On Fri, Nov 27, 2015 at 4:09 PM, Andrej Prievalsky <ado.boj.83@gmail.com> wrote:

Hi all,

I go through Marko's instruction and as I already wrote him result is now successful.

Now I am in state, that under /opt/ I have 2 subdirectories
- wildfly-9.0.1.Final
and
-keycloak (unziped from keycloak-demo-1.3.1.Final.zip)

In wildfly-9.0.1.Final/domain/configuration/domain-modify.xml we have our modified domain.xml which runs with our modified "ha" profile and our groups and servers
In keycloack/domain/configuration/domain.xml is set configuration for keycloak in "ha" profile
Now I can switching between wildfly and keycloak.
But in future I would like to incorporate keycloak inside our domain-modify.xml.

Last time you wrote me, that keycloak-overlay have to run with
keycloak-wf9-adapter-dist.zip. Should I used keycloak-overlay with adapter for merge my wildfly with keycloak-overlay or should I merge domain-modify.xml and domain.xml?

Keycloak-overlay provides you with server bits. For server you have two alternatives - download the server distribution which comes packaged with latest Wildfly (9.0.2.Final the moment) , or use your existing Wildfly 9.0.2.Final and install keycloak server overlay into it. That's how you get a server.

If you want to deploy your applications to that same wildfly instance, and protect them with Keycloak then you need to install keycloak-wf9-adapter-dist, and adjust configuration to activate wildfly adapter subsystem.

Keycloak-demo dist already contains both server, and adapter bits, so you don't need server-overlay, nor adapter download.

The answer to your question is no it doesn't need keycloak-w9-adapter-dist, yes use overlay with wildfly-9.0.2, yes use adapter download with your wildfly-9.0.2 running the applications you want to protect, and it doesn't matter what the domain.xml file is called as long as the profile you're using has the server subsystems configured, and (if you also want to use it to run your applications) the adapter subsystem configured.

On Mon, Nov 9, 2015 at 10:07 AM, Marko Strukelj <mstrukel@redhat.com> wrote:
If you use keycloak-overlay, or keycloak-server dist then if you want to follow the above instructions to the letter, you also have to download and unpack keycloak-wf9-adapter-dist.zip.

The point of this exercise it to get things up and running with as few steps as possible to reduce the number of things that can go wrong since you've been having a great deal of problems with it, and it seems like your problems are the result of your particular way of wanting to set it up.

The point here is to show you that Keycloak server can be set up in domain mode, and it works. Apparently it's been impossible for us to determine the exact issue with your current set up, based on the information you have provided, apart from the fact that Keycloak doesn't seem to be initialised for you which is inconsistent with the configuration you have provided.

If you think there is something wrong with Keycloak then the only way for us to do anything about it at this point is for you to create exact instructions to reproduce the problem.