Hi guys! I have a large enterprise with multiple applications with web front-end that store different type of data. There is a single portal that allows the users to see aggregated data from the different applications but the user is also allowed to see the data through the user interfaces of the separate applications. Some of the apps are with JSF ui, other use pure html/js + jax-rs. What I need is:
* Have a SSO so that the user can log once and browse all of the applications
* When the portal fetches data from the other applications using REST calls, the requests should be performed with the credentials of the currently logged user, just as the user requested the application directly, not through the portal

You may find such example useful.

On Tue, Mar 11, 2014 at 2:40 PM, Bill Burke <bburke@redhat.com> wrote:

On 3/11/2014 6:06 AM, Stian Thorgersen wrote:
> I find the examples a bit confusing, and also not that great to help people get started building their own apps.

Err. Why?  They are extremely simple.  Especially if you follow the
screencast tutorials.  Most Wildfly developers already know how to set
up web.xml constraints.  As a Wildfly developer I just want to see how
Keycloak is wired in.  Anything else is a distraction.

> One idea would be to have a single configuration of the examples. Only deployable to WildFly and deployed using the subsystem. It would be great to see these deployed (and configured) to Keycloak with a single command ('mvn clean install jboss-as:deploy'?).

?  The preconfigured-demo is 3 steps in the appliance-dist:

1. boot keycloak/wildfly
2. load the demo realm through the admin console.
3. mvn clean install jboss-as:deploy

The preconfigured demo works OOTB on both Wildfly, EAP, and AS7.  Its
all spelled out in the README.md file in that directory.  The examples
*already* use the Wildfly subsystem, just not metadata from
standalone.xml.  And that's ok because, IMO, we're not sure yet how
developers will want to deploy keycloak.  Many will prefer
keycloak.json, many will prefer standalone.xml.

The unconfigured-demo exists for tutorials, where the tutorial walks you
step by step creating the realm, applications, and users in the admin
console.  Then configuring the web applications themselves.

> Then we'd add a new repo called keycloak-quickstarts. This would contain very basic quickstarts that can be used to get started. Some initial quickstarts we could add:

sure, have a repo if you want to, but the examples should be shipped
with the distro as well.  An example repo requires extra steps to get
the user up and running with Keycloak.   It could also get out of sync
with the Keycloak version the user wants to run with.  What do you do if
the person doesn't know GIT?

> * Installed application
> * "Local" JavaScript application
> * "Remote" JavaScript application
> * Server-side application (JSF?)
> * Bearer only service
> * Third-party application
> * WildFly deployment

The demo already has most of those examples.

I agree we need more examples, I just don't see what's wrong with the
current ones.  I've written a lot of examples/tutorials over the years:
EJB, JPA, JAX-RS, now Keycloak.  Users prefer insanely simple examples
that focus on the feature they are learning about.  Then, one very large
example that brings all the pieces together.

What we're missing is the bigger examples.

Bill Burke
JBoss, a division of Red Hat
keycloak-dev mailing list