I propose we remove the providers directory. That would leave us with two
supported options to deploy providers:
* JEE hot-deployment - recommended approach in most cases
* Modules - for more static "deployment" of providers and would be required
to add custom SPIs
I need to deploy keycloak over MariaDB:
I downloaded the latest version of Keycloak, 2.5.1 and I want to connect
to my DB running over MariaDB.
I'm using the same JDBC driver that I also use for other applications:
I start WildFly, I open the console and I go to Deployment.
I load the mariadb-java-client-1.5.5.jar.
The driver is correctly loaded.
I shutdown the server, I edit the standalone.xml and I add:
<datasource jndi-name="java:jboss/MariaDBDS" pool-name="MariaDBDS">
I restart the server and I can see the new datasource.
I open it, I go to "Connection" and I receive the following error when I
try to test the connection:
12:12:51,248 ERROR [org.jboss.as.controller.management-operation]
(management task-7) WFLYCTL0013: Operation ("test-connection-in-pool")
failed - address: ([
("subsystem" => "datasources"),
("data-source" => "MariaDBDS")
]) - failure description: "WFLYJCA0040: failed to invoke operation:
WFLYJCA0047: Connection is not valid"
While writing tests for the quickstarts, we started to create some code
which I believe overlaps with the same thing ClientBuilder,
RealmBuilder...and other do today. I would like to expose these builders
to make people's life easy.
There are some options:
1. Move the builders available here to keycloak-core.
2. Move it to keycloak-test-helper
3. Do nothing and duplicate code that matters into keycloak-test-helper
I know that doing 1 or 2, is just silly if you think about quickstarts. But
at the same time, others can benefit from a more fluent API, to
programatically create users, realms...
I don't understand why async-http support for JAXRS is being used for
Authz requests. Async HTTP is only useful when you want to limit the
amount of long running requests or you have an operation that may block
for some time. Do you want to limit the number of authz requests that
can happen at one time? Or, do you have an operation that may block?
Otherwise I don't see the point of using async HTTP. It complicates the
Looking at your ScheduledPermissionEvaluator you aren't even using the
Executor that is passed into the constructor so its all happening in the
same thread anyways.
I find creating role policies as cumbersome. Also, how is the admin
supposed to know if a policy with a specific role has already been
created or not? Maybe policies can have DENY and PERMIT role lists.
when creating permissions you can just pick roles to add/remove to the
permission. I think the most used, most common case (90% of the time?)
will be assigning role permissions to resources so we should make it as
easy as possible. Both within the admin UI and APIs. Thoughts?