keycloak-memoizeit
Changes
testsuite/integration-arquillian/tests/other/server-config-migration/src/test/resources/domain/domain-2.5.5.Final-redhat-1.xml 1052(+1052 -0)
testsuite/integration-arquillian/tests/other/server-config-migration/src/test/resources/domain/host-master-2.5.5.Final-redhat-1.xml 102(+102 -0)
Details
diff --git a/testsuite/integration-arquillian/tests/other/server-config-migration/src/test/resources/domain/domain-2.5.5.Final-redhat-1.xml b/testsuite/integration-arquillian/tests/other/server-config-migration/src/test/resources/domain/domain-2.5.5.Final-redhat-1.xml
new file mode 100644
index 0000000..997be99
--- /dev/null
+++ b/testsuite/integration-arquillian/tests/other/server-config-migration/src/test/resources/domain/domain-2.5.5.Final-redhat-1.xml
@@ -0,0 +1,1052 @@
+<?xml version="1.0" ?>
+
+<domain xmlns="urn:jboss:domain:4.1">
+ <extensions>
+ <extension module="org.jboss.as.clustering.infinispan"/>
+ <extension module="org.jboss.as.clustering.jgroups"/>
+ <extension module="org.jboss.as.connector"/>
+ <extension module="org.jboss.as.ee"/>
+ <extension module="org.jboss.as.ejb3"/>
+ <extension module="org.jboss.as.jaxrs"/>
+ <extension module="org.jboss.as.jdr"/>
+ <extension module="org.jboss.as.jmx"/>
+ <extension module="org.jboss.as.jpa"/>
+ <extension module="org.jboss.as.jsf"/>
+ <extension module="org.jboss.as.logging"/>
+ <extension module="org.jboss.as.mail"/>
+ <extension module="org.jboss.as.modcluster"/>
+ <extension module="org.jboss.as.naming"/>
+ <extension module="org.jboss.as.remoting"/>
+ <extension module="org.jboss.as.security"/>
+ <extension module="org.jboss.as.transactions"/>
+ <extension module="org.keycloak.keycloak-server-subsystem"/>
+ <extension module="org.wildfly.extension.bean-validation"/>
+ <extension module="org.wildfly.extension.io"/>
+ <extension module="org.wildfly.extension.request-controller"/>
+ <extension module="org.wildfly.extension.security.manager"/>
+ <extension module="org.wildfly.extension.undertow"/>
+ </extensions>
+ <system-properties>
+ <!-- IPv4 is not required, but setting this helps avoid unintended use of IPv6 -->
+ <property name="java.net.preferIPv4Stack" value="true"/>
+ </system-properties>
+ <management>
+ <access-control provider="simple">
+ <role-mapping>
+ <role name="SuperUser">
+ <include>
+ <user name="$local"/>
+ </include>
+ </role>
+ </role-mapping>
+ </access-control>
+ </management>
+ <profiles>
+ <!-- Non clustered authentication server profile -->
+ <profile name="auth-server-standalone">
+ <subsystem xmlns="urn:jboss:domain:logging:3.0">
+ <console-handler name="CONSOLE">
+ <level name="INFO"/>
+ <formatter>
+ <named-formatter name="COLOR-PATTERN"/>
+ </formatter>
+ </console-handler>
+ <periodic-rotating-file-handler name="FILE" autoflush="true">
+ <formatter>
+ <named-formatter name="PATTERN"/>
+ </formatter>
+ <file relative-to="jboss.server.log.dir" path="server.log"/>
+ <suffix value=".yyyy-MM-dd"/>
+ <append value="true"/>
+ </periodic-rotating-file-handler>
+ <logger category="com.arjuna">
+ <level name="WARN"/>
+ </logger>
+ <logger category="org.jboss.as.config">
+ <level name="DEBUG"/>
+ </logger>
+ <logger category="sun.rmi">
+ <level name="WARN"/>
+ </logger>
+ <root-logger>
+ <level name="INFO"/>
+ <handlers>
+ <handler name="CONSOLE"/>
+ <handler name="FILE"/>
+ </handlers>
+ </root-logger>
+ <formatter name="PATTERN">
+ <pattern-formatter pattern="%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n"/>
+ </formatter>
+ <formatter name="COLOR-PATTERN">
+ <pattern-formatter pattern="%K{level}%d{HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n"/>
