last ? '' : ', '}}</strong></span>{{policyResult.policy.scopes.length > 0 ? '.' : ''}}
+                                <ul>
+                                    <li data-ng-repeat="subPolicy in policyResult.associatedPolicies">
+                                        <strong><a
+                                                href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/policy/{{subPolicy.policy.type}}/{{subPolicy.policy.id}}">{{subPolicy.policy.name}}</a></strong>
+                                        voted to <span style="color: green"
+                                                       data-ng-show="subPolicy.status == 'PERMIT'"><strong>{{subPolicy.status}}</strong></span>
+                                        <span style="color: red" data-ng-hide="subPolicy.status == 'PERMIT'"><strong>{{subPolicy.status}}</strong></span>.</a>
+                                    </li>
+                                </ul>
+                            </li>
+                        </ul>
+                    </div>
+                </div>
+                <kc-tooltip>{{:: 'authz-evaluation-policies.tooltip' | translate}}</kc-tooltip>
+            </div>
+        </fieldset>
+    </form>
+</fieldset>

admin/resources/partials/authz/policy/resource-server-policy-evaluate.html

@@ -0,0 +1,267 @@
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+
+    <ol class="breadcrumb">
+        <li><a href="#/realms/{{realm.realm}}/clients">{{:: 'clients' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}">{{client.clientId}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server">{{:: 'authz-authorization' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/evaluate">{{:: 'authz-policy-evaluation' | translate}}</a></li>
+    </ol>
+
+    <kc-tabs-resource-server></kc-tabs-resource-server>
+
+    <div data-ng-show="showResult">
+        <br>
+        <a href="" data-ng-click="showRequestTab()">{{:: 'back' | translate}}</a>
+        |
+        <a href="" data-ng-click="reevaluate()">{{:: 'authz-evaluation-re-evaluate' | translate}}</a>
+        |
+        <a href="" data-ng-click="showAuthzData()">{{:: 'authz-show-authorization-data' | translate}}</a>
+    </div>
+
+    <div data-ng-show="evaluationResult && !showResult">
+        <br>
+        <a href="" data-ng-click="showResultTab()">{{:: 'authz-evaluation-previous' | translate}}</a>
+    </div>
+
+    <div data-ng-show="showRpt">
+        <div class="form-group">
+            <label class="col-sm-1 control-label" for="rpt">{{:: 'authz-evaluation-authorization-data' | translate}}</label>
+            <div class="col-md-6">
+                <textarea id="rpt" class="form-control" rows="20">{{evaluationResult.rpt | json}}</textarea>
+            </div>
+            <kc-tooltip>{{:: 'authz-evaluation-authorization-data.tooltip' | translate}}</kc-tooltip>
+        </div>
+    </div>
+
+    <div data-ng-hide="showResult">
+        <form class="form-horizontal" name="clientForm" novalidate>
+            <fieldset>
+                <fieldset class="border-top">
+                    <legend><span class="text">{{:: 'authz-evaluation-identity-information' | translate}}</span>
+                        <kc-tooltip>{{:: 'authz-evaluation-identity-information.tooltip' | translate}}</kc-tooltip>
+                    </legend>
+                    <div class="form-group">
+                        <label class="col-md-2 control-label" for="client">{{:: 'client' | translate}}</label>
+
+                        <div class="col-sm-2">
+                            <div>
+                                <select class="form-control" id="client"
+                                        ng-model="authzRequest.clientId"
+                                        ng-options="client.id as client.clientId for client in clients track by client.id">
+                                    <option value="">{{:: 'authz-select-client' | translate}}...</option>
+                                </select>
+                            </div>
+                        </div>
+                        <kc-tooltip>{{:: 'authz-evaluation-client.tooltip' | translate}}</kc-tooltip>
+                    </div>
+                    <div class="form-group clearfix">
+                        <label class="col-md-2 control-label" for="users">{{:: 'user' | translate}} <span class="required"
+                                                                                     data-ng-show="!authzRequest.roleIds || authzRequest.roleIds.length == 0">*</span></label>
+
+                        <div class="col-md-6">
+                            <input type="hidden" ui-select2="usersUiSelect" id="users" data-ng-model="selectedUser" data-ng-change="selectUser(selectedUser);" data-placeholder="{{:: 'authz-select-user' | translate}}..."
+                                   data-ng-required="!authzRequest.roleIds || authzRequest.roleIds.length == 0">
+                            </input>
+                        </div>
+
+                        <kc-tooltip>{{:: 'authz-evaluation-user.tooltip' | translate}}</kc-tooltip>
+                    </div>
+
+                    <div class="form-group clearfix">
+                        <label class="col-md-2 control-label" for="reqActions">{{:: 'roles' | translate}} <span class="required"
+                                                                                           data-ng-show="!authzRequest.userId || authzRequest.userId == null">*</span></label>
+
+                        <div class="col-md-6">
+                            <select ui-select2="{ minimumInputLength: 1}"
+                                    data-ng-model="authzRequest.roleIds"
+                                    data-placeholder="{{:: 'authz-any-role' | translate}}..." multiple
+                                    data-ng-required="!authzRequest.userId || authzRequest.userId == null">
+                                <option ng-repeat="role in roles track by role.id" value="{{role.name}}">{{role.name}}
+                                </option>
+                            </select>
+                        </div>
+
+                        <kc-tooltip>{{:: 'authz-evaluation-role.tooltip' | translate}}</kc-tooltip>
+                    </div>
+                </fieldset>
+                <fieldset>
+                    <legend collapsed><span class="text">{{:: 'authz-evaluation-contextual-info' | translate}}</span>
+                        <kc-tooltip>{{:: 'authz-evaluation-contextual-info.tooltip' | translate}}</kc-tooltip>
+                    </legend>
+                    <div class="form-group clearfix block">
+                        <label class="col-md-2 control-label" for="newRedirectUri">{{:: 'authz-evaluation-contextual-attributes' | translate}}</label>
+
+                        <div class="col-sm-6">
+                            <table class="table table-striped table-bordered">
+                                <thead>
+                                    <tr>
+                                        <th>{{:: 'key' | translate}}</th>
+                                        <th>{{:: 'value' | translate}}</th>
+                                        <th>{{:: 'actions' | translate}}</th>
+                                    </tr>
+                                </thead>
+                                <tbody>
+                                    <tr ng-repeat="(key, value) in (authzRequest.context.attributes)">
+                                        <td>{{getContextAttributeName(key)}}</td>
+                                        <td>
+                                            <select class="form-control" id="attribute-{{key}}"
+                                                    data-ng-model="authzRequest.context.attributes[key]"
+                                                    data-ng-show="getContextAttribute(key).values"
+                                                    ng-options="value1.key as value1.name for value1 in getContextAttribute(key).values">
+                                            </select>
+                                            <input ng-model="authzRequest.context.attributes[key]" class="form-control"
+                                                   type="text" name="{{key}}" id="attribute-{{key}}"
+                                                   data-ng-hide="getContextAttribute(key).values"/>
+                                        </td>
+                                        <td class="kc-action-cell">
+                                            <button class="btn btn-default btn-block btn-sm"
+                                                    data-ng-click="removeContextAttribute(key)">{{:: 'delete' | translate}}
+                                            </button>
+                                        </td>
+                                    </tr>
+                                    <tr>
+                                        <td>
+                                            <select class="form-control" id="newContextAttribute.key"
+                                                    data-ng-model="newContextAttribute"
+                                                    ng-change="selectDefaultContextAttribute()"
+                                                    data-ng-hide="!isDefaultContextAttribute()"
+                                                    ng-options="attribute as attribute.name for attribute in defaultContextAttributes track by attribute.key">
