Well, the keycloak.json config is just a means to configure a KeycloakDeployment from an AdapterConfig object. Specifically for the the Spring adapter, the AdapterDeploymentContextBean would have to be aware that the deployment changed. There would be a minimal amount of code needed to support that and we can modify AdapterDeploymentContextBean to be more flexible.

Just so I understand what you're asking for: you want to be able to update a KeycloakDeployment on-the-fly, correct? Also, you're aware that a keycloak.json can be configured at startup via either environment variables on command like properties, correct? You have to change at runtime?

I think the AdapterDeploymentContextBean should be as flexible as possible, however I have a small concern about the security of allowing certain properties to be swapped at runtime (e.g. the realm-public-key and the auth-server-url).

Best,
Scott


On Mon, Jul 6, 2015 at 7:33 AM, Orestis Tsakiridis <orestis.tsakiridis@telestax.com> wrote:
Hello,

I'm securing a REST bearer-only application using keycloak.

Is there any way to change keycloak.json adapter config file on the fly so that it can take effect without restarting the container?

Will just editing keycloak.json work? I guess not.

What i want to do is complete an administrative task that will provide the information needed for keycloak.json such as 'resource', edit keycloak.json and then make this configuration effective for the REST api.


Best regards

Orestis

_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user