+ </formatter>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:bean-validation:1.0"/>
+ <subsystem xmlns="urn:jboss:domain:datasources:4.0">
+ <datasources>
+ <datasource jndi-name="java:jboss/datasources/ExampleDS" pool-name="ExampleDS" enabled="true" use-java-context="true">
+ <connection-url>jdbc:h2:mem:test;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE</connection-url>
+ <driver>h2</driver>
+ <security>
+ <user-name>sa</user-name>
+ <password>sa</password>
+ </security>
+ </datasource>
+ <datasource jndi-name="java:jboss/datasources/KeycloakDS" pool-name="KeycloakDS" enabled="true" use-java-context="true">
+ <connection-url>jdbc:h2:${jboss.server.data.dir}/keycloak;AUTO_SERVER=TRUE</connection-url>
+ <driver>h2</driver>
+ <security>
+ <user-name>sa</user-name>
+ <password>sa</password>
+ </security>
+ </datasource>
+ <drivers>
+ <driver name="h2" module="com.h2database.h2">
+ <xa-datasource-class>org.h2.jdbcx.JdbcDataSource</xa-datasource-class>
+ </driver>
+ </drivers>
+ </datasources>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:ee:4.0">
+ <spec-descriptor-property-replacement>false</spec-descriptor-property-replacement>
+ <concurrent>
+ <context-services>
+ <context-service name="default" jndi-name="java:jboss/ee/concurrency/context/default" use-transaction-setup-provider="true"/>
+ </context-services>
+ <managed-thread-factories>
+ <managed-thread-factory name="default" jndi-name="java:jboss/ee/concurrency/factory/default" context-service="default"/>
+ </managed-thread-factories>
+ <managed-executor-services>
+ <managed-executor-service name="default" jndi-name="java:jboss/ee/concurrency/executor/default" context-service="default" hung-task-threshold="60000" keepalive-time="5000"/>
+ </managed-executor-services>
+ <managed-scheduled-executor-services>
+ <managed-scheduled-executor-service name="default" jndi-name="java:jboss/ee/concurrency/scheduler/default" context-service="default" hung-task-threshold="60000" keepalive-time="3000"/>
+ </managed-scheduled-executor-services>
+ </concurrent>
+ <default-bindings context-service="java:jboss/ee/concurrency/context/default" datasource="java:jboss/datasources/ExampleDS" managed-executor-service="java:jboss/ee/concurrency/executor/default" managed-scheduled-executor-service="java:jboss/ee/concurrency/scheduler/default" managed-thread-factory="java:jboss/ee/concurrency/factory/default"/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:ejb3:4.0">
+ <session-bean>
+ <stateless>
+ <bean-instance-pool-ref pool-name="slsb-strict-max-pool"/>
+ </stateless>
+ <stateful default-access-timeout="5000" cache-ref="simple" passivation-disabled-cache-ref="simple"/>
+ <singleton default-access-timeout="5000"/>
+ </session-bean>
+ <pools>
+ <bean-instance-pools>
+ <!-- Automatically configure pools. Alternatively, max-pool-size can be set to a specific value -->
+ <strict-max-pool name="slsb-strict-max-pool" derive-size="from-worker-pools" instance-acquisition-timeout="5" instance-acquisition-timeout-unit="MINUTES"/>
+ <strict-max-pool name="mdb-strict-max-pool" derive-size="from-cpu-count" instance-acquisition-timeout="5" instance-acquisition-timeout-unit="MINUTES"/>
+ </bean-instance-pools>
+ </pools>
+ <caches>
+ <cache name="simple"/>
+ <cache name="distributable" passivation-store-ref="infinispan" aliases="passivating clustered"/>
+ </caches>
+ <passivation-stores>
+ <passivation-store name="infinispan" cache-container="ejb" max-size="10000"/>
+ </passivation-stores>
+ <async thread-pool-name="default"/>
+ <timer-service thread-pool-name="default" default-data-store="default-file-store">