+                                            </select>
+                                            <input ng-model="newContextAttribute.key" class="form-control" type="text"
+                                                   id="newAttributeKey" data-ng-hide="isDefaultContextAttribute()"/>
+                                        </td>
+                                        <td>
+                                            <select class="form-control" id="newContextAttribute.value"
+                                                    data-ng-model="newContextAttribute.value"
+                                                    data-ng-show="newContextAttribute.values"
+                                                    ng-options="value.key as value.name for value in newContextAttribute.values track by value.key">
+                                            </select>
+                                            <input ng-model="newContextAttribute.value" class="form-control" type="text"
+                                                   id="newAttributeValue" data-ng-show="!newContextAttribute.values"/>
+                                        </td>
+                                        <td class="kc-action-cell">
+                                            <button class="btn btn-default btn-block btn-sm"
+                                                    data-ng-click="addContextAttribute()"
+                                                    data-ng-disabled="!newContextAttribute.key || newContextAttribute.key == ''">
+                                                {{:: 'add' | translate}}
+                                            </button>
+                                        </td>
+                                    </tr>
+                                </tbody>
+                            </table>
+                        </div>
+
+                        <kc-tooltip>{{:: 'authz-evaluation-contextual-attributes.tooltip' | translate}}</kc-tooltip>
+                    </div>
+                </fieldset>
+                <fieldset>
+                    <legend><span class="text">{{:: 'authz-permissions' | translate}}</span>
+                        <kc-tooltip>{{:: 'authz-evaluation-permissions.tooltip' | translate}}</kc-tooltip>
+                    </legend>
+                    <div class="form-group">
+                        <label class="col-md-2 control-label" for="applyResourceType">{{:: 'authz-permission-resource-apply-to-resource-type' | translate}}</label>
+
+                        <div class="col-md-6">
+                            <input ng-model="applyResourceType" id="applyResourceType" onoffswitch
+                                   data-ng-click="setApplyToResourceType()"/>
+                        </div>
+                        <kc-tooltip>{{:: 'authz-permission-resource-apply-to-resource-type.tooltip' | translate}}
+                        </kc-tooltip>
+                    </div>
+                    <div class="form-group clearfix" data-ng-hide="applyResourceType">
+                        <label class="col-md-2 control-label" for="reqActions">{{:: 'authz-resources' | translate}} <span class="required">*</span></label>
+
+                        <div class="col-md-6">
+                            <input type="hidden" ui-select2="resourcesUiSelect" id="reqActions3" data-ng-change="resolveScopes()" data-ng-model="newResource" data-placeholder="{{:: 'authz-select-resource' | translate}}..." data-ng-required="!applyResourceType && authzRequest.resources.length == 0 && !authzRequest.entitlements" />
+                        </div>
+                        <kc-tooltip>{{:: 'authz-permission-resource-resource.tooltip' | translate}}</kc-tooltip>
+                    </div>
+                    <div class="form-group clearfix" data-ng-show="applyResourceType">
+                        <label class="col-md-2 control-label" for="newResource.type">{{:: 'authz-resource-type' | translate}} <span
+                                class="required">*</span></label>
+
+                        <div class="col-md-6">
+                            <input class="form-control" type="text" id="newResource.type" name="newResource.type"
+                                   data-ng-model="authzRequest.resources[0].type"
+                                   data-ng-required="applyResourceType && !authzRequest.resources[0].type && !authzRequest.entitlements">
+                        </div>
+
+                        <kc-tooltip>{{:: 'authz-permission-resource-type.tooltip' | translate}}</kc-tooltip>
+                    </div>
+                    <div class="form-group clearfix" data-ng-show="applyResourceType || newResource._id == null">
+                        <label class="col-md-2 control-label" for="newResource.scopes">{{:: 'authz-scopes' | translate}}</label>
+
+                        <div class="col-md-6">
+                            <input type="hidden" ui-select2="scopesUiSelect" id="reqActions" data-ng-model="newScopes" data-placeholder="{{:: 'authz-any-scope' | translate}}..." multiple />
+                        </div>
+
+                        <kc-tooltip>{{:: 'authz-permission-scope-scope.tooltip' | translate}}</kc-tooltip>
+                    </div>
+                    <div class="form-group clearfix" data-ng-show="newResource._id != null">
+                        <label class="col-md-2 control-label" for="newResource.scopes">{{:: 'authz-scopes' | translate}}</label>
+
+                        <div class="col-md-6">
+                            <select ui-select2
+                                    id="newResource.scopes"
+                                    data-ng-model="newScopes"
+                                    data-placeholder="{{:: 'authz-any-scope' | translate}}..." multiple>
+                                <option ng-repeat="scope in scopes" value="{{scope.name}}">{{scope.name}}</option>
+                            </select>
+                        </div>
+
+                        <kc-tooltip>{{:: 'authz-permission-scope-scope.tooltip' | translate}}</kc-tooltip>
+                    </div>
+                    <div class="form-group clearfix block" data-ng-show="!applyResourceType">
+                        <label class="col-md-2 control-label" for="newRedirectUri"></label>
+
+                        <div class="col-sm-6">
+                            <button data-ng-click="addResource()" class="btn btn-primary">Add</button>
+                            <table class="table table-striped table-bordered">
+                                <thead>
+                                    <tr>
+                                        <th>{{:: 'authz-resource' | translate}}</th>
+                                        <th>{{:: 'authz-scopes' | translate}}</th>
+                                        <th>{{:: 'actions' | translate}}</th>
+                                    </tr>
+                                </thead>
+                                <tbody>
+                                    <tr data-ng-show="!authzRequest.resources || authzRequest.resources.length == 0">
+                                        <td colspan="3">
+                                            {{:: 'authz-no-resources' | translate}}
+                                        </td>
+                                    </tr>
+                                    <tr ng-repeat="resource in authzRequest.resources">
+                                        <td>{{resource.name ? resource.name : 'authz-evaluation-any-resource-with-scopes' | translate}}</td>
+                                        <td>
+                                            <span data-ng-show="!resource.scopes.length">{{:: 'authz-any-scope' | translate}}.</span>
+                                            <span data-ng-show="resource.scopes.length > 0">
+                                                <span ng-repeat="scope in resource.scopes">
+                                                    {{scope.name ? scope.name : scope}} {{$last ? '' : ', '}}
+                                                </span>
+                                            </span>
+                                        </td>
+                                        <td class="kc-action-cell">
+                                            <button class="btn btn-default btn-block btn-sm"
+                                                    data-ng-click="removeResource($index)">{{:: 'delete' | translate}}
+                                            </button>
+                                        </td>
+                                    </tr>
+                                </tbody>
+                            </table>
+                        </div>
+                    </div>
+                </fieldset>
+
+                <div class="form-group">
+                    <div class="col-md-10 col-md-offset-2">
+                        <button kc-save data-ng-click="evaluate()">{{:: 'authz-evaluation-evaluate' | translate}}</button>
+                        <button kc-reset data-ng-disabled="!changed">{{:: 'reset' | translate}}</button>
+                    </div>
+                </div>
+            </fieldset>
+        </form>
+    </div>
+    <div data-ng-include="resultUrl" data-ng-show="showResult && !showRpt"/>
+</div>
+
+<kc-menu></kc-menu>

