[keycloak-dev] Notes on KEYCLOAK-795: Move Auth Server into KC subsystem

Stan Silvert ssilvert at redhat.com
Fri Oct 31 07:43:16 EDT 2014


On 10/31/2014 4:15 AM, Stian Thorgersen wrote:
> Looks good to me. We should include this in Beta1.
>
> A few comments/questions:
>
> * Can we support enabling confidential transport-guarantee (auth-server/WEB-INF/web.xml) without cracking open the WAR? This seems to be the last requirement for an exploded WAR
I didn't know about that.  I can add it.
> * How to manually add a provider?
> * How to use add-provider and update-server-config? I'm still a bit unclear on how the 'update-server-config' works, can you elaborate a bit on this?
I should be done with updating the doc today.  These questions will be 
answered there.
> * What's the "new CLI GUI"? Why doesn't it work with the old CLI?
This is CLI GUI: 
https://developer.jboss.org/wiki/AGUIForTheCommandLineInterface
It's been around almost three years and I'm quite proud of it, but a lot 
of people don't know it exists.  I just added a new feature to CLI GUI 
that automatically uploads bytes for operations that require uploads.  
To do this in regular CLI, you would need to write code for a 
meta-command like "deploy".  Soon I'll talk to Alexey about adding this 
feature to regular CLI as well.

The new feature will be available with WildFly Core 1.0.0.Alpha11. 
Should be out soon.  For now you have to build from master to get it.  
You just need a single jar and it works with older WildFly/EAP versions. 
https://developer.jboss.org/wiki/UsingTheCLIRemoteClientJar
> * How to add themes in domain mode? Is that with provider jar?
Yes.
> Documentation obviously needs updating before Beta1 is released. We also need to test that it works with the OpenShift Cartridge.
I can't think of a reason why it wouldn't work.  I know CLI GUI works 
with OpenShift.  But yea, we need to test it.

BTW, using CLI GUI is just temporary.  I think it won't be long before 
we can front-end the Keycloak subsystem in Keycloak admin.
>
> Stan, can we get rid of these:
>    08:30:02,004 WARN  [org.jboss.as.dependency.private] (MSC service thread 1-8) JBAS018567: Deployment "deployment.main-auth-server.war" is using a private module ...
I don't think that's related to my PR.  I think you'll see those when 
you deploy from the /deployments directory as well.

The messages are for the jackson and httpcomponents modules.  I think I 
can get rid of the messages if we remove the <dependencies> section from 
jboss-deployment-structure.xml. Those dependencies should be added using 
KeycloakDependencyProcessor instead.
>
> ----- Original Message -----
>> From: "Stian Thorgersen" <stian at redhat.com>
>> To: "Stan Silvert" <ssilvert at redhat.com>
>> Cc: keycloak-dev at lists.jboss.org
>> Sent: Wednesday, 29 October, 2014 3:56:18 PM
>> Subject: Re: [keycloak-dev] Notes on KEYCLOAK-795: Move Auth Server into KC subsystem
>>
>> I'd like to have a look at this before we merge it, but won't have time until
>> tomorrow (maybe Friday).
>>
>> ----- Original Message -----
>>> From: "Stan Silvert" <ssilvert at redhat.com>
>>> To: keycloak-dev at lists.jboss.org
>>> Sent: Wednesday, 29 October, 2014 3:25:55 PM
>>> Subject: Re: [keycloak-dev] Notes on KEYCLOAK-795: Move Auth Server into KC
>>> subsystem
>>>
>>> On 10/29/2014 10:07 AM, Bill Burke wrote:
>>>> On 10/29/2014 9:28 AM, Stan Silvert wrote:
>>>>>     * EAP6 does not yet support all this.  We should discuss whether or
>>>>>       not this functionality should be backported.
>>>>>
>>>> +1 for this, but maybe some focus should be on getting a more seamless
>>>> "hello world" like we discussed in a previous thread?
>>>>
>>> I agree.  IMO, the next step should be Feature Pack installation and the
>>> seamless "hello world".   Then we look at EAP6.
>>> _______________________________________________
>>> keycloak-dev mailing list
>>> keycloak-dev at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>>
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>



More information about the keycloak-dev mailing list