On 27.10.2014 17:53, Bill Burke wrote:
Bolek made a good point to me privately. If you were creating a
"hello world" app, would you use Keycloak? Right now, there's a lot of
1. Install keycloak server and/or adapter (unless you are using the
2. Log into admin console
3. Create a realm
4. Create an application
5. Enter in all the configuration items
6. Extract a keycloak.json file (or service.xml)
7. Edit the WAR or add service.xml to standalone.xml
8. Back to admin console
9. Create some users
How could we make it better?
* Have a test realm pre-set up
I wonder that we can do this as part of
this? We can remove ApplianceBootstrap and add this
keycloak-bootstrap.json file with basic data for both "master" and
"test" realm. This will allow people that they can add more users into
'master' or 'test' realm, or in production they can remove 'test'
* Keycloak adapter is aware of a locally installed server and of the
* adapter an automatically registers the web app with the locally
installed test realm.
Maybe we can partially support specification
? Not sure
how far we want to go with that. If we allow this auto-registration just
for the "test" realm (just development setup), then we may not need any
additional security of adapters to keycloak.
* Have a JAAS User Federation SPI plugin and have it pre set up with
* Have IP ACL per realm so that the test realm can't be accessed outside