admin/resources/partials/authz/policy/resource-server-policy-list.html

@@ -0,0 +1,128 @@
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+
+    <ol class="breadcrumb">
+        <li><a href="#/realms/{{realm.realm}}/clients">{{:: 'clients' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}">{{client.clientId}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server">{{:: 'authz-authorization' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/policy">{{:: 'authz-policies' | translate}}</a></li>
+    </ol>
+
+    <kc-tabs-resource-server></kc-tabs-resource-server>
+
+    <table class="table table-striped table-bordered">
+        <thead>
+            <tr>
+                <th class="kc-table-actions" colspan="5">
+                    <div class="form-inline">
+                        <div class="form-group">
+                            {{:: 'filter' | translate}}:&nbsp;&nbsp;
+                            <div class="input-group">
+                                <input type="text" placeholder="{{:: 'name' | translate}}" data-ng-model="query.name" class="form-control search" onkeydown="if (event.keyCode == 13) document.getElementById('policySearch').click()">
+                                <div class="input-group-addon">
+                                    <i class="fa fa-search" id="policySearch" type="submit" data-ng-click="firstPage()"></i>
+                                </div>
+                            </div>
+                            <div class="input-group">
+                                <input type="text" placeholder="{{:: 'authz-resource' | translate}}" data-ng-model="query.resource" class="form-control search" onkeydown="if (event.keyCode == 13) document.getElementById('policySearch').click()">
+                                <div class="input-group-addon">
+                                    <i class="fa fa-search" type="submit" data-ng-click="firstPage()"></i>
+                                </div>
+                            </div>
+                            <div class="input-group">
+                                <input type="text" placeholder="{{:: 'authz-scope' | translate}}" data-ng-model="query.scope" class="form-control search" onkeydown="if (event.keyCode == 13) document.getElementById('policySearch').click()">
+                                <div class="input-group-addon">
+                                    <i class="fa fa-search" type="submit" data-ng-click="firstPage()"></i>
+                                </div>
+                            </div>
+                            <div class="input-group">
+                                <select class="form-control search" data-ng-model="query.type"
+                                        ng-options="p.type as p.name for p in policyProviders track by p.type" data-ng-change="firstPage()">
+                                    <option value="" selected ng-click="query.type = ''">{{:: 'authz-all-types' | translate}}</option>
+                                </select>
+                            </div>
+                            <div class="input-group">
+                                <select class="form-control search" data-ng-model="detailsFilter" data-ng-change="searchQuery();">
+                                    <option value="" selected>Hide Details</option>
+                                    <option value="true">Show Details</option>
+                                </select>
+                            </div>
+                        </div>
+                        <div class="pull-right">
+                            <a id="hideDetails" data-ng-show="showDetailsFlag" class="btn btn-default" data-ng-click="showDetailsFlag = !showDetailsFlag;showDetails();" href="">{{:: 'authz-hide-details' | translate}}</a>
+                            <a id="showDetails" data-ng-hide="showDetailsFlag" class="btn btn-default" data-ng-click="showDetailsFlag = !showDetailsFlag;showDetails();" href="">{{:: 'authz-show-details' | translate}}</a>
+                            <select id="create-policy" class="form-control" ng-model="policyType"
+                                    ng-options="p.name for p in policyProviders track by p.type"
+                                    data-ng-change="addPolicy(policyType);">
+                                <option value="" disabled selected>{{:: 'authz-create-policy' | translate}}...</option>
+                            </select>
+                        </div>
+                    </div>
+                </th>
+            </tr>
+            <tr data-ng-hide="policies.length == 0">
+                <th>{{:: 'name' | translate}}</th>
+                <th>{{:: 'description' | translate}}</th>
+                <th>{{:: 'type' | translate}}</th>
+                <th colspan="3">{{:: 'actions' | translate}}</th>
+            </tr>
+        </thead>
+        <tfoot data-ng-show="policies && (policies.length >= query.max || query.first > 0)">
+        <tr>
+            <td colspan="8">
+                <div class="table-nav">
+                    <button data-ng-click="firstPage()" class="first" ng-disabled="query.first == 0">{{:: 'first-page' | translate}}</button>
+                    <button data-ng-click="previousPage()" class="prev" ng-disabled="query.first == 0">{{:: 'previous-page' | translate}}</button>
+                    <button data-ng-click="nextPage()" class="next" ng-disabled="policies.length < query.max">{{:: 'next-page' | translate}}</button>
+                </div>
+            </td>
+        </tr>
+        </tfoot>
+        <tbody>
+            <tr ng-repeat-start="policy in policies | filter: {name: search.name, type: search.type} | orderBy:'name'">
+                <td><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/policy/{{policy.type}}/{{policy.id}}">{{policy.name}}</a></td>
+                <td>{{policy.description}}</td>
+                <td>{{policy.type}}</td>
+                <td ng-if="!policy.details.loaded" class="kc-action-cell" data-ng-click="showDetails(policy);">
+                    {{:: 'authz-show-details' | translate}}
+                </td>
+                <td ng-if="policy.details.loaded" class="kc-action-cell" data-ng-click="showDetails(policy);">
+                    {{:: 'authz-hide-details' | translate}}
+                </td>
+                <td class="kc-action-cell" ng-click="delete(policy);">
+                    {{:: 'delete' | translate}}
+                </td>
+            </tr>
+            <tr ng-if="policy.details && policy.details.loaded" ng-repeat-end="">
+                <td colspan="5">
+                    <div id="details">
+                        <table class="table kc-authz-table-expanded table-striped">
+                            <thead>
+                            <tr>
+                                <th>Dependent Permissions and Policies</th>
+                            </tr>
+                            </thead>
+                            <tbody>
+                            <tr>
+                                <td>
+                                    <span data-ng-show="policy.dependentPolicies && !policy.dependentPolicies.length">{{:: 'authz-no-permission-assigned' | translate}}</span>
+                                    <ul ng-repeat="dep in policy.dependentPolicies" data-ng-show="policy.dependentPolicies.length > 0">
+                                        <li>
+                                            <a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/{{dep.type == 'scope' || dep.type == 'resource' ? 'permission' : 'policy'}}/{{dep.type}}/{{dep.id}}">{{dep.name}}</a>
+                                        </li>
+                                    </ul>
+                                </td>
+                            </tr>
+                            </tbody>
+                        </table>
+                    </div>
+                </td>
+            </tr>
+            <tr data-ng-show="(policies | filter:search).length == 0">
+                <td class="text-muted" colspan="3" data-ng-show="search.name">{{:: 'no-results' | translate}}</td>
+                <td class="text-muted" colspan="3" data-ng-hide="search.name">{{:: 'authz-no-policies-available' | translate}}</td>
+            </tr>
+        </tbody>
+    </table>
+</div>
+
+<kc-menu></kc-menu>

admin/resources/partials/authz/resource-server-detail.html

@@ -0,0 +1,63 @@
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+
+    <ol class="breadcrumb">
+        <li><a href="#/realms/{{realm.realm}}/clients">{{:: 'clients' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}">{{client.clientId}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server">{{:: 'authz-authorization' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server">{{:: 'settings' | translate}}</a></li>
+    </ol>
+
+    <kc-tabs-resource-server></kc-tabs-resource-server>
+
+    <form class="form-horizontal" name="clientForm" novalidate>
+        <fieldset>
+            <div class="form-group">
+                <label for="import-file" class="col-sm-2 control-label">{{:: 'import' | translate}}</label>
+                <div class="col-md-6">
+                    <div class="controls kc-button-input-file" data-ng-show="!importing">
+                        <label for="import-file" class="btn btn-default">{{:: 'select-file' | translate}} <i class="pficon pficon-import"></i></label>
+                        <input id="import-file" type="file" class="hidden" kc-on-read-file="onFileSelect($fileContent)">
+                    </div>
+                    <div class="col-md-6" data-ng-show="importing">
+                        <input type="button" class="btn btn-default" data-ng-click="viewImportDetails()" value="{{:: 'view-details' | translate}}"/>
+                    </div>
+                </div>
+                <kc-tooltip>{{:: 'authz-import-config.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <div class="col-md-10 col-md-offset-2" data-ng-show="importing">
+                    <button class="btn btn-default" data-ng-click="import()" data-ng-disabled="!changed">Import</button>
+                    <button kc-cancel data-ng-click="reset()">Cancel</button>
+                </div>
+            </div>
+        </fieldset>
+        <fieldset class="border-top" data-ng-hide="importing">
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="server.policyEnforcementMode">{{:: 'authz-policy-enforcement-mode' | translate}}</label>
+                <div class="col-md-2">
+                    <select class="form-control" id="server.policyEnforcementMode" data-ng-model="server.policyEnforcementMode">
+                        <option value="ENFORCING">{{:: 'authz-policy-enforcement-mode-enforcing' | translate}}</option>
+                        <option value="PERMISSIVE">{{:: 'authz-policy-enforcement-mode-permissive' | translate}}</option>
+                        <option value="DISABLED">{{:: 'authz-policy-enforcement-mode-disabled' | translate}}</option>
+                    </select>
+                </div>
+                <kc-tooltip>{{:: 'authz-policy-enforcement-mode.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="server.allowRemoteResourceManagement">{{:: 'authz-remote-resource-management' | translate}}</label>
+                <div class="col-md-6">
+                    <input ng-model="server.allowRemoteResourceManagement" id="server.allowRemoteResourceManagement" onoffswitch />
+                </div>
+                <kc-tooltip>{{:: 'authz-remote-resource-management.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group" data-ng-show="access.manageAuthorization">
+                <div class="col-md-10 col-md-offset-2">
+                    <button kc-save data-ng-disabled="!changed">{{:: 'save' | translate}}</button>
+                    <button kc-reset data-ng-disabled="!changed">{{:: 'cancel' | translate}}</button>
+                </div>
+            </div>
+        </fieldset>
+    </form>
+</div>
+
+<kc-menu></kc-menu>

