[keycloak-dev] Making "hello world" with Wildfly easier

Stan Silvert ssilvert at redhat.com
Mon Oct 27 14:38:39 EDT 2014 

I agree.  Using login-config makes more sense.

We just need to put together a wish list of what we want the subsystem 
to do when it sees that.

On 10/27/2014 2:17 PM, Bill Burke wrote:
> Why that?  Just do this:
>
>       <login-config>
>           <auth-method>KEYCLOAK</auth-method>
>           <realm-name>myrealm</realm-name>
>       </login-config>
>
> Then automatically register the app using the war service name.
>
> We could extend this to a URL:
>
>       <login-config>
>           <auth-method>KEYCLOAK</auth-method>
>   
> <realm-name>https://keycloak.idp.com/auth/realms/myrealm</realm-name>
>       </login-config>
>
>
>
>
>
>
>
>
>
> On 10/27/2014 1:21 PM, Stan Silvert wrote:
>> It could be as simple as adding a single servlet context param to web.xml.
>>
>> <context-param>
>>       <param-name>keycloak-realm</param-name>
>>       <param-value>myrealm</param-value>
>> </context-param>
>>
>> The Keycloak subsystem sees that and sets up all the defaults you need.
>> It could create the realm, secure-deployment, datasource, start an auth
>> server instance, etc.
>>
>> <
>> On 10/27/2014 12:53 PM, Bill Burke wrote:
>>> Bolek made a good point to me privately.  If you were creating a simple
>>> "hello world" app, would you use Keycloak?  Right now, there's a lot of
>>> configuration steps.
>>>
>>> 1. Install keycloak server and/or adapter (unless you are using the
>>> appliance distro.
>>> 2. Log into admin console
>>> 3. Create a realm
>>> 4. Create an application
>>> 5. Enter in all the configuration items
>>> 6. Extract a keycloak.json file (or service.xml)
>>> 7. Edit the WAR or add service.xml to standalone.xml
>>> 8. Back to admin console
>>> 9. Create some users
>>>
>>> How could we make it better?
>>>
>>> * Have a test realm pre-set up
>>> * Keycloak adapter is aware of a locally installed server and of the
>>> test realm
>>> * adapter an automatically registers the web app with the locally
>>> installed test realm.
>>> * Have a JAAS User Federation SPI plugin and have it pre set up with the
>>> test realm.
>>> * Have IP ACL per realm so that the test realm can't be accessed outside
>>> of localhost.
>>>
>>> Other ideas?
>>>
>>>
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>

More information about the keycloak-dev mailing list