[aerogear-dev] Keycloak integration
Sebastien Blanc
scm.blanc at gmail.com
Fri May 16 08:09:08 EDT 2014
In addition to that I would like to mention that we rebased the Keycloak
work from master into the Angular/UI Overhaul migration branch , it's
currently on this branch :
https://github.com/aerogear/aerogear-unifiedpush-server/tree/angular_keycloak
To make testing easier a bundle (a not yet optimized) Console in the webapp
folder.
Sebi
On Thu, May 15, 2014 at 11:20 AM, Matthias Wessendorf <mwessendorf at gmail.com
> wrote:
> this got merged;
>
> I have update the EPIC for this task:
> https://issues.jboss.org/browse/AGPUSH-568
>
>
> On Wed, May 14, 2014 at 4:10 PM, Matthias Wessendorf <matzew at apache.org>wrote:
>
>> I have submitted an _early_ PR to master to get the KC bits in - this
>> will help the Angular.js based UI overhaul, as its currently lacks a proper
>> login UI ;-)
>>
>> https://github.com/aerogear/aerogear-unifiedpush-server/pull/156
>>
>> Once that is merged to MASTER, the angular branch can be rebased on this;
>>
>> Note: I added notes for users, to go w/ a 'stable' 0.10.x version...
>>
>>
>> -Matthias
>>
>>
>> On Wed, May 14, 2014 at 9:10 AM, Matthias Wessendorf <matzew at apache.org>wrote:
>>
>>> Hello,
>>>
>>> here is an update on the integration: Bill did some updates to his
>>> example template and worked on more things inside of Keycloak for a better
>>> integration.
>>>
>>> Yesterday, I used his example work and applied it to our UPS:
>>>
>>> https://github.com/aerogear/aerogear-unifiedpush-server/tree/keycloak-two-war-integration
>>>
>>>
>>> There is now an 'auth-server' module which produces a WAR (that also
>>> contains an AeroGear theme), to be deployed to the AS:
>>>
>>> https://github.com/aerogear/aerogear-unifiedpush-server/tree/keycloak-two-war-integration/auth-server
>>>
>>>
>>> The 'server' module is using a ContextListener for the configuration
>>> work, instead of the previous keycloak.json file:
>>>
>>> https://github.com/aerogear/aerogear-unifiedpush-server/blob/keycloak-two-war-integration/server/src/main/java/org/jboss/aerogear/unifiedpush/keycloak/BootstrapListener.java
>>>
>>> Deploying the two WARs (auth before ups) will show the integration
>>> (admin:admin is the initial password).
>>>
>>> IMO this is a huge step towards a proper Keycloak integration, but some
>>> items are still open:
>>> - nicer config (using his testrealm.json inside of the auth-server)
>>> - user/roles mgmt
>>> - integration w/ the new UI
>>> - ...
>>>
>>> When Bruno is back, the work on this branch will continue.
>>>
>>> That's it for now.
>>>
>>> -Matthias
>>>
>>>
>>>
>>>
>>>
>>>
>>> On Tue, May 6, 2014 at 11:49 AM, Matthias Wessendorf <matzew at apache.org>wrote:
>>>
>>>> Hello folks!
>>>>
>>>> Bill Burk was helping on the Keycloak front and besides fixing related
>>>> items on the Keycloak server, he also created an example that we can use as
>>>> a template for the actual integration. See [1]
>>>>
>>>> In the past, Bruno and I did integrate w/ an external Keycloak server
>>>> (see [2]), and we did include the keycloak.json file (See [3]). Thanks to
>>>> Bill's work on Keycloak, the 'protected app' no longer needs that, see [4].
>>>> Also there is no more the need to customize the Keycloak Rest
>>>> Application (Stian and I did look into that as well).
>>>>
>>>>
>>>> Good news: This means the UPS can stay as it is -> no need to change
>>>> internals (e.g. the 'bundle all in one WAR file' did force us to change our
>>>> '/rest' URLs, as Keycloak uses them, see [5]).
>>>>
>>>> Inside of our 'modular' Keycloak branch (see [2] again), we can apply
>>>> the work from Bill:
>>>> * our current 'server' module will use a listener similar to [4]
>>>> * create a "ups-auth" module similar to [6]
>>>>
>>>> On the 'ups-auth module' there is one area where we need to have some
>>>> future improvement:
>>>> * testrealm.json -> needs to be in Java code, due to the URL being
>>>> hard-coded in there (we need to resolve the URL of the host, running the
>>>> bits). But, IMO for now that should be good enough.
>>>>
>>>> Bruno did offer to help out on the Keycloak integration, so that I can
>>>> go back to the analytics and mertrics feature. Thanks abstractj!! <3
>>>>
>>>> Greetings,
>>>> Matthias
>>>>
>>>> [1]
>>>> https://github.com/keycloak/keycloak/tree/master/project-integrations/aerogear-ups
>>>> [2]
>>>> https://github.com/aerogear/aerogear-unifiedpush-server/tree/keycloak-modular
>>>> [3]
>>>> https://github.com/aerogear/aerogear-unifiedpush-server/blob/keycloak-modular/server/src/main/webapp/WEB-INF/keycloak.json
>>>> [4]
>>>> https://github.com/keycloak/keycloak/blob/master/project-integrations/aerogear-ups/app/src/main/java/org/keycloak/example/BootstrapListener.java
>>>> [5]
>>>> https://github.com/aerogear/aerogear-unifiedpush-server/tree/keycloak-embedded
>>>> [6]
>>>> https://github.com/keycloak/keycloak/tree/master/project-integrations/aerogear-ups/auth-server
>>>>
>>>>
>>>> --
>>>> Matthias Wessendorf
>>>>
>>>> blog: http://matthiaswessendorf.wordpress.com/
>>>> sessions: http://www.slideshare.net/mwessendorf
>>>> twitter: http://twitter.com/mwessendorf
>>>>
>>>
>>>
>>>
>>> --
>>> Matthias Wessendorf
>>>
>>> blog: http://matthiaswessendorf.wordpress.com/
>>> sessions: http://www.slideshare.net/mwessendorf
>>> twitter: http://twitter.com/mwessendorf
>>>
>>
>>
>>
>> --
>> Matthias Wessendorf
>>
>> blog: http://matthiaswessendorf.wordpress.com/
>> sessions: http://www.slideshare.net/mwessendorf
>> twitter: http://twitter.com/mwessendorf
>>
>
>
>
> --
> Matthias Wessendorf
>
> blog: http://matthiaswessendorf.wordpress.com/
> sessions: http://www.slideshare.net/mwessendorf
> twitter: http://twitter.com/mwessendorf
>
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/aerogear-dev/attachments/20140516/3ccf3e97/attachment.html
More information about the aerogear-dev
mailing list