admin/resources/partials/authz/resource-server-export-settings.html

@@ -0,0 +1,35 @@
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+
+    <ol class="breadcrumb">
+        <li><a href="#/realms/{{realm.realm}}/clients">{{:: 'clients' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}">{{client.clientId}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server">{{:: 'authz-authorization' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server">{{:: 'export-settings' | translate}}</a></li>
+    </ol>
+
+    <kc-tabs-resource-server></kc-tabs-resource-server>
+
+    <form class="form-horizontal" name="exportForm" novalidate>
+        <fieldset>
+            <div class="form-group">
+                <label class="col-md-2 control-label">{{:: 'authz-export-settings' | translate}}</label>
+                <div class="col-md-6">
+                    <button data-ng-click="export()" class="btn btn-primary" data-ng-hide="settings">{{:: 'export' | translate}}</button>
+                    <button data-ng-click="downloadSettings()" class="btn btn-primary" data-ng-show="settings">{{:: 'download' | translate}}</button>
+                    <button data-ng-click="cancelExport()" class="btn btn-primary" data-ng-show="settings">{{:: 'cancel' | translate}}</button>
+                </div>
+                <kc-tooltip>{{:: 'authz-export-settings.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <fieldset class="margin-top">
+                <div class="form-group" ng-show="settings">
+                    <div class="col-sm-12">
+                        <a class="btn btn-primary btn-lg" data-ng-click="download()" type="submit" ng-show="installation">{{:: 'download' | translate}}</a>
+                        <textarea class="form-control" rows="20" kc-select-action="click">{{settings}}</textarea>
+                    </div>
+                </div>
+            </fieldset>
+        </fieldset>
+    </form>
+</div>
+
+<kc-menu></kc-menu>

admin/resources/partials/authz/resource-server-list.html

@@ -0,0 +1,49 @@
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+    <h1>
+        <span>Resource Servers</span>
+        <kc-tooltip>Resource Servers are applications serving resources to their users. These resources can be a RESTFul API, web pages or any other kind of resource that must be managed and protected by a set of authorization policies.</kc-tooltip>
+    </h1>
+
+    <table class="table table-striped table-bordered">
+        <thead>
+            <tr>
+                <th class="kc-table-actions" colspan="5">
+                    <div class="form-inline">
+                        <div class="form-group">
+                            <div class="input-group">
+                                <input type="text" placeholder="Search..." data-ng-model="search.clientId" class="form-control search" onkeyup="if(event.keyCode == 13){$(this).next('I').click();}">
+                                <div class="input-group-addon">
+                                    <i class="fa fa-search" type="submit"></i>
+                                </div>
+                            </div>
+                        </div>
+
+                        <div class="pull-right">
+                            <a id="createServer" class="btn btn-default" href="#/realms/{{realm.realm}}/authz/resource-server/create">Create</a>
+                        </div>
+                    </div>
+                </th>
+            </tr>
+            <tr data-ng-hide="servers.length == 0">
+                <th>Name</th>
+                <th>Policy Enforcement Mode</th>
+                <th>Allows Remote Resource Management ?</th>
+                <th>Allows Entitlement ?</th>
+            </tr>
+        </thead>
+        <tbody>
+            <tr ng-repeat="server in servers | filter:search | orderBy:'clientId'">
+                <td><a href="#/realms/{{realm.realm}}/authz/resource-server/{{server.id}}">{{server.name}}</a></td>
+                <td>{{server.policyEnforcementMode | toCamelCase}}</td>
+                <td>{{server.allowRemoteResourceManagement}}</td>
+                <td>{{server.allowEntitlements}}</td>
+            </tr>
+            <tr data-ng-show="(servers | filter:search).length == 0">
+                <td class="text-muted" colspan="3" data-ng-show="search.clientId">No results</td>
+                <td class="text-muted" colspan="3" data-ng-hide="search.clientId">No servers available</td>
+            </tr>
+        </tbody>
+    </table>
+</div>
+
+<kc-menu></kc-menu>

admin/resources/partials/authz/resource-server-resource-detail.html

@@ -0,0 +1,73 @@
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+
+    <ol class="breadcrumb">
+        <li><a href="#/realms/{{realm.realm}}/clients">{{:: 'clients' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}">{{client.clientId}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server">{{:: 'authz-authorization' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/resource">{{:: 'authz-resources' | translate}}</a></li>
+        <li data-ng-show="create">{{:: 'authz-add-resource' | translate}}</li>
+        <li data-ng-hide="create">{{originalResource.name}}</li>
+    </ol>
+
+    <h1 data-ng-show="create">{{:: 'authz-add-resource' | translate}}</h1>
+    <h1 data-ng-hide="create">{{originalResource.name|capitalize}}<i class="pficon pficon-delete clickable" data-ng-show="!create"
+                                                         data-ng-click="remove()"></i></h1>
+
+    <form class="form-horizontal" name="clientForm" novalidate>
+        <fieldset class="border-top">
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="name">{{:: 'name' | translate}} <span class="required" data-ng-show="create">*</span></label>
+                <div class="col-sm-6">
+                    <input class="form-control" type="text" id="name" name="name" data-ng-model="resource.name" autofocus required data-ng-blur="checkNewNameAvailability()">
+                </div>
+                <kc-tooltip>{{:: 'authz-resource-name.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group" data-ng-hide="create">
+                <label class="col-md-2 control-label" for="resource.owner.name">{{:: 'authz-owner' | translate}} </label>
+                <div class="col-sm-6">
+                    <input class="form-control" type="text" id="resource.owner.name" name="name" data-ng-model="resource.owner.name" autofocus disabled>
+                </div>
+                <kc-tooltip>{{:: 'authz-resource-owner.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="type">{{:: 'type' | translate}} </label>
+                <div class="col-sm-6">
+                    <input class="form-control" type="text" id="type" name="name" data-ng-model="resource.type" autofocus>
+                </div>
+                <kc-tooltip>{{:: 'authz-resource-type.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="uri">{{:: 'authz-uri' | translate}} </label>
+                <div class="col-sm-6">
+                    <input class="form-control" type="text" id="uri" name="name" data-ng-model="resource.uri" autofocus>
+                </div>
+                <kc-tooltip>{{:: 'authz-resource-uri.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group clearfix">
+                <label class="col-md-2 control-label" for="scopes">{{:: 'authz-scopes' | translate}}</label>
+
+                <div class="col-md-6">
+                    <input type="hidden" ui-select2="scopesUiSelect" id="scopes" data-ng-model="resource.scopes" data-placeholder="{{:: 'authz-select-scope' | translate}}..." multiple/>
+                </div>
+
+                <kc-tooltip>{{:: 'authz-resource-scopes.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="iconUri">{{:: 'authz-icon-uri' | translate}} </label>
+                <div class="col-sm-6">
+                    <input class="form-control" type="text" id="iconUri" name="name" data-ng-model="resource.icon_uri" autofocus>
+                </div>
+                <kc-tooltip>{{:: 'authz-icon-uri.tooltip' | translate}}</kc-tooltip>
+            </div>
+        </fieldset>
+
+        <div class="form-group" data-ng-show="access.manageAuthorization">
+            <div class="col-md-10 col-md-offset-2">
+                <button kc-save data-ng-disabled="!changed">{{:: 'save' | translate}}</button>
+                <button kc-reset data-ng-disabled="!changed">{{:: 'cancel' | translate}}</button>
+            </div>
+        </div>
+    </form>
+</div>
+
+<kc-menu></kc-menu>

