[wildfly-dev] access to mgmt api/services

Tomaž Cerar tomaz.cerar at gmail.com
Thu Feb 6 10:38:55 EST 2014 

Maybe it is really time to write keycloak subsystem, that way you will be
able to expose also keycloak config via rest (and other mechanism)

--
tomaz


On Thu, Feb 6, 2014 at 4:35 PM, Bill Burke <bburke at redhat.com> wrote:

>
>
> On 2/5/2014 11:23 AM, Jason Greene wrote:
> >
> > On Feb 5, 2014, at 9:23 AM, Bill Burke <bburke at redhat.com> wrote:
> >
> >>
> >>
> >> On 1/27/2014 9:48 PM, Bill Burke wrote:
> >>>>> This is for bootstrap purposes for getting a Wildfly instance to
> join a
> >>>>> Keycloak federation.  I want the Keycloak server to be able to send
> >>>>> realm configuration information to a Wildfly instance (over HTTP(S))
> >>>>> that is joining the federation and have that instance store this
> >>>>> information within a subsystem.  So, it is a one off service that
> >>>>> happens after boot and may even be disabled afterwards.
> >>>>>
> >>>>>
> >>>>
> >>>> This can't be done using the HTTP management interface?
> >>>>
> >>>
> >>> After thinking a bit, I guess it could just use the HTTP mgmt intf.
> >>> Thanks for your patience helping me work this out.
> >>>
> >>
> >> Ok, found a reason why just using the HTTP mgmt interface isn't good
> enough:
> >>
> >> Openshift disables admin port :(  You can set up port forwarding to be
> >> able to access it, but, still kinda sucks for usability, which is what
> >> I'm trying to optimize.
> >
> > We have been planning to provide an OTB single port config for open
> shift, but it fell through the cracks. IIRC all of the hooks are there for
> it. I’ll put that on my TODO after we cut 8 Final, perhaps bundle it in
> 8.0.1.
> >
>
> Yet another reason is that it would be cool if there were a unified,
> common REST API that the Keycloak admin console could use to manage and
> talk to server instances that want to join or be managed by a Keycloak
> realm.  Without this common REST API, we would have to write a Keycloak
> server adapter (and UI screens) to handle them, which would mean that
> the Keycloak server would probably have to be shut down too to install
> any new adapter.
>
> The OP asked how to get access, locally, to mgmt api/services.  Brian's
> response was, "just use the HTTP interface".  I now have 2 reasons why
> "just use the HTTP interface" may not be feasible.
>
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
> _______________________________________________
> wildfly-dev mailing list
> wildfly-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/wildfly-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/wildfly-dev/attachments/20140206/b283f3fd/attachment-0001.html

More information about the wildfly-dev mailing list