+ <data-stores>
+ <file-data-store name="default-file-store" path="timer-service-data" relative-to="jboss.server.data.dir"/>
+ </data-stores>
+ </timer-service>
+ <remote connector-ref="http-remoting-connector" thread-pool-name="default"/>
+ <thread-pools>
+ <thread-pool name="default">
+ <max-threads count="10"/>
+ <keepalive-time time="100" unit="milliseconds"/>
+ </thread-pool>
+ </thread-pools>
+ <default-security-domain value="other"/>
+ <default-missing-method-permissions-deny-access value="true"/>
+ <log-system-exceptions value="true"/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:io:1.1">
+ <worker name="default"/>
+ <buffer-pool name="default"/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:infinispan:4.0">
+ <cache-container name="keycloak" jndi-name="infinispan/Keycloak">
+ <local-cache name="realms">
+ <eviction max-entries="10000" strategy="LRU"/>
+ </local-cache>
+ <local-cache name="users">
+ <eviction max-entries="10000" strategy="LRU"/>
+ </local-cache>
+ <local-cache name="sessions"/>
+ <local-cache name="offlineSessions"/>
+ <local-cache name="loginFailures"/>
+ <local-cache name="work"/>
+ <local-cache name="authorization">
+ <eviction max-entries="100" strategy="LRU"/>
+ </local-cache>
+ <local-cache name="keys">
+ <eviction max-entries="1000" strategy="LRU"/>
+ <expiration max-idle="3600000"/>
+ </local-cache>
+ </cache-container>
+ <cache-container name="server" default-cache="default" module="org.wildfly.clustering.server">
+ <local-cache name="default">
+ <transaction mode="BATCH"/>
+ </local-cache>
+ </cache-container>
+ <cache-container name="web" default-cache="passivation" module="org.wildfly.clustering.web.infinispan">
+ <local-cache name="passivation">
+ <locking isolation="REPEATABLE_READ"/>
+ <transaction mode="BATCH"/>
+ <file-store passivation="true" purge="false"/>
+ </local-cache>
+ <local-cache name="persistent">
+ <locking isolation="REPEATABLE_READ"/>
+ <transaction mode="BATCH"/>
+ <file-store passivation="false" purge="false"/>
+ </local-cache>
+ </cache-container>
+ <cache-container name="ejb" aliases="sfsb" default-cache="passivation" module="org.wildfly.clustering.ejb.infinispan">
+ <local-cache name="passivation">
+ <locking isolation="REPEATABLE_READ"/>
+ <transaction mode="BATCH"/>
+ <file-store passivation="true" purge="false"/>
+ </local-cache>
+ <local-cache name="persistent">
+ <locking isolation="REPEATABLE_READ"/>
+ <transaction mode="BATCH"/>
+ <file-store passivation="false" purge="false"/>
+ </local-cache>
+ </cache-container>
+ <cache-container name="hibernate" default-cache="local-query" module="org.hibernate.infinispan">
+ <local-cache name="entity">
+ <transaction mode="NON_XA"/>
+ <eviction strategy="LRU" max-entries="10000"/>
+ <expiration max-idle="100000"/>
+ </local-cache>
+ <local-cache name="local-query">
+ <eviction strategy="LRU" max-entries="10000"/>
+ <expiration max-idle="100000"/>
+ </local-cache>
+ <local-cache name="timestamps"/>
+ </cache-container>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:jaxrs:1.0"/>
+ <subsystem xmlns="urn:jboss:domain:jca:4.0">
+ <archive-validation enabled="true" fail-on-error="true" fail-on-warn="false"/>
+ <bean-validation enabled="true"/>
+ <default-workmanager>
+ <short-running-threads>
+ <core-threads count="50"/>
+ <queue-length count="50"/>
+ <max-threads count="50"/>
+ <keepalive-time time="10" unit="seconds"/>
+ </short-running-threads>
+ <long-running-threads>
+ <core-threads count="50"/>
+ <queue-length count="50"/>
+ <max-threads count="50"/>
+ <keepalive-time time="10" unit="seconds"/>
+ </long-running-threads>
+ </default-workmanager>
