[keycloak-dev] Keycloak Subsystem PR

Stian Thorgersen stian at redhat.com
Thu Feb 6 04:52:48 EST 2014 


----- Original Message -----
> From: "Bill Burke" <bburke at redhat.com>
> To: keycloak-dev at lists.jboss.org
> Sent: Thursday, 6 February, 2014 1:40:10 AM
> Subject: Re: [keycloak-dev] Keycloak Subsystem PR
> 
> I assume that we want to override any login-config/auth-method settings
> in the web.xml if the keycloak subsystem is using the deployment?
> Meaning, if web.xml defines auth-method as BASIC, and the subsystem has
> that war listed as a deployment we override the auth-method to be KEYCLOAK?

+1

> 
> 
> On 1/30/2014 9:59 AM, ssilvert at redhat.com wrote:
> > I've done the initial pull request for the Keycloak subsystem.  After
> > starting fresh with the latest build I was finally able to verify  that
> > it really does work end to end!
> >
> > I probably won't have much more time to work on Keycloak for the next
> > 4-5 weeks.  So I'll try to put everything I know about it into these
> > notes in case someone wants to take it over.  I happy to answer
> > questions though.
> >
> > Directions to try the subsystem on your own:
> > * Build the new subsystem module.
> > * Rebuild the undertow adapter.  The EAP6 adapter has not been updated
> > to use the subsystem, so you will need to use WildFly.
> > * Update standalone.xml.  I've attached a version of standalone.xml that
> > I used with the Keycloak appliance.  It shows adding the Keycloak
> > extension near the top of the file and adding the subsystem definition
> > near the bottom.
> > * Copy
> > keycloak/subsystem/target/keycloak-subsystem-1.0-alpha-2-SNAPSHOT.jar to
> > <WILDFLY_HOME>/modules/system/layers/base/org/keycloak/keycloak-subsystem/main
> > * Copy
> > keycloak/distribution/modules/src/main/resources/modules/org/keycloak/keycloak-subsystem/main/module.xml
> > to
> > <WILDFLY_HOME>/modules/system/layers/base/org/keycloak/keycloak-subsystem/main
> > * Edit module.xml and add the subsystem jar as a resource-root.
> > Alternatively, you can just use the module.xml attached to this email.
> > * Copy
> > keycloak/integration/undertow/target/keycloak-undertow-adapter-1.0-alpha-2-SNAPSHOT.jar
> > to
> > <WILDFLY_HOME>/modules/system/layers/base/org/keycloak/keycloak-undertow-adapter/main
> >
> > Now if you reboot WildFly you can view and manipulate the subsystem
> > using CLI or CLI GUI.  All operations such as add/remove/write-attribute
> > should be working.  I recommend CLI GUI so you can see everything in
> > context.  https://community.jboss.org/wiki/AGUIForTheCommandLineInterface
> >
> > To test the subsystem with a live application, I did the following:
> > * Copy the customer-portal.war to customer-portal-subsys.war.
> > * Remove keycloak.json and jboss-deployment-structure.xml from the WAR.
> > The subsystem makes those files redundant.
> > * Edit the web.xml inside the WAR and change the <module-name> to
> > customer-portal-subsys.  I'm not sure if this is really needed.  If we
> > need to manipulate web.xml settings at deploy time then the subsystem
> > can be modified to do that too.
> > * Define the customer-portal-subsys application in Keycloak Admin.  It
> > should have the same settings as customer-portal.
> > * Deploy customer-portal-subsys.war to WildFly and test it out.
> >
> > Future tasks for the Keycloak Subsystem:
> > * Integration with the Keycloak Admin
> > * Review the attributes of realm and secure-deployment to make sure they
> > align with keycloak.json.
> > * Fill in help text in
> > keycloak/subsystem/src/main/resources/org/keycloak/subsystem/extension/LocalDescriptions.properties
> > * See comments in KeycloakAdapterConfigService.java.  This class may
> > work better as a plain Singleton instead of a service.
> > * It probably wouldn't hurt to ask Brian Stansberry to give the
> > subsystem a quick review.
> > * More tests
> > * Package the subsystem with the distribution
> > * Documentation
> >
> >
> >
> >
> > _______________________________________________
> > keycloak-dev mailing list
> > keycloak-dev at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-dev
> >
> 
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>

More information about the keycloak-dev mailing list