[keycloak-dev] [keycloak-user] Location of User Federation Provider jar in Keycloak 1.1 Beta-2

Marek Posolda mposolda at redhat.com
Fri Jan 16 12:25:18 EST 2015 

On 16.1.2015 17:41, Stan Silvert wrote:
> On 1/16/2015 10:17 AM, Stian Thorgersen wrote:
>> ----- Original Message -----
>>> From: "Stan Silvert" <ssilvert at redhat.com>
>>> To: "Stian Thorgersen" <stian at redhat.com>
>>> Cc: keycloak-dev at lists.jboss.org
>>> Sent: Friday, 16 January, 2015 3:20:18 PM
>>> Subject: Re: [keycloak-user] Location of User Federation Provider jar in Keycloak 1.1 Beta-2
>>>
>>> On 1/16/2015 9:07 AM, Stian Thorgersen wrote:
>>>> Currently, I'm not overly happy with releasing 1.1.0.Final and it's down to
>>>> this issue. I should have raised it before, but it completely slipped my
>>>> mind :(
>>> We did talk about this at great length before.   I tried and tried to
>>> preserve the "drop it in the file system" approach.  It just plain won't
>>> work for domains.
>> I know we did, but I like changing my mind ;)
>>
>>>> IMO we need:
>>>>
>>>> 1. A usable way to deploy a provider without using the CLI GUI
>>>> 2. Ideally be able to deploy a provider with an offline server
>>> We have 5 ways to add a provider:
>>> 1. CLI
>>> 2. CLI GUI
>>> 3. CLI script
>>> 4. Explode the WAR in the subsystem and drop it in WEB-INF/lib
>>> 5. Use the war dist and do it the old way.
>> 1-3. If the CLI was easy to use that would work, except we also need to be able to do it offline.
> We can ship a script that makes this task a little easier as you suggest
> below.
>
> As for offline, I don't understand what the problem is.  You mentioned
> docker, which I haven't looked at much.  Why can't you have an image
> that was created from an overlaid Keycloak server?
>>    I don't really like the deployment overalys as it all feels a bit magical and black boxed.
> Don't you think it's better than telling them to hack our WAR?
>> 4.   I hate this - the user shouldn't have to explode the WAR and also it's in a really strange place for a user to find
> I hate it too.  I almost wish I hadn't implemented exploded mode.  I
> re-verified that it is working, btw.
I don't hate it as it provides at least "some way" to add providers in 
offline mode. It allows scripting too as there are just 2 commands 
needed in shell to unzip the WAR and copy the provider here. The 
locations sucks, but still.... it's better then force users to use CLI ;-)

Marek
>> 5.   That's not an option for the appliance
> You still could do it with the appliance if you wanted.
>
> But the idea of the appliance is that you shouldn't need to change it
> except through a UI.  That's where the overlay method will really shine,
> especially when we can get provider management into our own UI.  At that
> point, copying jars to a file system will look extremely primitive in
> comparison.
>> Maybe what we could do for now is to create add-provider.sh/bat scripts that makes it easier to do without any knowledge of CLI.
>>
>> Can we not use modules as Bill suggests? We could make the keycloak subsystem depend on a keycloak-providers module and users would register their provider modules there.
>>
>>> Why are these not sufficient?
>>>> ----- Original Message -----
>>>>> From: "Stan Silvert" <ssilvert at redhat.com>
>>>>> To: "Stian Thorgersen" <stian at redhat.com>
>>>>> Cc: keycloak-user at lists.jboss.org
>>>>> Sent: Friday, 16 January, 2015 2:13:24 PM
>>>>> Subject: Re: [keycloak-user] Location of User Federation Provider jar in
>>>>> Keycloak 1.1 Beta-2
>>>>>
>>>>> On 1/16/2015 2:19 AM, Stian Thorgersen wrote:
>>>>>> ----- Original Message -----
>>>>>>> From: "Stan Silvert" <ssilvert at redhat.com>
>>>>>>> To: "Stian Thorgersen" <stian at redhat.com>
>>>>>>> Cc: keycloak-user at lists.jboss.org
>>>>>>> Sent: Thursday, 15 January, 2015 9:23:48 PM
>>>>>>> Subject: Re: [keycloak-user] Location of User Federation Provider jar in
>>>>>>> Keycloak 1.1 Beta-2
>>>>>>>
>>>>>>> On 1/15/2015 9:29 AM, Stian Thorgersen wrote:
>>>>>>>> How is a provider added using the CLI? I can't find any examples on
>>>>>>>> that.
>>>>>>> In the doc there is a step-by-step example of how to do it.  See section
>>>>>>> 3.4.2.2.
>>>>>>> http://docs.jboss.org/keycloak/docs/1.1.0.Beta2/userguide/html/server-installation.html#d4e350
>>>>>> That example uses the CLI GUI, we need one that uses plain CLI
>>>>> Plain CLI is harder in this case.  CLI GUI lets you browse for the file
>>>>> you need.   Overall, plain CLI is a lot more error prone.
>>>>>
>>>>> If you do this once in CLI GUI then you will generate the CLI command
>>>>> that you can cut and paste into plain CLI or a script.  But if you want,
>>>>> I can include an example of that command.
>>>>>> There's also another issue with this approach, which I didn't stress
>>>>>> enough
>>>>>> last time around, it requires the server to be running to add providers.
>>>>>> That makes it much harder to for example create a Docker cartridge that
>>>>>> includes some custom providers.
>>>>> Perhaps we just need to document the fact that you can still explode the
>>>>> WAR and do it the old way?
>>>>>>>> Also, there are still several references in the docs and examples that
>>>>>>>> uses
>>>>>>>> the old approach of copying to WEB-INF/lib.
>>>>>>>>
>>>>>>>> ----- Original Message -----
>>>>>>>>> From: "Stan Silvert" <ssilvert at redhat.com>
>>>>>>>>> To: keycloak-user at lists.jboss.org
>>>>>>>>> Sent: Thursday, 15 January, 2015 2:09:56 PM
>>>>>>>>> Subject: Re: [keycloak-user] Location of User Federation Provider jar
>>>>>>>>> in
>>>>>>>>> Keycloak 1.1 Beta-2
>>>>>>>>>
>>>>>>>>> Providers are now uploaded using WildFly CLI or CLI GUI.
>>>>>>>>>
>>>>>>>>> See
>>>>>>>>> http://docs.jboss.org/keycloak/docs/1.1.0.Beta2/userguide/html/server-installation.html#d4e350
>>>>>>>>>
>>>>>>>>> On 1/15/2015 6:46 AM, prab rrrr wrote:
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Hi,
>>>>>>>>>
>>>>>>>>> I created a custom User Federation Provider and deployed it as per the
>>>>>>>>> documentation. It worked in earlier versions (1.1 Beta-1) but it
>>>>>>>>> appears
>>>>>>>>> that the location of Keycloak war in Wildfly has changed in 1.1 Beta-2
>>>>>>>>> version and it is no longer inflated. Can someone suggest where
>>>>>>>>> exactly
>>>>>>>>> I
>>>>>>>>> have to place the Federation provider jar in 1.1 Beta-2 version?
>>>>>>>>>
>>>>>>>>> Thanks,
>>>>>>>>> Raghu
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> keycloak-user mailing list keycloak-user at lists.jboss.org
>>>>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> keycloak-user mailing list
>>>>>>>>> keycloak-user at lists.jboss.org
>>>>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev

More information about the keycloak-dev mailing list