[keycloak-dev] Notes on KEYCLOAK-795: Move Auth Server into KC subsystem

Stian Thorgersen stian at redhat.com
Fri Oct 31 07:55:18 EDT 2014 


----- Original Message -----
> From: "Stan Silvert" <ssilvert at redhat.com>
> To: "Stian Thorgersen" <stian at redhat.com>
> Cc: keycloak-dev at lists.jboss.org
> Sent: Friday, 31 October, 2014 12:43:16 PM
> Subject: Re: [keycloak-dev] Notes on KEYCLOAK-795: Move Auth Server into KC subsystem
> 
> On 10/31/2014 4:15 AM, Stian Thorgersen wrote:
> > Looks good to me. We should include this in Beta1.
> >
> > A few comments/questions:
> >
> > * Can we support enabling confidential transport-guarantee
> > (auth-server/WEB-INF/web.xml) without cracking open the WAR? This seems to
> > be the last requirement for an exploded WAR
> I didn't know about that.  I can add it.
> > * How to manually add a provider?
> > * How to use add-provider and update-server-config? I'm still a bit unclear
> > on how the 'update-server-config' works, can you elaborate a bit on this?
> I should be done with updating the doc today.  These questions will be
> answered there.
> > * What's the "new CLI GUI"? Why doesn't it work with the old CLI?
> This is CLI GUI:
> https://developer.jboss.org/wiki/AGUIForTheCommandLineInterface
> It's been around almost three years and I'm quite proud of it, but a lot
> of people don't know it exists.  I just added a new feature to CLI GUI
> that automatically uploads bytes for operations that require uploads.
> To do this in regular CLI, you would need to write code for a
> meta-command like "deploy".  Soon I'll talk to Alexey about adding this
> feature to regular CLI as well.
> 
> The new feature will be available with WildFly Core 1.0.0.Alpha11.
> Should be out soon.  For now you have to build from master to get it.
> You just need a single jar and it works with older WildFly/EAP versions.
> https://developer.jboss.org/wiki/UsingTheCLIRemoteClientJar
> > * How to add themes in domain mode? Is that with provider jar?
> Yes.
> > Documentation obviously needs updating before Beta1 is released. We also
> > need to test that it works with the OpenShift Cartridge.
> I can't think of a reason why it wouldn't work.  I know CLI GUI works
> with OpenShift.  But yea, we need to test it.

I can update and test the cartridge

> 
> BTW, using CLI GUI is just temporary.  I think it won't be long before
> we can front-end the Keycloak subsystem in Keycloak admin.
> >
> > Stan, can we get rid of these:
> >    08:30:02,004 WARN  [org.jboss.as.dependency.private] (MSC service thread
> >    1-8) JBAS018567: Deployment "deployment.main-auth-server.war" is using
> >    a private module ...
> I don't think that's related to my PR.  I think you'll see those when
> you deploy from the /deployments directory as well.
> 
> The messages are for the jackson and httpcomponents modules.  I think I
> can get rid of the messages if we remove the <dependencies> section from
> jboss-deployment-structure.xml. Those dependencies should be added using
> KeycloakDependencyProcessor instead.

Yes, it's not caused by your PR (I should have clarified that), was just hoping there was some magic we could do in the subsystem to get rid of those.

Removing dependencies section would brake it when deployed as WAR though. Can you modify the dependencies in the deployment-process instead?

> >
> > ----- Original Message -----
> >> From: "Stian Thorgersen" <stian at redhat.com>
> >> To: "Stan Silvert" <ssilvert at redhat.com>
> >> Cc: keycloak-dev at lists.jboss.org
> >> Sent: Wednesday, 29 October, 2014 3:56:18 PM
> >> Subject: Re: [keycloak-dev] Notes on KEYCLOAK-795: Move Auth Server into
> >> KC subsystem
> >>
> >> I'd like to have a look at this before we merge it, but won't have time
> >> until
> >> tomorrow (maybe Friday).
> >>
> >> ----- Original Message -----
> >>> From: "Stan Silvert" <ssilvert at redhat.com>
> >>> To: keycloak-dev at lists.jboss.org
> >>> Sent: Wednesday, 29 October, 2014 3:25:55 PM
> >>> Subject: Re: [keycloak-dev] Notes on KEYCLOAK-795: Move Auth Server into
> >>> KC
> >>> subsystem
> >>>
> >>> On 10/29/2014 10:07 AM, Bill Burke wrote:
> >>>> On 10/29/2014 9:28 AM, Stan Silvert wrote:
> >>>>>     * EAP6 does not yet support all this.  We should discuss whether or
> >>>>>       not this functionality should be backported.
> >>>>>
> >>>> +1 for this, but maybe some focus should be on getting a more seamless
> >>>> "hello world" like we discussed in a previous thread?
> >>>>
> >>> I agree.  IMO, the next step should be Feature Pack installation and the
> >>> seamless "hello world".   Then we look at EAP6.
> >>> _______________________________________________
> >>> keycloak-dev mailing list
> >>> keycloak-dev at lists.jboss.org
> >>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
> >>>
> >> _______________________________________________
> >> keycloak-dev mailing list
> >> keycloak-dev at lists.jboss.org
> >> https://lists.jboss.org/mailman/listinfo/keycloak-dev
> >>
> 
>

More information about the keycloak-dev mailing list