admin/resources/partials/authz/resource-server-resource-list.html

@@ -0,0 +1,148 @@
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+
+    <ol class="breadcrumb">
+        <li><a href="#/realms/{{realm.realm}}/clients">{{:: 'clients' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}">{{client.clientId}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server">{{:: 'authz-authorization' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/resource">{{:: 'authz-resources' | translate}}</a></li>
+    </ol>
+
+    <kc-tabs-resource-server></kc-tabs-resource-server>
+
+    <table class="table table-striped table-bordered">
+        <thead>
+            <tr>
+                <th class="kc-table-actions" colspan="7">
+                    <div class="form-inline">
+                        {{:: 'filter' | translate}}:&nbsp;&nbsp;
+                        <div class="form-group">
+                            <div class="input-group">
+                                <input type="text" placeholder="{{:: 'name' | translate}}" data-ng-model="query.name" class="form-control search" onkeydown="if (event.keyCode == 13) document.getElementById('resourceSearch').click()">
+                                <div class="input-group-addon">
+                                    <i class="fa fa-search" id="resourceSearch" type="submit" data-ng-click="firstPage()"></i>
+                                </div>
+                            </div>
+                            <div class="input-group">
+                                <input type="text" placeholder="{{:: 'type' | translate}}" data-ng-model="query.type" class="form-control search" onkeydown="if (event.keyCode == 13) document.getElementById('resourceSearch').click()">
+                                <div class="input-group-addon">
+                                    <i class="fa fa-search" type="submit" data-ng-click="firstPage()"></i>
+                                </div>
+                            </div>
+                            <div class="input-group">
+                                <input type="text" placeholder="{{:: 'authz-uri' | translate}}" data-ng-model="query.uri" class="form-control search" onkeydown="if (event.keyCode == 13) document.getElementById('resourceSearch').click()">
+                                <div class="input-group-addon">
+                                    <i class="fa fa-search" type="submit" data-ng-click="firstPage()"></i>
+                                </div>
+                            </div>
+                            <div class="input-group">
+                                <input type="text" placeholder="{{:: 'authz-owner' | translate}}" data-ng-model="query.owner" class="form-control search" onkeydown="if (event.keyCode == 13) document.getElementById('resourceSearch').click()">
+                                <div class="input-group-addon">
+                                    <i class="fa fa-search" type="submit" data-ng-click="firstPage()"></i>
+                                </div>
+                            </div>
+                            <div class="input-group">
+                                <input type="text" placeholder="{{:: 'authz-scope' | translate}}" data-ng-model="query.scope" class="form-control search" onkeydown="if (event.keyCode == 13) document.getElementById('resourceSearch').click()">
+                                <div class="input-group-addon">
+                                    <i class="fa fa-search" type="submit" data-ng-click="firstPage()"></i>
+                                </div>
+                            </div>
+                            <div class="input-group">
+                                <select class="form-control search" data-ng-model="detailsFilter" data-ng-change="searchQuery();">
+                                    <option value="" selected>Hide Details</option>
+                                    <option value="true">Show Details</option>
+                                </select>
+                            </div>
+                        </div>
+                        <div class="pull-right">
+                            <a id="createResource" class="btn btn-default" href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/resource/create">{{:: 'create' | translate}}</a>
+                        </div>
+                    </div>
+                </th>
+            </tr>
+            <tr data-ng-hide="resources.length == 0">
+                <th>{{:: 'name' | translate}}</th>
+                <th>{{:: 'type' | translate}}</th>
+                <th>{{:: 'authz-uri' | translate}}</th>
+                <th>{{:: 'authz-owner' | translate}}</th>
+                <th colspan="3">{{:: 'actions' | translate}}</th>
+            </tr>
+        </thead>
+        <tfoot data-ng-show="resources && (resources.length >= query.max || query.first > 0)">
+        <tr>
+            <td colspan="7">
+                <div class="table-nav">
+                    <button data-ng-click="firstPage()" class="first" ng-disabled="query.first == 0">{{:: 'first-page' | translate}}</button>
+                    <button data-ng-click="previousPage()" class="prev" ng-disabled="query.first == 0">{{:: 'previous-page' | translate}}</button>
+                    <button data-ng-click="nextPage()" class="next" ng-disabled="resources.length < query.max">{{:: 'next-page' | translate}}</button>
+                </div>
+            </td>
+        </tr>
+        </tfoot>
+        <tbody>
+            <tr ng-repeat-start="resource in resources | filter:search | orderBy:'name'">
+                <td><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/resource/{{resource._id}}">{{resource.name}}</a></td>
+                <td>
+                    <span data-ng-show="resource.type">{{resource.type}}</span>
+                    <span data-ng-show="!resource.type">{{:: 'authz-no-type-defined' | translate}}</span>
+                </td>
+                <td>
+                    <span data-ng-show="resource.uri">{{resource.uri}}</span>
+                    <span data-ng-show="!resource.uri">{{:: 'authz-no-uri-defined' | translate}}</span>
+                </td>
+                <td>{{resource.owner.name}}</td>
+                <td ng-if="!resource.details.loaded" class="kc-action-cell" data-ng-click="showDetails(resource);">
+                    {{:: 'authz-show-details' | translate}}
+                </td>
+                <td ng-if="resource.details.loaded" class="kc-action-cell" data-ng-click="showDetails(resource);">
+                    {{:: 'authz-hide-details' | translate}}
+                </td>
+                <td class="kc-action-cell" ng-click="createPolicy(resource);">
+                    {{:: 'authz-create-permission' | translate}}
+                </td>
+                <td class="kc-action-cell" ng-click="delete(resource);">
+                    {{:: 'delete' | translate}}
+                </td>
+            </tr>
+            <tr ng-if="resource.details && resource.details.loaded" ng-repeat-end="">
+                <td colspan="7">
+                    <div id="details">
+                        <table class="table kc-authz-table-expanded table-striped">
+                            <thead>
+                                <tr>
+                                    <th>Scopes</th>
+                                    <th>Associated Permissions</th>
+                                </tr>
+                            </thead>
+                            <tbody>
+                                <tr>
+                                    <td>
+                                        <span data-ng-show="resource.scopes && !resource.scopes.length">{{:: 'authz-no-scopes-assigned' | translate}}</span>
+                                        <ul ng-repeat="scope in resource.scopes" data-ng-show="resource.scopes.length > 0">
+                                            <li>
+                                                <a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/scope/{{scope.id}}">{{scope.name}}</a>
+                                            </li>
+                                        </ul>
+                                    </td>
+                                    <td>
+                                        <span data-ng-show="resource.policies && !resource.policies.length">{{:: 'authz-no-permission-assigned' | translate}}</span>
+                                        <ul ng-repeat="policy in resource.policies" data-ng-show="resource.policies.length > 0">
+                                            <li>
+                                                <a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/permission/{{policy.type}}/{{policy.id}}">{{policy.name}}</a>
+                                            </li>
+                                        </ul>
+                                    </td>
+                                </tr>
+                            </tbody>
+                        </table>
+                    </div>
+                </td>
+            </tr>
+            <tr data-ng-show="(resources | filter:search).length == 0">
+                <td class="text-muted" colspan="6" data-ng-show="search.name">{{:: 'no-results' | translate}}</td>
+                <td class="text-muted" colspan="6" data-ng-hide="search.name">{{:: 'authz-no-resources-available' | translate}}</td>
+            </tr>
+        </tbody>
+    </table>
+</div>
+
+<kc-menu></kc-menu>

