<div dir="ltr"><div>Hello there!</div><div><br></div><div><br></div><div>For the AeroGear UnifiedPush Server Bruno and I started looking at Keycloak ([1]). On this branch, we basically include the adapater jar and a keycloak.json file and simply rely on Keycloak as an external service (e.g. as different WAR inside of the same containter). That works very well so far!!<br>
</div><div>However, here I have to create a realm in the server (either via Admin-Console or by including it via something like 'myRealm.json') and afterwards I have to 'hard-code' the public key into my own WAR file (keycloak.jso):</div>
<div><br></div><div><a href="https://github.com/aerogear/aerogear-unifiedpush-server/blob/keycloak/src/main/webapp/WEB-INF/keycloak.json#L3">https://github.com/aerogear/aerogear-unifiedpush-server/blob/keycloak/src/main/webapp/WEB-INF/keycloak.json#L3</a></div>
<div><br></div><div>So this would be a little bit of a negative effect;</div><div><br></div><div><br></div><div><br></div><div>Another option would be embedding the Keycloak JARs into my own WAR file, by adding all the dependent JARs, similiar to what the 'keycloak-server' does ([2]). At the end I'd have an uber WAR file, containing UPS and Keycloak facilities. However, I think the 'problem' w/ the 'hard-code' key inside of the keycloak.json would be there as well, right ? </div>
<div><br></div><div><br></div><div><br></div><div>On the IRC channel Stian mentioned that there will be a WildFly subsystem soon. I think, from what I hear, the real benefit of this subsystem are the following items:</div>
<div><br></div><div>* configuring realms through standalone.xml</div><div>* automatically sets up security for wars (using the wildfly adapter)</div><div><br></div><div>So, this option seems to let us avoid the above described keycloak.json 'issue', right ? </div>
<div><br></div><div>For a future integration w/ the Keycloak SSO server, I could leverage the Subsystem deliverables and bundle them w/ our own UnifiedPush Server distribution, to ensure things are running out of the box; Or is the subsystem not the best option for a Push/Keycloak integration ?</div>
<div><br></div><div><br></div><div><br></div><div>-Matthias</div><div><br></div><div><br></div><div>[1] <a href="https://github.com/aerogear/aerogear-unifiedpush-server/tree/keycloak">https://github.com/aerogear/aerogear-unifiedpush-server/tree/keycloak</a></div>
<div>[2] <a href="https://github.com/keycloak/keycloak/blob/master/server/pom.xml">https://github.com/keycloak/keycloak/blob/master/server/pom.xml</a></div><div><br></div>-- <br>Matthias Wessendorf <br><br>blog: <a href="http://matthiaswessendorf.wordpress.com/" target="_blank">http://matthiaswessendorf.wordpress.com/</a><br>
sessions: <a href="http://www.slideshare.net/mwessendorf" target="_blank">http://www.slideshare.net/mwessendorf</a><br>twitter: <a href="http://twitter.com/mwessendorf" target="_blank">http://twitter.com/mwessendorf</a>
</div>