<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
Stian,<br>
<br>
To follow up to this issue, we deployed Keycloak alone and restarted
wildfly a number of times in different ways (sudo service wildfly
restart / stop, CLI) and could not reproduce this. It seems that
the only way we could (unreliably) reproduce this issue is if there
is another application deployed to Wildfly. Not sure at all why it
would happen with another application there, but we'll proceed with
KC on its own instance.<br>
<br>
Thanks.<br>
<br>
<br>
<br>
-Brooks<br>
<br>
<div class="moz-cite-prefix">On 06/06/2016 05:08 PM, Stan Silvert
wrote:<br>
</div>
<blockquote cite="mid:5755E64D.1090809@redhat.com" type="cite">
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
<div class="moz-cite-prefix">On 6/6/2016 4:55 PM, Brooks Isoldi
wrote:<br>
</div>
<blockquote cite="mid:5755E345.6040703@traversed.com" type="cite">
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
We will give it a shot and try to reproduce with just the
keycloak-server.war file alone.<br>
<br>
Meanwhile, can you give some instruction on how to tie my
application into the Keycloak authentication? The manual says
to drop the following into the web.xml file:<br>
<br>
<login-config><br>
<auth-method>KEYCLOAK</auth-method><br>
<realm-name>app-name</realm-name><br>
</login-config><br>
</blockquote>
You will still need the auth-method.<br>
<blockquote cite="mid:5755E345.6040703@traversed.com" type="cite">
<br>
I assume that will not work if keycloak resides on a totally
separate server...Or will that be taken care of by the
"auth-server-url" in the keycloak.json file?<br>
</blockquote>
See the section on how to use the WildFly adapter for your
application/client.
<a moz-do-not-send="true" class="moz-txt-link-freetext"
href="http://keycloak.github.io/docs/userguide/keycloak-server/html/ch08.html#jboss-adapter">http://keycloak.github.io/docs/userguide/keycloak-server/html/ch08.html#jboss-adapter</a><br>
<blockquote cite="mid:5755E345.6040703@traversed.com" type="cite">
<br>
Thanks.<br>
<br>
<br>
<br>
<br>
<div class="moz-cite-prefix">On 06/06/2016 04:34 PM, Stan
Silvert wrote:<br>
</div>
<blockquote cite="mid:5755DE4A.2060004@redhat.com" type="cite">
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
<div class="moz-cite-prefix">We strongly, strongly, strongly
discourage application deployment on the Keycloak server.
In fact, we might soon be taking steps keep people from
doing that.<br>
<br>
Can you re-create the problem with the Keycloak server
alone?<br>
<br>
On 6/6/2016 4:00 PM, Brooks Isoldi wrote:<br>
</div>
<blockquote cite="mid:5755D663.1050800@traversed.com"
type="cite">
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
Stian,<br>
<br>
I apologize, by "non-JEE" application, I meant only that it
does not rely on standalone-full.xml. We're using only
standalone.xml for the application deployed to the keycloak
wildfly server.<br>
<br>
Thanks.<br>
<br>
<br>
<br>
<br>
<div class="moz-cite-prefix">On 06/06/2016 02:19 PM, Brooks
Isoldi wrote:<br>
</div>
<blockquote cite="mid:5755BECD.2060801@traversed.com"
type="cite">
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
Bill,<br>
<br>
We do not see the war being redeployed upon startup.<br>
<br>
<br>
Stian,<br>
<br>
We are deploying a non-JEE application to the Keycloak
Wildfly instance and our initial setup process includes
the following commands:<br>
<br>
<br>
sudo ./jboss-cli.sh -c <<EOF<br>
module add --name=org.postgres
--resources=${KEYCLOAK_INSTALL_DIR}/${JDBC_FILENAME}
--dependencies=javax.api,javax.transaction.api<br>
/subsystem=datasources/jdbc-driver=postgres:add(driver-name="postgres",driver-module-name="org.postgres",driver-class-name=org.postgresql.Driver)<br>
data-source add --jndi-name=java:/PostgresDS
--name=PostgrePool
--connection-url=jdbc:postgresql://${POSTGRES_SERVER_URL}
--driver-name=postgres
--user-name=<<USERNAME>>
--password=<<PASSWORD>><br>
/core-service=management/security-realm=ApplicationRealm/server-identity=ssl/:add(keystore-path=keystore.jks,
keystore-relative-to=jboss.server.config.dir,
keystore-password=<<PASSWORD>>,
alias=keystore, key-password=<<PASSWORD>>)<br>
EOF<br>
<br>
sleep 10<br>
<br>
sudo service wildfly restart<br>
<br>
sleep 10<br>
<br>
sudo ./jboss-cli.sh -c <<EOF<br>
/subsystem=undertow/server=default-server/https-listener=https/:add(socket-binding=https,
security-realm=ApplicationRealm)<br>
EOF<br>
<br>
sleep 10<br>
<br>
sudo service wildfly restart<br>
<br>
sleep 10<br>
<br>
cd ${KEYCLOAK_INSTALL_DIR}/bin<br>
