[keycloak-dev] Making "hello world" with Wildfly easier
Marek Posolda
mposolda at redhat.com
Mon Oct 27 18:40:37 EDT 2014
On 27.10.2014 17:53, Bill Burke wrote:
> Bolek made a good point to me privately. If you were creating a simple
> "hello world" app, would you use Keycloak? Right now, there's a lot of
> configuration steps.
>
> 1. Install keycloak server and/or adapter (unless you are using the
> appliance distro.
> 2. Log into admin console
> 3. Create a realm
> 4. Create an application
> 5. Enter in all the configuration items
> 6. Extract a keycloak.json file (or service.xml)
> 7. Edit the WAR or add service.xml to standalone.xml
> 8. Back to admin console
> 9. Create some users
>
> How could we make it better?
>
> * Have a test realm pre-set up
I wonder that we can do this as part of keycloak-bootstrap.json for
this? We can remove ApplianceBootstrap and add this
keycloak-bootstrap.json file with basic data for both "master" and
"test" realm. This will allow people that they can add more users into
'master' or 'test' realm, or in production they can remove 'test' realm
entirely etc.
> * Keycloak adapter is aware of a locally installed server and of the
> test realm
> * adapter an automatically registers the web app with the locally
> installed test realm.
Maybe we can partially support specification
http://openid.net/specs/openid-connect-registration-1_0.html ? Not sure
how far we want to go with that. If we allow this auto-registration just
for the "test" realm (just development setup), then we may not need any
additional security of adapters to keycloak.
Marek
> * Have a JAAS User Federation SPI plugin and have it pre set up with the
> test realm.
> * Have IP ACL per realm so that the test realm can't be accessed outside
> of localhost.
>
> Other ideas?
>
>
More information about the keycloak-dev
mailing list