admin/resources/partials/authz/resource-server-scope-detail.html

@@ -0,0 +1,43 @@
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+
+    <ol class="breadcrumb">
+        <li><a href="#/realms/{{realm.realm}}/clients">{{:: 'clients' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}">{{client.clientId}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server">{{:: 'authz-authorization' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/scope">{{:: 'authz-scopes' | translate}}</a></li>
+        <li data-ng-show="create">{{:: 'authz-add-scope' | translate}}</li>
+        <li data-ng-hide="create">{{originalScope.name}}</li>
+    </ol>
+
+    <h1 data-ng-show="create">{{:: 'authz-add-scope' | translate}}</h1>
+    <h1 data-ng-hide="create">{{originalScope.name|capitalize}}<i class="pficon pficon-delete clickable" data-ng-show="!create"
+                                                         data-ng-hide="changed" data-ng-click="remove()"></i></h1>
+
+    <form class="form-horizontal" name="clientForm" novalidate>
+        <fieldset class="border-top">
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="name">{{:: 'name' | translate}} </label>
+                <div class="col-sm-6">
+                    <input class="form-control" type="text" id="name" name="name" data-ng-model="scope.name" autofocus data-ng-blur="checkNewNameAvailability()">
+                </div>
+                <kc-tooltip>{{:: 'authz-scope-name.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="name">{{:: 'authz-icon-uri' | translate}} </label>
+                <div class="col-sm-6">
+                    <input class="form-control" type="text" id="iconUri" name="name" data-ng-model="scope.iconUri" autofocus>
+                </div>
+                <kc-tooltip>{{:: 'authz-icon-uri.tooltip' | translate}}</kc-tooltip>
+            </div>
+        </fieldset>
+
+        <div class="form-group" data-ng-show="access.manageAuthorization">
+            <div class="col-md-10 col-md-offset-2">
+                <button kc-save data-ng-disabled="!changed">{{:: 'save' | translate}}</button>
+                <button kc-reset data-ng-disabled="!changed">{{:: 'cancel' | translate}}</button>
+            </div>
+        </div>
+    </form>
+</div>
+
+<kc-menu></kc-menu>

admin/resources/partials/authz/resource-server-scope-list.html

@@ -0,0 +1,111 @@
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+
+    <ol class="breadcrumb">
+        <li><a href="#/realms/{{realm.realm}}/clients">{{:: 'clients' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}">{{client.clientId}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server">{{:: 'authz-authorization' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/scope">{{:: 'authz-scopes' | translate}}</a></li>
+    </ol>
+
+    <kc-tabs-resource-server></kc-tabs-resource-server>
+
+    <table class="table table-striped table-bordered">
+        <thead>
+            <tr>
+                <th class="kc-table-actions" colspan="5">
+                    <div class="form-inline">
+                        <div class="form-group">
+                            <div class="input-group">
+                                <input type="text" placeholder="{{:: 'name' | translate}}" data-ng-model="query.name" class="form-control search" onkeydown="if (event.keyCode == 13) document.getElementById('scopeSearch').click()">
+                                <div class="input-group-addon">
+                                    <i class="fa fa-search" id="scopeSearch" type="submit" data-ng-click="firstPage()"></i>
+                                </div>
+                            </div>
+                            <div class="input-group">
+                                <select class="form-control search" data-ng-model="detailsFilter" data-ng-change="showDetails();">
+                                    <option value="" selected>Hide Details</option>
+                                    <option value="true">Show Details</option>
+                                </select>
+                            </div>
+                        </div>
+                        <div class="pull-right">
+                            <a id="createScope" class="btn btn-default" href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/scope/create">{{:: 'create' | translate}}</a>
+                        </div>
+                    </div>
+                </th>
+            </tr>
+            <tr data-ng-hide="scopes.length == 0">
+                <th>{{:: 'name' | translate}}</th>
+                <th colspan="3">{{:: 'actions' | translate}}</th>
+            </tr>
+        </thead>
+        <tfoot data-ng-show="scopes && (scopes.length >= query.max || query.first > 0)">
+        <tr>
+            <td colspan="8">
+                <div class="table-nav">
+                    <button data-ng-click="firstPage()" class="first" ng-disabled="query.first == 0">{{:: 'first-page' | translate}}</button>
+                    <button data-ng-click="previousPage()" class="prev" ng-disabled="query.first == 0">{{:: 'previous-page' | translate}}</button>
+                    <button data-ng-click="nextPage()" class="next" ng-disabled="scopes.length < query.max">{{:: 'next-page' | translate}}</button>
+                </div>
+            </td>
+        </tr>
+        </tfoot>
+        <tbody>
+            <tr ng-repeat-start="scope in scopes | filter:search | orderBy:'name'">
+                <td width="70%"><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/scope/{{scope.id}}">{{scope.name}}</a></td>
+                <td ng-if="!scope.details.loaded" class="kc-action-cell" data-ng-click="showDetails(scope);">
+                    {{:: 'authz-show-details' | translate}}
+                </td>
+                <td ng-if="scope.details.loaded" class="kc-action-cell" data-ng-click="showDetails(scope);">
+                    {{:: 'authz-hide-details' | translate}}
+                </td>
+                <td class="kc-action-cell" ng-click="createPolicy(scope);">
+                    {{:: 'authz-create-permission' | translate}}
+                </td>
+                <td class="kc-action-cell" ng-click="delete(scope);">
+                    {{:: 'delete' | translate}}
+                </td>
+            </tr>
+            <tr ng-if="scope.details && scope.details.loaded" ng-repeat-end="">
+                <td colspan="4">
+                    <div id="details">
+                        <table class="table kc-authz-table-expanded table-striped">
+                            <thead>
+                            <tr>
+                                <th>Resources</th>
+                                <th>Associated Permissions</th>
+                            </tr>
+                            </thead>
+                            <tbody>
+                            <tr>
+                                <td>
+                                    <span data-ng-show="scope.resources && !scope.resources.length">{{:: 'authz-no-resources-assigned' | translate}}</span>
+                                    <ul ng-repeat="resource in scope.resources" data-ng-show="scope.resources.length > 0">
+                                        <li>
+                                            <a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/resource/{{resource._id}}">{{resource.name}}</a>
+                                        </li>
+                                    </ul>
+                                </td>
+                                <td>
+                                    <span data-ng-show="scope.policies && !scope.policies.length">{{:: 'authz-no-permission-assigned' | translate}}</span>
+                                    <ul ng-repeat="policy in scope.policies" data-ng-show="scope.policies.length > 0">
+                                        <li>
+                                            <a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/permission/{{policy.type}}/{{policy.id}}">{{policy.name}}</a>
+                                        </li>
+                                    </ul>
+                                </td>
+                            </tr>
+                            </tbody>
+                        </table>
+                    </div>
+                </td>
+            </tr>
+            <tr data-ng-show="(scopes | filter:search).length == 0">
+                <td class="text-muted" colspan="3" data-ng-show="search.name">{{:: 'no-results' | translate}}</td>
+                <td class="text-muted" colspan="3" data-ng-hide="search.name">{{:: 'authz-no-scopes-available' | translate}}</td>
+            </tr>
+        </tbody>
+    </table>
+</div>
+
+<kc-menu></kc-menu>

