[aerogear-dev] Keycloak integration
Bruno Oliveira
bruno at abstractj.org
Mon May 19 08:08:53 EDT 2014
I've already assigned some tasks to myself. I'll check the latest
updates from KC and UPS.
On 2014-05-16, Sebastien Blanc wrote:
> In addition to that I would like to mention that we rebased the Keycloak
> work from master into the Angular/UI Overhaul migration branch , it's
> currently on this branch :
>
> https://github.com/aerogear/aerogear-unifiedpush-server/tree/angular_keycloak
>
> To make testing easier a bundle (a not yet optimized) Console in the webapp
> folder.
>
> Sebi
>
>
>
>
>
> On Thu, May 15, 2014 at 11:20 AM, Matthias Wessendorf <mwessendorf at gmail.com
> > wrote:
>
> > this got merged;
> >
> > I have update the EPIC for this task:
> > https://issues.jboss.org/browse/AGPUSH-568
> >
> >
> > On Wed, May 14, 2014 at 4:10 PM, Matthias Wessendorf <matzew at apache.org>wrote:
> >
> >> I have submitted an _early_ PR to master to get the KC bits in - this
> >> will help the Angular.js based UI overhaul, as its currently lacks a proper
> >> login UI ;-)
> >>
> >> https://github.com/aerogear/aerogear-unifiedpush-server/pull/156
> >>
> >> Once that is merged to MASTER, the angular branch can be rebased on this;
> >>
> >> Note: I added notes for users, to go w/ a 'stable' 0.10.x version...
> >>
> >>
> >> -Matthias
> >>
> >>
> >> On Wed, May 14, 2014 at 9:10 AM, Matthias Wessendorf <matzew at apache.org>wrote:
> >>
> >>> Hello,
> >>>
> >>> here is an update on the integration: Bill did some updates to his
> >>> example template and worked on more things inside of Keycloak for a better
> >>> integration.
> >>>
> >>> Yesterday, I used his example work and applied it to our UPS:
> >>>
> >>> https://github.com/aerogear/aerogear-unifiedpush-server/tree/keycloak-two-war-integration
> >>>
> >>>
> >>> There is now an 'auth-server' module which produces a WAR (that also
> >>> contains an AeroGear theme), to be deployed to the AS:
> >>>
> >>> https://github.com/aerogear/aerogear-unifiedpush-server/tree/keycloak-two-war-integration/auth-server
> >>>
> >>>
> >>> The 'server' module is using a ContextListener for the configuration
> >>> work, instead of the previous keycloak.json file:
> >>>
> >>> https://github.com/aerogear/aerogear-unifiedpush-server/blob/keycloak-two-war-integration/server/src/main/java/org/jboss/aerogear/unifiedpush/keycloak/BootstrapListener.java
> >>>
> >>> Deploying the two WARs (auth before ups) will show the integration
> >>> (admin:admin is the initial password).
> >>>
> >>> IMO this is a huge step towards a proper Keycloak integration, but some
> >>> items are still open:
> >>> - nicer config (using his testrealm.json inside of the auth-server)
> >>> - user/roles mgmt
> >>> - integration w/ the new UI
> >>> - ...
> >>>
> >>> When Bruno is back, the work on this branch will continue.
> >>>
> >>> That's it for now.
> >>>
> >>> -Matthias
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>> On Tue, May 6, 2014 at 11:49 AM, Matthias Wessendorf <matzew at apache.org>wrote:
> >>>
> >>>> Hello folks!
> >>>>
> >>>> Bill Burk was helping on the Keycloak front and besides fixing related
> >>>> items on the Keycloak server, he also created an example that we can use as
> >>>> a template for the actual integration. See [1]
> >>>>
> >>>> In the past, Bruno and I did integrate w/ an external Keycloak server
> >>>> (see [2]), and we did include the keycloak.json file (See [3]). Thanks to
> >>>> Bill's work on Keycloak, the 'protected app' no longer needs that, see [4].
> >>>> Also there is no more the need to customize the Keycloak Rest
> >>>> Application (Stian and I did look into that as well).
> >>>>
> >>>>
> >>>> Good news: This means the UPS can stay as it is -> no need to change
> >>>> internals (e.g. the 'bundle all in one WAR file' did force us to change our
> >>>> '/rest' URLs, as Keycloak uses them, see [5]).
> >>>>
> >>>> Inside of our 'modular' Keycloak branch (see [2] again), we can apply
> >>>> the work from Bill:
> >>>> * our current 'server' module will use a listener similar to [4]
> >>>> * create a "ups-auth" module similar to [6]
> >>>>
> >>>> On the 'ups-auth module' there is one area where we need to have some
> >>>> future improvement:
> >>>> * testrealm.json -> needs to be in Java code, due to the URL being
> >>>> hard-coded in there (we need to resolve the URL of the host, running the
> >>>> bits). But, IMO for now that should be good enough.
> >>>>
> >>>> Bruno did offer to help out on the Keycloak integration, so that I can
> >>>> go back to the analytics and mertrics feature. Thanks abstractj!! <3
> >>>>
> >>>> Greetings,
> >>>> Matthias
> >>>>
> >>>> [1]
> >>>> https://github.com/keycloak/keycloak/tree/master/project-integrations/aerogear-ups
> >>>> [2]
> >>>> https://github.com/aerogear/aerogear-unifiedpush-server/tree/keycloak-modular
> >>>> [3]
> >>>> https://github.com/aerogear/aerogear-unifiedpush-server/blob/keycloak-modular/server/src/main/webapp/WEB-INF/keycloak.json
> >>>> [4]
> >>>> https://github.com/keycloak/keycloak/blob/master/project-integrations/aerogear-ups/app/src/main/java/org/keycloak/example/BootstrapListener.java
> >>>> [5]
> >>>> https://github.com/aerogear/aerogear-unifiedpush-server/tree/keycloak-embedded
> >>>> [6]
> >>>> https://github.com/keycloak/keycloak/tree/master/project-integrations/aerogear-ups/auth-server
> >>>>
> >>>>
> >>>> --
> >>>> Matthias Wessendorf
> >>>>
> >>>> blog: http://matthiaswessendorf.wordpress.com/
> >>>> sessions: http://www.slideshare.net/mwessendorf
> >>>> twitter: http://twitter.com/mwessendorf
> >>>>
> >>>
> >>>
> >>>
> >>> --
> >>> Matthias Wessendorf
> >>>
> >>> blog: http://matthiaswessendorf.wordpress.com/
> >>> sessions: http://www.slideshare.net/mwessendorf
> >>> twitter: http://twitter.com/mwessendorf
> >>>
> >>
> >>
> >>
> >> --
> >> Matthias Wessendorf
> >>
> >> blog: http://matthiaswessendorf.wordpress.com/
> >> sessions: http://www.slideshare.net/mwessendorf
> >> twitter: http://twitter.com/mwessendorf
> >>
> >
> >
> >
> > --
> > Matthias Wessendorf
> >
> > blog: http://matthiaswessendorf.wordpress.com/
> > sessions: http://www.slideshare.net/mwessendorf
> > twitter: http://twitter.com/mwessendorf
> >
> > _______________________________________________
> > aerogear-dev mailing list
> > aerogear-dev at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/aerogear-dev
> >
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev
--
abstractj
JBoss, a division of Red Hat
More information about the aerogear-dev
mailing list