+ <cached-connection-manager/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:jdr:1.0"/>
+ <subsystem xmlns="urn:jboss:domain:jmx:1.3">
+ <expose-resolved-model/>
+ <expose-expression-model/>
+ <!--<remoting-connector use-management-endpoint="false"/>-->
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:jpa:1.1">
+ <jpa default-datasource="" default-extended-persistence-inheritance="DEEP"/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:jsf:1.0"/>
+ <subsystem xmlns="urn:jboss:domain:mail:2.0">
+ <mail-session name="default" jndi-name="java:jboss/mail/Default">
+ <smtp-server outbound-socket-binding-ref="mail-smtp"/>
+ </mail-session>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:naming:2.0">
+ <remote-naming/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:remoting:3.0">
+ <endpoint/>
+ <http-connector name="http-remoting-connector" connector-ref="default" security-realm="ApplicationRealm"/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:request-controller:1.0"/>
+ <subsystem xmlns="urn:jboss:domain:security:1.2">
+ <security-domains>
+ <security-domain name="other" cache-type="default">
+ <authentication>
+ <login-module code="Remoting" flag="optional">
+ <module-option name="password-stacking" value="useFirstPass"/>
+ </login-module>
+ <login-module code="RealmDirect" flag="required">
+ <module-option name="password-stacking" value="useFirstPass"/>
+ </login-module>
+ </authentication>
+ </security-domain>
+ <security-domain name="jboss-web-policy" cache-type="default">
+ <authorization>
+ <policy-module code="Delegating" flag="required"/>
+ </authorization>
+ </security-domain>
+ <security-domain name="jboss-ejb-policy" cache-type="default">
+ <authorization>
+ <policy-module code="Delegating" flag="required"/>
+ </authorization>
+ </security-domain>
+ <security-domain name="jaspitest" cache-type="default">
+ <authentication-jaspi>
+ <login-module-stack name="dummy">
+ <login-module code="Dummy" flag="optional"/>
+ </login-module-stack>
+ <auth-module code="Dummy"/>
+ </authentication-jaspi>
+ </security-domain>
+ </security-domains>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:security-manager:1.0">
+ <deployment-permissions>
+ <maximum-set>
+ <permission class="java.security.AllPermission"/>
+ </maximum-set>
+ </deployment-permissions>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:transactions:3.0">
+ <core-environment>
+ <process-id>
+ <uuid/>
+ </process-id>
+ </core-environment>
+ <recovery-environment socket-binding="txn-recovery-environment" status-socket-binding="txn-status-manager"/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:undertow:3.1">
+ <buffer-cache name="default"/>
+ <server name="default-server">
+ <http-listener name="default" socket-binding="http" redirect-socket="https"/>
+ <host name="default-host" alias="localhost">
+ <location name="/" handler="welcome-content"/>
+ <filter-ref name="server-header"/>
+ <filter-ref name="x-powered-by-header"/>
+ </host>
+ </server>
+ <servlet-container name="default">
+ <jsp-config/>
+ <websockets/>
+ </servlet-container>
+ <handlers>
+ <file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>
+ </handlers>
+ <filters>
+ <response-header name="server-header" header-name="Server" header-value="JBoss-EAP/7"/>
+ <response-header name="x-powered-by-header" header-name="X-Powered-By" header-value="Undertow/1"/>
+ </filters>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:keycloak-server:1.1">
+ <web-context>auth</web-context>
+ <providers>
+ <provider>classpath:${jboss.home.dir}/providers/*</provider>
+ </providers>
+ <master-realm-name>master</master-realm-name>
