I sent 3 pull requests that get the Spring Security adapter into shape for production usage. I started writing the documentation today and will be sending a PR tomorrow.
I have one more code related PR tomorrow to set up the default Spring Security configuration fully so there’s less to document. :)
When developing adapters, is there any benefit to using a browser redirect for logout vs calling:
KeycloakDeployment deployment = // get deployment
RefreshableKeycloakSecurityContext session = // get session
The main reason I ask is that both accomplish the same goal but the back channel method is actually better for integration with Spring Security.
Am I losing anything by using the back channel logout method?
I'm trying to implement Keycloak in my solution, but it turns out that I
need to have a completely different login page per application in the
same Realm. Keycloak allows me to create themes, but only at Realm
level, not at Application level.
How would you guys suggest me approaching this? Any plans to develop
such a feature or ways to work around it?
Thanks in advance!
Marcio Fernandes de Lima
SCJP, SCWCD, MySQL Core Certified
I'd like to use Keycloak with a mongoDB replica set as its backing store, but I didn't find any configuration option to make Keycloak connect to more than one mongo server.
Are there plans to support this in the future?
Thanks for your time and best regards,
Hermann Josef Hill
Ganghoferstraße 39 | 80339 München
Mobil +49 (151) 5385 0784
hermann.hill(a)optile.net | www.optile.net
Geschäftsführer: Daniel Smeds, Stefan Reinhardt
Handelsregister München HRB 183178
+++ creating an open payment world +++
I need to add one more module to automatically configure Spring Security for Spring Boot applications. This is a convenience but it’s also important to stop Spring Boot from registering the security filters twice.
This would be post 1.2.0 but I want to bring it up for two reasons.
First, documentation. For 1.2.0, I’ll add a note on the extra Spring Bean that has to be added to stop Spring from registering the Keycloak security filters twice.
Secondly, we need a decent module name. spring-boot-starter-keycloak would be inline with Spring’s boot starter naming conventions but I wanted to get your opinions first. There’s already a spring-boot adapter in Keycloak that uses the Tomcat adapter. I don’t want to confuse things. There’s also the option of maintaining this boot starter separately or trying to contribute it to Spring Boot if that’s a better place for it to live.
Is 1.2 being branched? What is the plan? I don't think any of us are
doing anything major prior to May 11th. Just do 1.2.Final in master?
JBoss, a division of Red Hat
In tracking down a bug I found that in certain cases the database (H2?)
that comes with Wildfly will perform table-level locks. It definitely
does a table lock in transactions that require inserts. Not sure if it
happens on regular row updates.
Makes me feel like we have been really lucky altogether that we haven't
run into problems so far.
JBoss, a division of Red Hat