sudo ./jboss-cli.sh -c --file=adapter-install.cli<br>
<br>
<br>
<br>
<br>
<div class="moz-cite-prefix">On 06/06/2016 01:18 PM, Stian
Thorgersen wrote:<br>
</div>
<blockquote
cite="mid:CAJgngAeVwuGyWf_2FUNemjA_42Q4GCgiTyaPRWiUZt9om5kbEw@mail.gmail.com"
type="cite">
<div dir="ltr">Do you modify the standalone distribution
in any way? Do you deploy applications to it? Anything
else that you do to it that could affect this?</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On 6 June 2016 at 16:52,
Brooks Isoldi <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:brooks.isoldi@traversed.com"
target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:brooks.isoldi@traversed.com">brooks.isoldi@traversed.com</a></a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF"> I'm using
the standalone distribution of 1.9.4.Final.<br>
<br>
We have had this issue after executing "sudo
service wildfly restart" on command line. We've
also had it happen after starting Keycloak by
simply running ./$JBOSS_HOME/bin/standalone.sh
and after it starts up, hitting cntrl-c.
Additionally, we think it happened once while
running shutdown --restart=true within the JBOSS
CLI.<br>
<br>
This has happened numerous times now, however we
have not been able to create a reliable
reproduction procedure. I don't have logs to
share right now, however I have seen in the
server.log references to keycloak-server.war
being undeployed.
<div>
<div class="h5"><br>
<br>
<br>
<br>
<div>On 06/06/2016 02:00 AM, Stian
Thorgersen wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">What version of Keycloak
and what distribution (standalone,
overlay or demo) do you use?<br>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On 3 June 2016
at 21:56, Brooks Isoldi <span
dir="ltr"><<a
moz-do-not-send="true"
class="moz-txt-link-abbreviated"
href="mailto:brooks.isoldi@traversed.com"><a class="moz-txt-link-abbreviated" href="mailto:brooks.isoldi@traversed.com">brooks.isoldi@traversed.com</a></a>></span>
wrote:<br>
<blockquote class="gmail_quote"
style="margin:0 0 0
.8ex;border-left:1px #ccc
solid;padding-left:1ex">I've
configured Keycloak as a service on
Ubuntu 14.04 and I'm finding<br>
that terminating and restarting the
Wildfly service (sudo service<br>
wildfly restart) sometimes results
in the keycloak-server.war being<br>
undeployed and removed.<br>
<br>
Other times it happens by restarting
from within the CLI.<br>
<br>
How do I restart Wildfly without
terminating Keycloak?<br>
<br>
Thank you.<br>
<br>
<br>
<br>
-Brooks<br>
_______________________________________________<br>
keycloak-dev mailing list<br>
<a moz-do-not-send="true"
href="mailto:keycloak-dev@lists.jboss.org"
target="_blank">keycloak-dev@lists.jboss.org</a><br>
<a moz-do-not-send="true"
href="https://lists.jboss.org/mailman/listinfo/keycloak-dev"
rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a><br>
</blockquote>
</div>
<br>
</div>
</blockquote>
<br>
</div>
</div>
</div>
<br>
_______________________________________________<br>
keycloak-dev mailing list<br>
<a moz-do-not-send="true"
href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a><br>
<a moz-do-not-send="true"
href="https://lists.jboss.org/mailman/listinfo/keycloak-dev"
rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a><br>
</blockquote>
</div>
<br>
</div>
</blockquote>
<br>
</blockquote>
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
keycloak-dev mailing list
<a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a>
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/keycloak-dev">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a></pre>
</blockquote>
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
keycloak-dev mailing list
<a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a>
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/keycloak-dev">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a></pre>
</blockquote>
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
keycloak-dev mailing list
<a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a>
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/keycloak-dev">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a></pre>
</blockquote>
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
keycloak-dev mailing list
<a class="moz-txt-link-abbreviated" href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a>
<a class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/keycloak-dev">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a></pre>
</blockquote>
<br>
</body>
</html>