<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
"http://www.docbook.org/xml/4.4/docbookx.dtd"
[
<!ENTITY License SYSTEM "modules/License.xml">
<!ENTITY Overview SYSTEM "modules/Overview.xml">
<!ENTITY Installation SYSTEM "modules/server-installation.xml">
<!ENTITY Providers SYSTEM "modules/providers.xml">
<!ENTITY OpenShift SYSTEM "modules/openshift.xml">
<!ENTITY AdminPermissions SYSTEM "modules/admin-permissions.xml">
<!ENTITY PerRealmAdminPermissions SYSTEM "modules/per-realm-admin-permissions.xml">
<!ENTITY AccessTypes SYSTEM "modules/access-types.xml">
<!ENTITY AdapterConfig SYSTEM "modules/adapter-config.xml">
<!ENTITY JBossAdapter SYSTEM "modules/jboss-adapter.xml">
<!ENTITY JavascriptAdapter SYSTEM "modules/javascript-adapter.xml">
<!ENTITY TomcatAdapter SYSTEM "modules/tomcat-adapter.xml">
<!ENTITY Jetty9Adapter SYSTEM "modules/jetty9-adapter.xml">
<!ENTITY Jetty8Adapter SYSTEM "modules/jetty8-adapter.xml">
<!ENTITY FuseAdapter SYSTEM "modules/fuse-adapter.xml">
<!ENTITY SpringBootAdapter SYSTEM "modules/spring-boot-adapter.xml">
<!ENTITY SpringSecurityAdapter SYSTEM "modules/spring-security-adapter.xml">
<!ENTITY InstalledApplications SYSTEM "modules/installed-applications.xml">
<!ENTITY Logout SYSTEM "modules/logout.xml">
<!ENTITY SAML SYSTEM "modules/saml.xml">
<!ENTITY JAAS SYSTEM "modules/jaas.xml">
<!ENTITY IdentityBroker SYSTEM "modules/identity-broker.xml">
<!ENTITY Themes SYSTEM "modules/themes.xml">
<!ENTITY Migration SYSTEM "modules/MigrationFromOlderVersions.xml">
<!ENTITY Email SYSTEM "modules/email.xml">
<!ENTITY Roles SYSTEM "modules/roles.xml">
<!ENTITY DirectAccess SYSTEM "modules/direct-access.xml">
<!ENTITY ServiceAccounts SYSTEM "modules/service-accounts.xml">
<!ENTITY CORS SYSTEM "modules/cors.xml">
<!ENTITY Timeouts SYSTEM "modules/timeouts.xml">
<!ENTITY Events SYSTEM "modules/events.xml">
<!ENTITY AdminApi SYSTEM "modules/admin-rest-api.xml">
<!ENTITY UserFederation SYSTEM "modules/user-federation.xml">
<!ENTITY Kerberos SYSTEM "modules/kerberos.xml">
<!ENTITY ExportImport SYSTEM "modules/export-import.xml">
<!ENTITY AdminRecovery SYSTEM "modules/admin-recovery.xml">
<!ENTITY ServerCache SYSTEM "modules/cache.xml">
<!ENTITY SecurityVulnerabilities SYSTEM "modules/security-vulnerabilities.xml">
<!ENTITY Clustering SYSTEM "modules/clustering.xml">
<!ENTITY ApplicationClustering SYSTEM "modules/application-clustering.xml">
<!ENTITY MultiTenancy SYSTEM "modules/multi-tenancy.xml">
<!ENTITY Proxy SYSTEM "modules/proxy.xml">
<!ENTITY CustomAttributes SYSTEM "modules/custom-attributes.xml">
<!ENTITY ProtocolMappers SYSTEM "modules/protocol-mappers.xml">
<!ENTITY Recaptcha SYSTEM "modules/recaptcha.xml">
<!ENTITY AuthSPI SYSTEM "modules/auth-spi.xml">
<!ENTITY FilterAdapter SYSTEM "modules/servlet-filter-adapter.xml">
]>
<book>
<bookinfo>
<title>Keycloak Reference Guide</title>
<subtitle>SSO for Web Apps and REST Services</subtitle>
<releaseinfo>&project.version;</releaseinfo>
</bookinfo>
<toc/>
<preface id="preface" revision="1">
<title>Preface</title>
<para>
In some of the example listings, what is meant to be displayed on one line does not fit
inside the available page width. These lines have been broken up. A '\' at the end of a
line means that a break has been introduced to fit in the page, with the following lines
indented. So:
<programlisting>
Let's pretend to have an extremely \
long line that \
does not fit
This one is short
</programlisting>
Is really:
<programlisting>
Let's pretend to have an extremely long line that does not fit
This one is short
</programlisting>
</para>
</preface>
&License;
&Overview;
&Installation;
&Providers;
&OpenShift;
&AdminPermissions;
&PerRealmAdminPermissions;
<chapter>
<title>Adapters</title>
<para>
Keycloak can secure a wide variety of application types. This section defines which application
types are supported and how to configure and install them so that you can use Keycloak to secure
your applications.
</para>
<para>
These client adapters use an extension of the OpenID Connect protocol (a derivate of OAuth 2.0).
This extension provides support for clustering, backchannel logout, and other non-standard adminstrative functions.
The Keycloak project also provides a separate, standalone, generic, SAML client adapter. But that is describe in a separate
document and has a different download.
</para>
&AdapterConfig;
&JBossAdapter;
&TomcatAdapter;
&Jetty9Adapter;
&Jetty8Adapter;
&FilterAdapter;
&FuseAdapter;
&JavascriptAdapter;
&SpringBootAdapter;
&SpringSecurityAdapter;
&InstalledApplications;
&Logout;
&MultiTenancy;
&JAAS;
</chapter>
&IdentityBroker;
&Themes;
&Recaptcha;
<chapter>
<title>Email</title>
<para>
Keycloak sends emails to users to verify their email address. Emails are also used to allow users to
safely restore their username and passwords.
</para>
&Email;
</chapter>
&AccessTypes;
&Roles;
&DirectAccess;
&ServiceAccounts;
&CORS;
&Timeouts;
&AdminApi;
&Events;
&UserFederation;
&Kerberos;
&ExportImport;
&AdminRecovery;
&ServerCache;
&SAML;
&SecurityVulnerabilities;
&Clustering;
&ApplicationClustering;
&Proxy;
&CustomAttributes;
&ProtocolMappers;
&AuthSPI;
&Migration;
</book>