<div dir="ltr">Hello,<div><br></div><div>here is an update on the integration: Bill did some updates to his example template and worked on more things inside of Keycloak for a better integration. </div><div><br></div><div>
Yesterday, I used his example work and applied it to our UPS:</div><div><a href="https://github.com/aerogear/aerogear-unifiedpush-server/tree/keycloak-two-war-integration">https://github.com/aerogear/aerogear-unifiedpush-server/tree/keycloak-two-war-integration</a><br>
</div><div><br></div><div><br></div><div>There is now an 'auth-server' module which produces a WAR (that also contains an AeroGear theme), to be deployed to the AS:</div><div><a href="https://github.com/aerogear/aerogear-unifiedpush-server/tree/keycloak-two-war-integration/auth-server">https://github.com/aerogear/aerogear-unifiedpush-server/tree/keycloak-two-war-integration/auth-server</a><br>
</div><div><br></div><div><br></div><div>The 'server' module is using a ContextListener for the configuration work, instead of the previous keycloak.json file:</div><div><a href="https://github.com/aerogear/aerogear-unifiedpush-server/blob/keycloak-two-war-integration/server/src/main/java/org/jboss/aerogear/unifiedpush/keycloak/BootstrapListener.java">https://github.com/aerogear/aerogear-unifiedpush-server/blob/keycloak-two-war-integration/server/src/main/java/org/jboss/aerogear/unifiedpush/keycloak/BootstrapListener.java</a><br>
</div><div><br></div><div>Deploying the two WARs (auth before ups) will show the integration (admin:admin is the initial password).</div><div><br></div><div>IMO this is a huge step towards a proper Keycloak integration, but some items are still open:</div>
<div>- nicer config (using his testrealm.json inside of the auth-server)</div><div>- user/roles mgmt</div><div>- integration w/ the new UI</div><div>- ... </div><div><br></div><div>When Bruno is back, the work on this branch will continue.</div>
<div><br></div><div>That's it for now.</div><div><br></div><div>-Matthias</div><div><br></div><div><br></div><div><br></div><div><br></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Tue, May 6, 2014 at 11:49 AM, Matthias Wessendorf <span dir="ltr"><<a href="mailto:matzew@apache.org" target="_blank">matzew@apache.org</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div>Hello folks!<br></div><div><br></div><div>Bill Burk was helping on the Keycloak front and besides fixing related items on the Keycloak server, he also created an example that we can use as a template for the actual integration. See [1]</div>
<div><br></div><div>In the past, Bruno and I did integrate w/ an external Keycloak server (see [2]), and we did include the keycloak.json file (See [3]). Thanks to Bill's work on Keycloak, the 'protected app' no longer needs that, see [4].</div>
<div>Also there is no more the need to customize the Keycloak Rest Application (Stian and I did look into that as well).</div><div><br></div><div><br></div><div>Good news: This means the UPS can stay as it is -> no need to change internals (e.g. the 'bundle all in one WAR file' did force us to change our '/rest' URLs, as Keycloak uses them, see [5]).</div>
<div><br></div><div>Inside of our 'modular' Keycloak branch (see [2] again), we can apply the work from Bill:</div><div>* our current 'server' module will use a listener similar to [4]</div><div>* create a "ups-auth" module similar to [6]</div>
<div><br></div><div>On the 'ups-auth module' there is one area where we need to have some future improvement:</div><div>* testrealm.json -> needs to be in Java code, due to the URL being hard-coded in there (we need to resolve the URL of the host, running the bits). But, IMO for now that should be good enough.</div>
<div><br></div><div>Bruno did offer to help out on the Keycloak integration, so that I can go back to the analytics and mertrics feature. Thanks abstractj!! <3</div><div><br></div><div>Greetings,</div><div>Matthias</div>
<div><br></div><div>[1] <a href="https://github.com/keycloak/keycloak/tree/master/project-integrations/aerogear-ups" target="_blank">https://github.com/keycloak/keycloak/tree/master/project-integrations/aerogear-ups</a></div>
<div>[2] <a href="https://github.com/aerogear/aerogear-unifiedpush-server/tree/keycloak-modular" target="_blank">https://github.com/aerogear/aerogear-unifiedpush-server/tree/keycloak-modular</a></div>
<div>[3] <a href="https://github.com/aerogear/aerogear-unifiedpush-server/blob/keycloak-modular/server/src/main/webapp/WEB-INF/keycloak.json" target="_blank">https://github.com/aerogear/aerogear-unifiedpush-server/blob/keycloak-modular/server/src/main/webapp/WEB-INF/keycloak.json</a></div>
<div>[4] <a href="https://github.com/keycloak/keycloak/blob/master/project-integrations/aerogear-ups/app/src/main/java/org/keycloak/example/BootstrapListener.java" target="_blank">https://github.com/keycloak/keycloak/blob/master/project-integrations/aerogear-ups/app/src/main/java/org/keycloak/example/BootstrapListener.java</a></div>
<div>[5] <a href="https://github.com/aerogear/aerogear-unifiedpush-server/tree/keycloak-embedded" target="_blank">https://github.com/aerogear/aerogear-unifiedpush-server/tree/keycloak-embedded</a></div><div>[6] <a href="https://github.com/keycloak/keycloak/tree/master/project-integrations/aerogear-ups/auth-server" target="_blank">https://github.com/keycloak/keycloak/tree/master/project-integrations/aerogear-ups/auth-server</a></div>
<span class="HOEnZb"><font color="#888888">
<div><br></div><div><br></div>-- <br>Matthias Wessendorf <br><br>blog: <a href="http://matthiaswessendorf.wordpress.com/" target="_blank">http://matthiaswessendorf.wordpress.com/</a><br>sessions: <a href="http://www.slideshare.net/mwessendorf" target="_blank">http://www.slideshare.net/mwessendorf</a><br>
twitter: <a href="http://twitter.com/mwessendorf" target="_blank">http://twitter.com/mwessendorf</a>
</font></span></div>
</blockquote></div><br><br clear="all"><div><br></div>-- <br>Matthias Wessendorf <br><br>blog: <a href="http://matthiaswessendorf.wordpress.com/" target="_blank">http://matthiaswessendorf.wordpress.com/</a><br>sessions: <a href="http://www.slideshare.net/mwessendorf" target="_blank">http://www.slideshare.net/mwessendorf</a><br>
twitter: <a href="http://twitter.com/mwessendorf" target="_blank">http://twitter.com/mwessendorf</a>
</div>