[keycloak-dev] Keycloak Subsystem PR
bburke at redhat.com
Wed Feb 5 20:40:10 EST 2014
I assume that we want to override any login-config/auth-method settings
in the web.xml if the keycloak subsystem is using the deployment?
Meaning, if web.xml defines auth-method as BASIC, and the subsystem has
that war listed as a deployment we override the auth-method to be KEYCLOAK?
On 1/30/2014 9:59 AM, ssilvert at redhat.com wrote:
> I've done the initial pull request for the Keycloak subsystem. After
> starting fresh with the latest build I was finally able to verify that
> it really does work end to end!
> I probably won't have much more time to work on Keycloak for the next
> 4-5 weeks. So I'll try to put everything I know about it into these
> notes in case someone wants to take it over. I happy to answer
> questions though.
> Directions to try the subsystem on your own:
> * Build the new subsystem module.
> * Rebuild the undertow adapter. The EAP6 adapter has not been updated
> to use the subsystem, so you will need to use WildFly.
> * Update standalone.xml. I've attached a version of standalone.xml that
> I used with the Keycloak appliance. It shows adding the Keycloak
> extension near the top of the file and adding the subsystem definition
> near the bottom.
> * Copy
> keycloak/subsystem/target/keycloak-subsystem-1.0-alpha-2-SNAPSHOT.jar to
> * Copy
> * Edit module.xml and add the subsystem jar as a resource-root.
> Alternatively, you can just use the module.xml attached to this email.
> * Copy
> Now if you reboot WildFly you can view and manipulate the subsystem
> using CLI or CLI GUI. All operations such as add/remove/write-attribute
> should be working. I recommend CLI GUI so you can see everything in
> context. https://community.jboss.org/wiki/AGUIForTheCommandLineInterface
> To test the subsystem with a live application, I did the following:
> * Copy the customer-portal.war to customer-portal-subsys.war.
> * Remove keycloak.json and jboss-deployment-structure.xml from the WAR.
> The subsystem makes those files redundant.
> * Edit the web.xml inside the WAR and change the <module-name> to
> customer-portal-subsys. I'm not sure if this is really needed. If we
> need to manipulate web.xml settings at deploy time then the subsystem
> can be modified to do that too.
> * Define the customer-portal-subsys application in Keycloak Admin. It
> should have the same settings as customer-portal.
> * Deploy customer-portal-subsys.war to WildFly and test it out.
> Future tasks for the Keycloak Subsystem:
> * Integration with the Keycloak Admin
> * Review the attributes of realm and secure-deployment to make sure they
> align with keycloak.json.
> * Fill in help text in
> * See comments in KeycloakAdapterConfigService.java. This class may
> work better as a plain Singleton instead of a service.
> * It probably wouldn't hurt to ask Brian Stansberry to give the
> subsystem a quick review.
> * More tests
> * Package the subsystem with the distribution
> * Documentation
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
JBoss, a division of Red Hat
More information about the keycloak-dev