How can the Keystore and Truststore passwords be reasonably saved? Just having them in plaintext in standalone.xml seems like kind of a "bad thing". Keycloak is running as a specific Active directory user, so set standalone as only accessible to that user and Domain Admins?