[keycloak-user] Openshift installation

Bill Burke bburke at redhat.com
Sat Mar 1 11:10:11 EST 2014

On 3/1/2014 10:59 AM, BillDrawer Administrator wrote:
> Hi everybody,
> I'm trying to install keycloak on openshift but  server returned an
> unexpected error, as follow:
>> The cartridge
>> 'https://raw.github.com/keycloak/openshift-keycloak-cartridge/master/metadata/manifest.yml'
>> will be downloaded and installed
>> Application Options
>> -------------------
>> Domain: billdrawer
>> Cartridges:
>> https://raw.github.com/keycloak/openshift-keycloak-cartridge/master/metadata/manifest.yml
>> Gear Size: default
>> Scaling: no
>> Creating application 'keycloak' ... Server returned an unexpected
>> error code: 504
> I'm developing a project called BillDrawer and I'm going to develop a
> distributed architecture, to give you an idea
> http://www.asciiflow.com/#Draw1257757860375711949.
> I just developed the core module of my project but the security is my
> first concern so now I was using ApacheShiro
> https://shiro.apache.org/ and PAC4J https://github.com/bujiio/buji-pac4j
> when I discovered Keycloak.
> I would be glad to adopt  Keycloak even if is in alpha stage and
> cotribute as a case study.
> To evaluate the adoption I would like to understand:
> 1- Do I need Shiro or PAC4J with Keycloa?

Haven't heard of either of these frameworks.  Looks like "no" for Shior, 
maybe for PAC4j.  Keycloak alpha2 is an extension of OAuth 2.0, 
specifically the access token format.  We support auth code flow with 
confidential clients only at the moment.  The token grant request also 
doesn't follow OAuth 2.0 confidential client authentication.

BUT... Starting with Alpha 3 (probable release before March 14th), we're 
shooting for minimal required Open ID Connect compliance.  FYI, Open ID 
Connect is a derivative of OAuth 2.0 as well, so any OAuth 2.0 client 
adapter should work starting with Alpha 3.

What servlet/HTTP container are you deploying to?

> 2- Is there a pulbic roadmap


Its a bit out of sync at the moment with our up-to-date plans, but we 
have a pretty aggressive schedule and are willing to accommodate as many 
user requirements as we can.

Bill Burke
JBoss, a division of Red Hat

More information about the keycloak-user mailing list