+ <scheduled-task-interval>900</scheduled-task-interval>
+ <theme>
+ <staticMaxAge>2592000</staticMaxAge>
+ <cacheThemes>true</cacheThemes>
+ <cacheTemplates>true</cacheTemplates>
+ <dir>${jboss.home.dir}/themes</dir>
+ </theme>
+ <spi name="eventsStore">
+ <default-provider>jpa</default-provider>
+ <provider name="jpa" enabled="true">
+ <properties>
+ <property name="exclude-events" value="["REFRESH_TOKEN"]"/>
+ </properties>
+ </provider>
+ </spi>
+ <spi name="realm">
+ <default-provider>jpa</default-provider>
+ </spi>
+ <spi name="user">
+ <default-provider>jpa</default-provider>
+ </spi>
+ <spi name="userFederatedStorage">
+ <default-provider>jpa</default-provider>
+ </spi>
+ <spi name="userCache">
+ <provider name="default" enabled="true"/>
+ </spi>
+ <spi name="userSessionPersister">
+ <default-provider>jpa</default-provider>
+ </spi>
+ <spi name="authorizationPersister">
+ <default-provider>jpa</default-provider>
+ </spi>
+ <spi name="timer">
+ <default-provider>basic</default-provider>
+ </spi>
+ <spi name="connectionsHttpClient">
+ <provider name="default" enabled="true"/>
+ </spi>
+ <spi name="connectionsJpa">
+ <provider name="default" enabled="true">
+ <properties>
+ <property name="dataSource" value="java:jboss/datasources/KeycloakDS"/>
+ <property name="initializeEmpty" value="true"/>
+ <property name="migrationStrategy" value="update"/>
+ <property name="migrationExport" value="${jboss.home.dir}/keycloak-database-update.sql"/>
+ </properties>
+ </provider>
+ </spi>
+ <spi name="realmCache">
+ <provider name="default" enabled="true"/>
+ </spi>
+ <spi name="connectionsInfinispan">
+ <default-provider>default</default-provider>
+ <provider name="default" enabled="true">
+ <properties>
+ <property name="cacheContainer" value="java:comp/env/infinispan/Keycloak"/>
+ </properties>
+ </provider>
+ </spi>
+ <spi name="jta-lookup">
+ <default-provider>${keycloak.jta.lookup.provider:jboss}</default-provider>
+ <provider name="jboss" enabled="true"/>
+ </spi>
+ <spi name="publicKeyStorage">
+ <provider name="infinispan" enabled="true">
+ <properties>
+ <property name="minTimeBetweenRequests" value="10"/>
+ </properties>
+ </provider>
+ </spi>
+ </subsystem>
+ </profile>
+ <!--
+ ~
+ ~ Clustering authentication server setup.
+ ~
+ ~ You must configure a remote shared external database like PostgreSQL or MySql if you want this to be
+ ~ able to work on multiple machines.
+ ~
+ -->
+ <profile name="auth-server-clustered">
+ <subsystem xmlns="urn:jboss:domain:logging:3.0">
+ <console-handler name="CONSOLE">
+ <level name="INFO"/>
+ <formatter>
+ <named-formatter name="COLOR-PATTERN"/>
+ </formatter>
+ </console-handler>
+ <periodic-rotating-file-handler name="FILE" autoflush="true">
+ <formatter>
+ <named-formatter name="PATTERN"/>
+ </formatter>
+ <file relative-to="jboss.server.log.dir" path="server.log"/>
+ <suffix value=".yyyy-MM-dd"/>
+ <append value="true"/>
+ </periodic-rotating-file-handler>
+ <logger category="com.arjuna">
+ <level name="WARN"/>
+ </logger>
+ <logger category="org.jboss.as.config">
+ <level name="DEBUG"/>
+ </logger>
+ <logger category="sun.rmi">
+ <level name="WARN"/>
+ </logger>
+ <root-logger>
+ <level name="INFO"/>
+ <handlers>
+ <handler name="CONSOLE"/>
+ <handler name="FILE"/>
+ </handlers>
+ </root-logger>
+ <formatter name="PATTERN">
+ <pattern-formatter pattern="%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n"/>
+ </formatter>
+ <formatter name="COLOR-PATTERN">
+ <pattern-formatter pattern="%K{level}%d{HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n"/>
+ </formatter>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:bean-validation:1.0"/>
