Re: [keycloak-dev] Keycloak M1 distribution
On 11/1/2013 10:50 AM, Stian Thorgersen wrote:
I've committed something for this now. I added a server war
module, and a dist module. If you build the project with "-Prelease" it will
create a standalone Keycloak server in dist/target. At the moment it is built on-top of AS
7.1.1.Final.
I wish we could distribute EAP.... PM really fucked us by holding up AS7
community releases.
I'd like to also like to have the following:
* remove AS7/Wildfly subsystems that don't make sense to make the distro
smaller.
* Automatically generate keypair/cert for SSL on startup if not already
set up.
* secure JBoss/Wildfly web console with Keycloak. This means adding an
Application to the "Keycloak Adminstration" realm and applying
appropriate permissions to "admin" user.
more comments follow...
Currently the database is not configured and it's just using the
example datasource (H2 in-mem, so data is lost on restart).
----- Original Message -----
> From: "Bill Burke" <bburke(a)redhat.com>
> To: keycloak-dev(a)lists.jboss.org
> Sent: Wednesday, 30 October, 2013 8:08:35 PM
> Subject: Re: [keycloak-dev] Keycloak M1 distribution
>
> I wanted the distro to be AS7 or Wildfly distro, not just a war. All
> preconfigured with SSL, DB, etc. An appliance. Would be cool to
> auto-gen a new key-pair for SSL on initial startup, but not sure how
> feasible that is.
>
> If I had to pick one or the other, distro should take priority over
> Openshift, but we should be able to do both.
An OpenShift QuickStart is really not that much work. We can base it on
https://github.com/stianst/openshift-wildfly, make it dl Keycloak dist instead of WildFly
dist, add some magic around db config. Should be less than a days work.
This will look really nice.
>
> Also, not sure how much it makes sense to ship a Wildfly distro without
> a Wildfly application adapter. I only partially implemented it a few
> months ago. It on the short list for my todo list.
At the moment there's blockers for being able to use WildFly, the adapter and issues
with PicketLink. Besides, it's only a beta at the moment, so I don't think
it's to unreasonable that we ship M1 with AS 7.1.1.Final.
I need to do a Wildfly adapter sooner rather than later to make sure the
Undertow auth model will work with what we want to do. I'm also
currently creating a pure JPA model (see previous email) so we dont'
have to worry about PL issues anymore.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com