[keycloak-dev] Making "hello world" with Wildfly easier
Bill Burke
bburke at redhat.com
Mon Oct 27 14:17:05 EDT 2014
Why that? Just do this:
<login-config>
<auth-method>KEYCLOAK</auth-method>
<realm-name>myrealm</realm-name>
</login-config>
Then automatically register the app using the war service name.
We could extend this to a URL:
<login-config>
<auth-method>KEYCLOAK</auth-method>
<realm-name>https://keycloak.idp.com/auth/realms/myrealm</realm-name>
</login-config>
On 10/27/2014 1:21 PM, Stan Silvert wrote:
> It could be as simple as adding a single servlet context param to web.xml.
>
> <context-param>
> <param-name>keycloak-realm</param-name>
> <param-value>myrealm</param-value>
> </context-param>
>
> The Keycloak subsystem sees that and sets up all the defaults you need.
> It could create the realm, secure-deployment, datasource, start an auth
> server instance, etc.
>
> <
> On 10/27/2014 12:53 PM, Bill Burke wrote:
>> Bolek made a good point to me privately. If you were creating a simple
>> "hello world" app, would you use Keycloak? Right now, there's a lot of
>> configuration steps.
>>
>> 1. Install keycloak server and/or adapter (unless you are using the
>> appliance distro.
>> 2. Log into admin console
>> 3. Create a realm
>> 4. Create an application
>> 5. Enter in all the configuration items
>> 6. Extract a keycloak.json file (or service.xml)
>> 7. Edit the WAR or add service.xml to standalone.xml
>> 8. Back to admin console
>> 9. Create some users
>>
>> How could we make it better?
>>
>> * Have a test realm pre-set up
>> * Keycloak adapter is aware of a locally installed server and of the
>> test realm
>> * adapter an automatically registers the web app with the locally
>> installed test realm.
>> * Have a JAAS User Federation SPI plugin and have it pre set up with the
>> test realm.
>> * Have IP ACL per realm so that the test realm can't be accessed outside
>> of localhost.
>>
>> Other ideas?
>>
>>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-dev
mailing list