[keycloak-dev] No more keycloak-server.json

Stan Silvert ssilvert at redhat.com
Wed Aug 31 07:03:42 EDT 2016


On 8/31/2016 3:26 AM, Stian Thorgersen wrote:
> One thing I'm not so keen on is the syntax for a list.
I'm not either.  I hate having to escape quotes with "

I tried something like this, which looks nicer in XML:

        <spi name="eventsStore">
                 <default-provider>jpa</default-provider>
                 <provider name="jpa" enabled="true">
                     <properties>
                         <property name="regularProp" value="myValue"/>
                         <property name="exclude-events">
                                  <value>EVENT1</value>
                                  <value>EVENT2</value>
                         </property>
                     </properties>
                 </provider>
             </spi>

The problem was that it made the code get really ugly.  I can take 
another stab at it later though.  Some refactoring would probably make 
it easier to implement.

The good news is that you don't use lists very much and they look fine 
in CLI, where you can do something like this:
/subsystem=keycloak-server/spi=eventsStore/provider=jpa/:map-put(name=properties,key=exclude-events,value=[EVENT1,EVENT2])

>
> On 26 August 2016 at 14:24, Stan Silvert <ssilvert at redhat.com 
> <mailto:ssilvert at redhat.com>> wrote:
>
>     Now that changes for KEYCLOAK-3196 are merged,  everything you used to
>     configure in keycloak-server.json will now be configured in
>     standalone.xml, standalone-ha.xml, or domain.xml.
>
>     If you need to make a change to the default keycloak-subsystem
>     configuration, you will need to edit this file:
>     https://github.com/keycloak/keycloak/blob/master/wildfly/server-subsystem/src/main/config/default-server-subsys-config.properties
>     <https://github.com/keycloak/keycloak/blob/master/wildfly/server-subsystem/src/main/config/default-server-subsys-config.properties>
>
>     This file contains a single multi-line property containing the
>     subsystem
>     xml declaration.  Maven filtering is used to read this property and
>     inject it everywhere it needs to go.  Editing this file will also take
>     care of propagating it to the distributions like server-dist and
>     demo-dist.
>
>     Also, you need to create CLI commands for each change by editing
>     this file:
>     https://github.com/keycloak/keycloak/blob/master/wildfly/server-subsystem/src/main/resources/cli/default-keycloak-subsys-config.cli
>     <https://github.com/keycloak/keycloak/blob/master/wildfly/server-subsystem/src/main/resources/cli/default-keycloak-subsys-config.cli>
>
>     This CLI snippet is used in the scripts required by the overlay
>     distribution.
>
>     We have always had the problem that whenever someone changes
>     keycloak-server.json, they forget to make corresponding changes that
>     affect the various distributions.  With the switch to
>     standalone.xml, we
>     now have just these two files to edit instead of five or six.
>
>     Below, I'm pasting part of the asciidoc documentation I'm working
>     on for
>     this.  It explains how to configure SPI's in standalone.xml. Also, if
>     someone can tell me if what I said about default-provider is accurate
>     I'd appreciate that:
>
>     ----------------------------------------------------------------------------------------------------------------------------------------------------------
>     All elements in an SPI declaration are optional, but a full SPI
>     declaration
>       looks like this:
>     [source,xml]
>     ----
>     <spi name="dblock">
>          <default-provider>mongo</default-provider>
>          <provider name="jpa" enabled="true">
>              <properties>
>                  <property name="lockWaitTimeout" value="800"/>
>              </properties>
>          </provider>
>          <provider name="mongo" enabled="true">
>              <properties>
>                  <property name="lockRecheckTime" value="2"/>
>                  <property name="lockWaitTimeout" value="600"/>
>              </properties>
>          </provider>
>     </spi>
>     ----
>     Here we have two providers defined for the SPI `dblock`. The
>     `default-provider`
>     is listed as `mongo`.  However it is up to the SPI to decide how
>     it will
>     treat
>     this setting.  Some SPIs allow more than one provider and some do
>     not.  So
>     `default-provider` can help the SPI to choose.
>
>     Also notice that each provider defines its own set of configuration
>     properties.
>     The fact that both providers above have a property called
>     `lockWaitTimeout` is just a
>     coincidence.
>
>     The type of each property value is interpreted by the provider.
>     However,
>     there
>     is one exception.  Consider the `jpa` provider for the
>     `eventStore` API:
>     [source,xml]
>     ----
>     <spi name="eventsStore">
>          <provider name="jpa" enabled="true">
>              <properties>
>                  <property name="exclude-events"
>     value="[&quot;EVENT1&quot;,
>     &quot;EVENT2&quot;]"/>
>              </properties>
>          </provider>
>     </spi>
>     ----
>     We see that the value begins and ends with square brackets. That
>     means that
>     the value will be passed to the provider as a list.  In this example,
>     the system will pass the
>     provider a list with two element values _EVENT1_ and _EVENT2_. To add
>     more values
>     to the list, just separate each list element with a comma.
>     Unfortunately,
>     you do need to escape the quotes surrounding each list element with
>     `\&quot;`.
>     _______________________________________________
>     keycloak-dev mailing list
>     keycloak-dev at lists.jboss.org <mailto:keycloak-dev at lists.jboss.org>
>     https://lists.jboss.org/mailman/listinfo/keycloak-dev
>     <https://lists.jboss.org/mailman/listinfo/keycloak-dev>
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20160831/e4d97c07/attachment-0001.html 


More information about the keycloak-dev mailing list