3:51 p.m.
* What are the benefits of it. Specifically. I'll need to state this
in the release blog.
* Where is the documentation for it? Benefits, how to configure,
manage? How to add new providers? Modify keycloak-server.json, etc...
This can't be released or brought into the appliance until it is
documented thoroughly.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
7:46 a.m.
On 10/31/2014 4:51 PM, Bill Burke wrote:
* What are the benefits of it. Specifically. I'll need to state
this
in the release blog.
* Support auth-server running in a WildFly domain (It's possible
today, but this makes it much easier).
* Eliminate deployment from /deployments directory to make it a proper
service instead of an ordinary app.
* Eliminate need to explode or crack open auth-server.war. Keep it
intact so it doesn't need to be hacked up.
* Load user-provided overlays for keycloak-server.json, SPI jars, and
theme jars.
* Allow uploading the above from CLI (and eventually from Keycloak
Admin console).
* Allow more than one auth-server in a WildFly instance.
* Where is the documentation for it? Benefits, how to configure,
manage? How to add new providers? Modify keycloak-server.json, etc...
Still
working on the docs. Stain brought up the point about
enabling/disabling confidential transport, which seems really
important. So I'm adding that feature before I finish the docs.
This can't be released or brought into the appliance until it is
documented thoroughly.
Right. Please don't merge until I'm done. If I
miss this release,
that's OK. This is a pretty big change and I don't want to release it
until everyone is satisfied that it's ready.
7:56 a.m.
On 11/1/2014 8:46 AM, Stan Silvert wrote:
On 10/31/2014 4:51 PM, Bill Burke wrote:
> * What are the benefits of it. Specifically. I'll need to state this
> in the release blog.
* Support auth-server running in a WildFly domain (It's possible
today, but this makes it much easier).
* Eliminate deployment from /deployments directory to make it a proper
service instead of an ordinary app.
* Eliminate need to explode or crack open auth-server.war. Keep it
intact so it doesn't need to be hacked up.
* Load user-provided overlays for keycloak-server.json, SPI jars, and
theme jars.
* Allow uploading the above from CLI (and eventually from Keycloak
Admin console).
* Allow more than one auth-server in a WildFly instance.
>
> * Where is the documentation for it? Benefits, how to configure,
> manage? How to add new providers? Modify keycloak-server.json, etc...
Still working on the docs. Stain brought up the point about
enabling/disabling confidential transport, which seems really
important. So I'm adding that feature before I finish the docs.
Honestly, confidential transport is not that important as Keycloak
checks SSL settings every request anyways. This is actually something
we might want to add to the adapter's subsystem XML though.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
8:46 a.m.
On 11/1/2014 8:56 AM, Bill Burke wrote:
On 11/1/2014 8:46 AM, Stan Silvert wrote:
> On 10/31/2014 4:51 PM, Bill Burke wrote:
>> * What are the benefits of it. Specifically. I'll need to state this
>> in the release blog.
> * Support auth-server running in a WildFly domain (It's possible
> today, but this makes it much easier).
> * Eliminate deployment from /deployments directory to make it a proper
> service instead of an ordinary app.
> * Eliminate need to explode or crack open auth-server.war. Keep it
> intact so it doesn't need to be hacked up.
> * Load user-provided overlays for keycloak-server.json, SPI jars, and
> theme jars.
> * Allow uploading the above from CLI (and eventually from Keycloak
> Admin console).
> * Allow more than one auth-server in a WildFly instance.
>
>> * Where is the documentation for it? Benefits, how to configure,
>> manage? How to add new providers? Modify keycloak-server.json, etc...
> Still working on the docs. Stain brought up the point about
> enabling/disabling confidential transport, which seems really
> important. So I'm adding that feature before I finish the docs.
Honestly, confidential transport is not that important as Keycloak
checks SSL settings every request anyways. This is actually something
we might want to add to the adapter's subsystem XML though.
ssl-required is already there for the adapter's subsystem XML. Is that
what you are talking about?
8:47 a.m.
On 11/1/2014 8:56 AM, Bill Burke wrote:
On 11/1/2014 8:46 AM, Stan Silvert wrote:
> On 10/31/2014 4:51 PM, Bill Burke wrote:
>> * What are the benefits of it. Specifically. I'll need to state this
>> in the release blog.
> * Support auth-server running in a WildFly domain (It's possible
> today, but this makes it much easier).
> * Eliminate deployment from /deployments directory to make it a proper
> service instead of an ordinary app.
> * Eliminate need to explode or crack open auth-server.war. Keep it
> intact so it doesn't need to be hacked up.
> * Load user-provided overlays for keycloak-server.json, SPI jars, and
> theme jars.
> * Allow uploading the above from CLI (and eventually from Keycloak
> Admin console).
> * Allow more than one auth-server in a WildFly instance.
>
>> * Where is the documentation for it? Benefits, how to configure,
>> manage? How to add new providers? Modify keycloak-server.json, etc...
> Still working on the docs. Stain brought up the point about
> enabling/disabling confidential transport, which seems really
> important. So I'm adding that feature before I finish the docs.
Honestly, confidential transport is not that important as Keycloak
checks SSL settings every request anyways.
So do we not need to worry about this at
all? Can the commented
version be removed from web.xml?
This is actually something
we might want to add to the adapter's subsystem XML though.
4:34 p.m.
I've update the PR with new documentation sections 3.3 and 3.5. Also,
the appliance dist and WildFly dist now include an updated version of
the CLI/CLI GUI tool so you can upload keycloak-server.json, provider
jars, and theme jars.
I've done a quick smoke test. I'll be doing some more testing on it
Monday morning.
On 11/1/2014 8:56 AM, Bill Burke wrote:
On 11/1/2014 8:46 AM, Stan Silvert wrote:
> On 10/31/2014 4:51 PM, Bill Burke wrote:
>> * What are the benefits of it. Specifically. I'll need to state this
>> in the release blog.
> * Support auth-server running in a WildFly domain (It's possible
> today, but this makes it much easier).
> * Eliminate deployment from /deployments directory to make it a proper
> service instead of an ordinary app.
> * Eliminate need to explode or crack open auth-server.war. Keep it
> intact so it doesn't need to be hacked up.
> * Load user-provided overlays for keycloak-server.json, SPI jars, and
> theme jars.
> * Allow uploading the above from CLI (and eventually from Keycloak
> Admin console).
> * Allow more than one auth-server in a WildFly instance.
>
>> * Where is the documentation for it? Benefits, how to configure,
>> manage? How to add new providers? Modify keycloak-server.json, etc...
> Still working on the docs. Stain brought up the point about
> enabling/disabling confidential transport, which seems really
> important. So I'm adding that feature before I finish the docs.
Honestly, confidential transport is not that important as Keycloak
checks SSL settings every request anyways. This is actually something
we might want to add to the adapter's subsystem XML though.
3702
days inactive
3704
days old
5 comments
2 participants
participants (2)
-
Bill Burke -
Stan Silvert