Feedback on examples
by Marek Posolda
I have few points regarding example applications:
- For third-party oauth client example, there is not possibility to
configure stuff through JSON but everything is hardcoded in classes
Bootstrap and ProductDatabaseClient. There are also some strange
comments in code like "This is the worst code ever" etc :-) This is not
so ideal IMO as I expect that people will often look to the source code
of these examples for inspiration. I believe that OAuth clients should
also have something like ManagedResourceConfigLoader for Applications.
- For the "third-party" OAuth client, I don't like the fact that when
user press "Cancel" in OAuth grant page, there is exception in
server.log and Tomcat error page displayed. I believe the behaviour
should be more user-friendly.
- Examples "customer-portal", "product-portal", "database-service" and
"oauth-client" are using package "org.jboss.reasteasy..." instead of
"org.keycloak..."
Any thoughts? Let me know if I should create JIRA or help with fixing those.
Marek
10 years, 11 months
#Keycloak on freenode
by Stian Thorgersen
I've started #keycloak on freenode.
You're all welcome to join me :)
10 years, 11 months
realm import/upload implemented
by Bill Burke
Stian made a great point earlier. "How are you planning to run the
demo?" Booting up the keycloak server with a System property is, well,
kinda hacky/lame and not useful beyond demo purposes.
So...
I implemented realm import, file upload on the "CREATE REALM" page. So,
on the create realm page, there are 2 fieldsets. One allows you to
upload a json file, the other allows you to create a realm with a
specific name. Importing/upload currently brings you to the realm list
page. I'll fix that to redirect if possible.
This new page may need some design.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
10 years, 11 months
Keycloak server environments
by Stian Thorgersen
Currently Keycloak runs on Undertow and relies heavily on Resteasy. This doesn't work for the LiveOak project in the long run.
After M1 I would like to create a Keycloak core that doesn't depend on Undertow or Resteasy. This should provide most of the logic except for wiring-up endpoints. For WildFly/EAP I would assume we'd provide endpoints using Undertow/Resteasy. Those would live in the Keycloak project. Then me and Marek will provide endpoints using Liveoak, these would live in the Liveoak project.
Further, for some dependencies I'd also like to make these pluggable. For example http client and json processing. Not sure what libraries would be required, but I basically don't want to bring in yet-another-library if one exists in Liveoak that can do the job.
In summary what I want to do is to make sure Keycloak can be run on both WildFly/EAP and LiveOak and at the same time:
* Share as much as possible of the code
* Implement REST endpoints in Liveoak with the minimum amount of code
* Reduce the amount of dependencies Keycloak introduces in Liveoak
10 years, 11 months
Congratulations
by Pedro Igor Silva
Hi guys,
I've watched Bill's videos about KeyCloak. KeyCloak looks awesome ! Congrats.
Regards.
Pedro Igor
10 years, 11 months
Required fields?
by ssilvert@redhat.com
I'm working on letting the user specify the keycloak.json attributes
from the keycloak subsystem. Each attribute in ManagedResourceConfig
becomes something you can change by editing standalone.xml or using CLI.
I just need to know which attributes required for a keycloak deployment.
https://raw.github.com/keycloak/keycloak/master/core/src/main/java/org/ke...
>From the code in ManagedResourceConfigLoader, it looks like the required
fields are:
realm
resource
realm-public-key
auth-url
code-url
Is that correct?
Stan
10 years, 11 months
Adapter refactor Step 1 complete
by Bill Burke
Resteasy has been factored out of all the adapters. The demo also no
longer requires Resteasy, nor does it require a Resteasy upgrade to 3.0.
So, it now runs out of the box with AS 7.1.1 and EAP 6.1
There's a lot more new modules.
keycloak-core-jaxrs - Which may go away
keycloak-adapter-core
keycloak-jaxrs-oauth-client
keycloak-servlet-oauth-client
We do now heavily depend on Apache Client 4.1.2 which is compatible with
4.2.1. But, I can't see a way around that as using java.net.URL is not
feasible.
Next, I'm going to finish up the Undertow/Wildfly adapter because I need
to make sure the refactored Undertow Security SPIs will still work with
Keycloak.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
10 years, 11 months
big refactor to remove resteasy jose/jwt
by Bill Burke
Okay,
I forked jose-jwt module for Resteasy and remove JAX-RS specific stuff.
Had to touch a bunch of files outside of "core" module. I also
started the process of moving JAX-RS stuff out of "core" module so I
created a new "core-jaxrs" module. This module may be temporary, not sure.
"core" no longer depends on Resteasy/JAX-RS.
Next I'll be working more on the adapters to refactor out resteasy.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
10 years, 11 months