admin/resources/partials/brute-force.html

@@ -0,0 +1,114 @@
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+    <kc-tabs-realm></kc-tabs-realm>
+
+    <ul class="nav nav-tabs nav-tabs-pf">
+        <li><a href="#/realms/{{realm.realm}}/defense/headers">{{:: 'headers' | translate}}</a></li>
+        <li class="active"><a href="#/realms/{{realm.realm}}/defense/brute-force">{{:: 'brute-force-detection' | translate}}</a></li>
+    </ul>
+
+    <form class="form-horizontal" name="realmForm" novalidate kc-read-only="!access.manageRealm">
+        <fieldset class="border-top">
+            <div class="form-group">
+                <label class="col-md-2 control-label" for="bruteForceProtected">{{:: 'enabled' | translate}}</label>
+                <div class="col-md-6">
+                    <input ng-model="realm.bruteForceProtected" name="bruteForceProtected" id="bruteForceProtected" onoffswitch on-text="{{:: 'onText' | translate}}" off-text="{{:: 'offText' | translate}}"/>
+                </div>
+            </div>
+            <div class="form-group" data-ng-show="realm.bruteForceProtected">
+                <label class="col-md-2 control-label" for="permanentLockout">{{:: 'permanent-lockout' | translate}}</label>
+                <div class="col-md-6">
+                    <input ng-model="realm.permanentLockout" name="permanentLockout" id="permanentLockout" onoffswitch on-text="{{:: 'onText' | translate}}" off-text="{{:: 'offText' | translate}}"/>
+                </div>
+                <kc-tooltip>{{:: 'permanent-lockout.tooltip' | translate}}</kc-tooltip>
+            </div>
+
+            <div class="form-group" data-ng-show="realm.bruteForceProtected">
+                <label class="col-md-2 control-label" for="failureFactor">{{:: 'max-login-failures' | translate}}</label>
+
+                <div class="col-md-6">
+                    <input class="form-control" type="number" min="1" max="31536000" id="failureFactor" name="failureFactor" data-ng-model="realm.failureFactor" autofocus
+                           required>
+                </div>
+                <kc-tooltip>{{:: 'max-login-failures.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group" data-ng-show="realm.bruteForceProtected && !realm.permanentLockout">
+                <label class="col-md-2 control-label" for="waitIncrement">{{:: 'wait-increment' | translate}}</label>
+                <div class="col-md-6 time-selector">
+                    <input class="form-control" type="number" required min="1"
+                           max="31536000" data-ng-model="realm.waitIncrement"
+                           id="waitIncrement" name="waitIncrement"/>
+                    <select class="form-control" name="waitIncrementUnit" data-ng-model="realm.waitIncrementUnit" >
+                        <option data-ng-selected="!realm.waitIncrementUnit" value="Seconds">{{:: 'seconds' | translate}}</option>
+                        <option value="Minutes">{{:: 'minutes' | translate}}</option>
+                        <option value="Hours">{{:: 'hours' | translate}}</option>
+                        <option value="Days">{{:: 'days' | translate}}</option>
+                    </select>
+                </div>
+                <kc-tooltip>{{:: 'wait-increment.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group" data-ng-show="realm.bruteForceProtected">
+                <label class="col-md-2 control-label" for="quickLoginCheckMilliSeconds">{{:: 'quick-login-check-millis' | translate}}</label>
+
+                <div class="col-md-6">
+                    <input class="form-control" type="number" min="1" max="31536000" id="quickLoginCheckMilliSeconds" name="quickLoginCheckMilliSeconds" data-ng-model="realm.quickLoginCheckMilliSeconds" autofocus
+                           required>
+                </div>
+                <kc-tooltip>{{:: 'quick-login-check-millis.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group" data-ng-show="realm.bruteForceProtected">
+                <label class="col-md-2 control-label" for="minimumQuickLoginWait">{{:: 'min-quick-login-wait' | translate}}</label>
+                <div class="col-md-6 time-selector">
+                    <input class="form-control" type="number" required min="1"
+                           max="31536000" data-ng-model="realm.minimumQuickLoginWait"
+                           id="minimumQuickLoginWait" name="minimumQuickLoginWait"/>
+                    <select class="form-control" name="minimumQuickLoginWaitUnit" data-ng-model="realm.minimumQuickLoginWaitUnit" >
+                        <option data-ng-selected="!realm.minimumQuickLoginWaitUnit" value="Seconds">{{:: 'seconds' | translate}}</option>
+                        <option value="Minutes">{{:: 'minutes' | translate}}</option>
+                        <option value="Hours">{{:: 'hours' | translate}}</option>
+                        <option value="Days">{{:: 'days' | translate}}</option>
+                    </select>
+                </div>
+                <kc-tooltip>{{:: 'min-quick-login-wait.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group" data-ng-show="realm.bruteForceProtected && !realm.permanentLockout">
+                <label class="col-md-2 control-label" for="maxFailureWait">{{:: 'max-wait' | translate}}</label>
+                <div class="col-md-6 time-selector">
+                    <input class="form-control" type="number" required min="1"
+                                   max="31536000" data-ng-model="realm.maxFailureWait"
+                                   id="maxFailureWait" name="maxFailureWait"/>
+                    <select class="form-control" name="maxFailureWaitUnit" data-ng-model="realm.maxFailureWaitUnit" >
+                        <option data-ng-selected="!realm.maxFailureWaitUnit" value="Seconds">{{:: 'seconds' | translate}}</option>
+                        <option value="Minutes">{{:: 'minutes' | translate}}</option>
+                        <option value="Hours">{{:: 'hours' | translate}}</option>
+                        <option value="Days">{{:: 'days' | translate}}</option>
+                    </select>
+                </div>
+                <kc-tooltip>{{:: 'max-wait.tooltip' | translate}}</kc-tooltip>
+            </div>
+            <div class="form-group" data-ng-show="realm.bruteForceProtected && !realm.permanentLockout">
+                <label class="col-md-2 control-label" for="maxDeltaTime">{{:: 'failure-reset-time' | translate}}</label>
+                <div class="col-md-6 time-selector">
+                    <input class="form-control" type="number" required min="1"
+                           max="31536000" data-ng-model="realm.maxDeltaTime"
+                           id="maxDeltaTime" name="maxDeltaTime"/>
+                    <select class="form-control" name="maxDeltaTimeUnit" data-ng-model="realm.maxDeltaTimeUnit" >
+                        <option data-ng-selected="!realm.maxDeltaTimeUnit" value="Seconds">{{:: 'seconds' | translate}}</option>
+                        <option value="Minutes">{{:: 'minutes' | translate}}</option>
+                        <option value="Hours">{{:: 'hours' | translate}}</option>
+                        <option value="Days">{{:: 'days' | translate}}</option>
+                    </select>
+                </div>
+                <kc-tooltip>{{:: 'failure-reset-time.tooltip' | translate}}</kc-tooltip>
+            </div>
+        </fieldset>
+
+        <div class="form-group" data-ng-show="access.manageRealm">
+            <div class="col-md-10 col-md-offset-2">
+                <button kc-save data-ng-disabled="!changed">{{:: 'save' | translate}}</button>
+                <button kc-reset data-ng-disabled="!changed">{{:: 'cancel' | translate}}</button>
+            </div>
+        </div>
+    </form>
+</div>
+
+<kc-menu></kc-menu>

admin/resources/partials/claims.html

@@ -0,0 +1,62 @@
+    <fieldset class="border-top">
+        <div class="form-group">
+            <label class="col-md-2 control-label" for="username">{{:: 'username' | translate}}</label>
+            <div class="col-md-6">
+                <input ng-model="claims.username" name="username" id="username" onoffswitch on-text="{{:: 'onText' | translate}}" off-text="{{:: 'offText' | translate}}"/>
+            </div>
+        </div>
+        <div class="form-group">
+            <label class="col-md-2 control-label" for="claimName">{{:: 'name' | translate}}</label>
+            <div class="col-md-6">
+                <input ng-model="claims.name" name="claimName" id="claimName" onoffswitch on-text="{{:: 'onText' | translate}}" off-text="{{:: 'offText' | translate}}"/>
+            </div>
+        </div>
+        <div class="form-group">
+            <label class="col-md-2 control-label" for="email">{{:: 'email' | translate}}</label>
+            <div class="col-md-6">
+                <input ng-model="claims.email" name="email" id="email" onoffswitch on-text="{{:: 'onText' | translate}}" off-text="{{:: 'offText' | translate}}"/>
+            </div>
+        </div>
+        <div class="form-group">
+            <label class="col-md-2 control-label" for="gender">{{:: 'gender' | translate}}</label>
+            <div class="col-md-6">
+                <input ng-model="claims.gender" name="gender" id="gender" onoffswitch on-text="{{:: 'onText' | translate}}" off-text="{{:: 'offText' | translate}}"/>
+            </div>
+        </div>
+        <div class="form-group">
+            <label class="col-md-2 control-label" for="address">{{:: 'address' | translate}}</label>
+            <div class="col-md-6">
+                <input ng-model="claims.address" name="address" id="address" onoffswitch on-text="{{:: 'onText' | translate}}" off-text="{{:: 'offText' | translate}}"/>
+            </div>
+        </div>
+        <div class="form-group">
+            <label class="col-md-2 control-label" for="locale">{{:: 'locale' | translate}}</label>
+            <div class="col-md-6">
+                <input ng-model="claims.locale" name="locale" id="locale" onoffswitch on-text="{{:: 'onText' | translate}}" off-text="{{:: 'offText' | translate}}"/>
+            </div>
+        </div>
+        <div class="form-group">
+            <label class="col-md-2 control-label" for="phone">{{:: 'phone' | translate}}</label>
+            <div class="col-md-6">
+                <input ng-model="claims.phone" name="phone" id="phone" onoffswitch on-text="{{:: 'onText' | translate}}" off-text="{{:: 'offText' | translate}}"/>
+            </div>
+        </div>
+        <div class="form-group">
+            <label class="col-md-2 control-label" for="profile">{{:: 'profile-url' | translate}}</label>
+            <div class="col-md-6">
+                <input ng-model="claims.profile" name="profile" id="profile" onoffswitch on-text="{{:: 'onText' | translate}}" off-text="{{:: 'offText' | translate}}"/>
+            </div>
+        </div>
+        <div class="form-group">
+            <label class="col-md-2 control-label" for="picture">{{:: 'picture-url' | translate}}</label>
+            <div class="col-md-6">
+                <input ng-model="claims.picture" name="picture" id="picture" onoffswitch on-text="{{:: 'onText' | translate}}" off-text="{{:: 'offText' | translate}}"/>
+            </div>
+        </div>
+        <div class="form-group">
+            <label class="col-md-2 control-label" for="website">{{:: 'website' | translate}}</label>
+            <div class="col-md-6">
+                <input ng-model="claims.website" name="website" id="website" onoffswitch on-text="{{:: 'onText' | translate}}" off-text="{{:: 'offText' | translate}}"/>
+            </div>
+        </div>
+    </fieldset>

