[keycloak-dev] add-user.sh overwrites wildfly one

Marek Posolda mposolda at redhat.com
Fri Apr 22 15:57:01 EDT 2016 

That's the question...

For server distribution, we also have our stuff ( keycloak subsystem, 
datasource, infinispan etc) directly declared in "standalone.xml". On 
the other hand, for overlay distribution, we don't want to directly 
update default "standalone.xml", so we are adding our own 
"standalone-keycloak.xml". Isn't it quite similar thing?

We can do the same for overlay and server distribution, so never edit 
default wildfly files ( standalone.xml , add-user.sh), but always use 
our own versions with "-keycloak" suffix. Advantage is more consistent. 
However people will need to always start keycloak server with 
"./standalone.sh -c standalone-keycloak.xml" then. Doesn't it sucks from 
the usability perspective?

I honestly don't know what's the best way regarding usability. AFAIK 
this was decided on mailing lists couple of months ago, but don't 
remember the exact threads...:/

Marek



On 22/04/16 19:32, Bill Burke wrote:
> I don't think we should do this.  We are going to need to leverage the 
> JBoss EAP/Wildfly documentation on how to manage the server. We can't 
> be overriding commands that exist for JBoss.  There is going to be a 
> lot of confusion.
>
> On 4/22/2016 11:56 AM, Marek Posolda wrote:
>> AFAIK it is intentional on standalone keycloak server. If you use 
>> parameter "--container" it will delegate to the wildfly impl, so you 
>> have the possibility to add the "wildfly" admin. Not sure if this is 
>> properly documented...
>>
>> With overlay, we don't overwrite the default wildfly "add-user.sh" 
>> but instead we add our own "add-user-keycloak.sh".
>>
>> Marek
>>
>>
>> On 22/04/16 17:45, Bill Burke wrote:
>>> The add-user.sh script overwrites the one that comes distributed with
>>> Wildfly/EAP.  Is this intentional?  To set up domain mode on multiple
>>> servers you need to be able to add an admin user to the domain and 
>>> share the
>>> secret with slave hosts so they can connect to the domain controller.
>>>
>>> Can I rename add-user.sh to something else?
>>>
>>> keycloak-add-user.sh
>>>    - or -
>>> sso-add-user.sh
>>>    - or -
>>>
>>> ????
>>>
>>
>

More information about the keycloak-dev mailing list