[keycloak-dev] Required fields?

ssilvert at redhat.com ssilvert at redhat.com
Tue Dec 17 15:01:00 EST 2013 

Bill,

When you have a moment, can you pick some reasonable defaults for all these?

null (undefined) is OK as a default for most attributes, but it doesn't
really make sense for booleans.  In a subsystem, if you leave a boolean
undefined then it is unclear to the user how the runtime will treat it.

On 12/12/2013 3:14 PM, Bill Burke wrote:
> Are you doing it like PL had it and specifying the WAR name?  There's 
> really two sets of config:
>
> Realm config (* if required):
>
> realm*
> realm-public-key*
> auth-url*
> code-url*
> ssl-not-required
> allow-any-hostname
> disable-trust-manager
> truststore (* if ssl and disable-trust-manager not set)
> truststore-password (* if ssl and disable-trust-manager not set)
> connection-pool-size
>
>
> Application config:
>
> resource
> use-resource-role-mappings
> credentials
> bearer-only
>
> Could be defined in both places to provide a default value (realm level) 
> and override (app level)
>
> enable-cors
> client-keystore
> client-keystore-password
> client-key-password
> cors-max-age
> cors-allowed-headers
> cors-allowed-methods
> expose-token
>
> Also a ResteasyClient (or Apache Http Client) should be created per 
> realm or per Wildfly/EAP instance and shared by each application. 
> There's also some refactoring that needs to be done here.  i.e. 
> auth-url/code-urls should be combined into a realm url.
>
> FYI, I'm about to refactor AS7/EAP adapter to either use an older 
> version of Resteasy or Apache HTtp Client.  I don't want to required 
> patching Resteasy to 3.0.5 for AS7/EAP applications.
>
>
>
>
> On 12/12/2013 2:40 PM, ssilvert at redhat.com wrote:
>> I'm working on letting the user specify the keycloak.json attributes
>> from the keycloak subsystem.  Each attribute in ManagedResourceConfig
>> becomes something you can change by editing standalone.xml or using CLI.
>>
>> I just need to know which attributes required for a keycloak deployment.
>> https://raw.github.com/keycloak/keycloak/master/core/src/main/java/org/keycloak/adapters/config/ManagedResourceConfig.java
>>
>> >From the code in ManagedResourceConfigLoader, it looks like the required
>> fields are:
>> realm
>> resource
>> realm-public-key
>> auth-url
>> code-url
>>
>> Is that correct?
>>
>> Stan
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>

More information about the keycloak-dev mailing list