admin/resources/partials/client-clustering-node.html

@@ -0,0 +1,37 @@
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+    <ol class="breadcrumb">
+        <li><a href="#/realms/{{realm.realm}}/clients">{{:: 'clients' | translate}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}">{{client.clientId}}</a></li>
+        <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/clustering">{{:: 'cluster-nodes' | translate}}</a></li>
+        <li data-ng-show="create">{{:: 'add-node' | translate}}</li>
+        <li data-ng-hide="create">{{node.host|capitalize}}</li>
+    </ol>
+
+    <h1 data-ng-show="create">{{:: 'add-node' | translate}}</h1>
+    <h1 data-ng-hide="create">
+        {{node.host|capitalize}}
+        <i id="removeClient" class="pficon pficon-delete clickable" data-ng-show="client.access.configure" data-ng-click="unregisterNode()"></i>
+    </h1>
+
+    <form class="form-horizontal" name="clusteringForm" novalidate kc-read-only="!client.access.configure" data-ng-show="create || registered">
+        <div class="form-group">
+            <label class="col-md-2 control-label" for="host">{{:: 'host' | translate}}</label>
+            <div class="col-sm-6">
+                <input ng-disabled="!create" class="form-control" type="text" id="host" name="host" data-ng-model="node.host" required>
+            </div>
+        </div>
+        <div ng-hide="create" class="form-group">
+            <label class="col-md-2 control-label" for="lastRegistration">{{:: 'last-registration' | translate}}</label>
+            <div class="col-sm-6">
+                {{node.lastRegistration}}
+            </div>
+        </div>
+        <div class="form-group">
+            <div class="col-md-10 col-md-offset-2" data-ng-show="client.access.configure">
+                <button data-kc-save data-ng-show="create">{{:: 'save' | translate}}</button>
+            </div>
+        </div>
+    </form>
+</div>
+
+<kc-menu></kc-menu>

admin/resources/partials/client-clustering.html

@@ -0,0 +1,76 @@
+<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
+
+    <ol class="breadcrumb">
+        <li><a href="#/realms/{{realm.realm}}/clients">{{:: 'clients' | translate}}</a></li>
+        <li>{{client.clientId}}</li>
+    </ol>
+
+    <kc-tabs-client></kc-tabs-client>
+
+    <form class="form-horizontal" name="clusteringForm" novalidate kc-read-only="!client.access.configure">
+        <legend><span class="text">{{:: 'basic-configuration' | translate}}</span></legend>
+        <fieldset >
+            <div class="form-group clearfix">
+                <label class="col-md-2 control-label" for="nodeReRegistrationTimeout">{{:: 'node-reregistration-timeout' | translate}}</label>
+                <div class="col-sm-5">
+                    <div class="row">
+                        <div class="col-md-6 form-inline">
+                            <input class="form-control" type="number" required
+                                   max="31536000" data-ng-model="client.nodeReRegistrationTimeout"
+                                   id="nodeReRegistrationTimeout" name="nodeReRegistrationTimeout"/>
+                            <select class="form-control" name="nodeReRegistrationTimeoutUnit" data-ng-model="client.nodeReRegistrationTimeoutUnit" >
+                                <option data-ng-selected="!client.nodeReRegistrationTimeoutUnit" value="Seconds">{{:: 'seconds' | translate}}</option>
+                                <option value="Minutes">{{:: 'minutes' | translate}}</option>
+                                <option value="Hours">{{:: 'hours' | translate}}</option>
+                                <option value="Days">{{:: 'days' | translate}}</option>
+                            </select>
+                        </div>
+                    </div>
+                </div>
+                <kc-tooltip>{{:: 'node-reregistration-timeout.tooltip' | translate}}</kc-tooltip>
+            </div>
+
+            <div class="form-group">
+                <div class="col-md-10 col-md-offset-2" data-ng-show="client.access.configure">
+                    <button data-kc-save data-ng-disabled="!changed">{{:: 'save' | translate}}</button>
+                    <button data-kc-reset data-ng-disabled="!changed">{{:: 'cancel' | translate}}</button>
+                </div>
+            </div>
+        </fieldset>
+
+        <fieldset>
+            <legend><span class="text">{{:: 'registered-cluster-nodes' | translate}}</span></legend>
+            <table class="table table-striped table-bordered">
+                <thead>
+                    <tr>
+                        <th class="kc-table-actions" colspan="5" data-ng-show="client.access.configure">
+                            <div class="pull-right">
+                                <a class="btn btn-default" tooltip="Manually register cluster node. This is usually not needed as cluster node should be registered automatically by adapter"
+                                   tooltip-trigger="mouseover mouseout" tooltip-placement="bottom" href="#/register-node/realms/{{realm.realm}}/clients/{{client.id}}/clustering">{{:: 'register-node-manually' | translate}}</a>
+                                <a class="btn btn-default" data-ng-click="testNodesAvailable()" data-ng-show="nodeRegistrations && nodeRegistrations.length > 0">{{:: 'test-cluster-availability' | translate}}</a>
+                            </div>
+                        </th>
+                    </tr>
+                    <tr data-ng-hide="!nodeRegistrations || nodeRegistrations.length == 0">
+                        <th>{{:: 'node-host' | translate}}</th>
+                        <th>{{:: 'last-registration' | translate}}</th>
+                        <th colspan="2">{{:: 'actions' | translate}}</th>
+                    </tr>
+                </thead>
+                <tbody>
+                    <tr ng-repeat="node in nodeRegistrations">
+                        <td><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/clustering/{{node.host}}">{{node.host}}</a></td>
+                        <td>{{node.lastRegistration}}</td>
+                        <td class="kc-action-cell" kc-open="/realms/{{realm.realm}}/clients/{{client.id}}/clustering/{{node.host}}">{{:: 'edit' | translate}}</td>
+                        <td class="kc-action-cell" data-ng-click="removeNode(node)">{{:: 'delete' | translate}}</td>
+                    </tr>
+                    <tr data-ng-show="!nodeRegistrations || nodeRegistrations.length == 0">
+                        <td class="text-muted">{{:: 'no-registered-cluster-nodes' | translate}}</td>
+                    </tr>
+                </tbody>
+            </table>
+        </fieldset>
+    </form>
+</div>
+
+<kc-menu></kc-menu>