+ <subsystem xmlns="urn:jboss:domain:datasources:4.0">
+ <datasources>
+ <datasource jndi-name="java:jboss/datasources/ExampleDS" pool-name="ExampleDS" enabled="true" use-java-context="true">
+ <connection-url>jdbc:h2:mem:test;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE</connection-url>
+ <driver>h2</driver>
+ <security>
+ <user-name>sa</user-name>
+ <password>sa</password>
+ </security>
+ </datasource>
+ <datasource jndi-name="java:jboss/datasources/KeycloakDS" pool-name="KeycloakDS" enabled="true" use-java-context="true">
+ <connection-url>jdbc:h2:${jboss.server.data.dir}/../../shared-database/keycloak;AUTO_SERVER=TRUE</connection-url>
+ <driver>h2</driver>
+ <security>
+ <user-name>sa</user-name>
+ <password>sa</password>
+ </security>
+ </datasource>
+ <drivers>
+ <driver name="h2" module="com.h2database.h2">
+ <xa-datasource-class>org.h2.jdbcx.JdbcDataSource</xa-datasource-class>
+ </driver>
+ </drivers>
+ </datasources>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:ee:4.0">
+ <spec-descriptor-property-replacement>false</spec-descriptor-property-replacement>
+ <concurrent>
+ <context-services>
+ <context-service name="default" jndi-name="java:jboss/ee/concurrency/context/default" use-transaction-setup-provider="true"/>
+ </context-services>
+ <managed-thread-factories>
+ <managed-thread-factory name="default" jndi-name="java:jboss/ee/concurrency/factory/default" context-service="default"/>
+ </managed-thread-factories>
+ <managed-executor-services>
+ <managed-executor-service name="default" jndi-name="java:jboss/ee/concurrency/executor/default" context-service="default" hung-task-threshold="60000" keepalive-time="5000"/>
+ </managed-executor-services>
+ <managed-scheduled-executor-services>
+ <managed-scheduled-executor-service name="default" jndi-name="java:jboss/ee/concurrency/scheduler/default" context-service="default" hung-task-threshold="60000" keepalive-time="3000"/>
+ </managed-scheduled-executor-services>
+ </concurrent>
+ <default-bindings context-service="java:jboss/ee/concurrency/context/default" datasource="java:jboss/datasources/ExampleDS" managed-executor-service="java:jboss/ee/concurrency/executor/default" managed-scheduled-executor-service="java:jboss/ee/concurrency/scheduler/default" managed-thread-factory="java:jboss/ee/concurrency/factory/default"/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:ejb3:4.0">
+ <session-bean>
+ <stateless>
+ <bean-instance-pool-ref pool-name="slsb-strict-max-pool"/>
+ </stateless>
+ <stateful default-access-timeout="5000" cache-ref="distributable" passivation-disabled-cache-ref="simple"/>
+ <singleton default-access-timeout="5000"/>
+ </session-bean>
+ <pools>
+ <bean-instance-pools>
+ <!-- Automatically configure pools. Alternatively, max-pool-size can be set to a specific value -->
+ <strict-max-pool name="slsb-strict-max-pool" derive-size="from-worker-pools" instance-acquisition-timeout="5" instance-acquisition-timeout-unit="MINUTES"/>
+ <strict-max-pool name="mdb-strict-max-pool" derive-size="from-cpu-count" instance-acquisition-timeout="5" instance-acquisition-timeout-unit="MINUTES"/>
+ </bean-instance-pools>
+ </pools>
+ <caches>
+ <cache name="simple"/>
+ <cache name="distributable" passivation-store-ref="infinispan" aliases="passivating clustered"/>
+ </caches>
+ <passivation-stores>
+ <passivation-store name="infinispan" cache-container="ejb" max-size="10000"/>
+ </passivation-stores>
+ <async thread-pool-name="default"/>
+ <timer-service thread-pool-name="default" default-data-store="default-file-store">
+ <data-stores>
+ <file-data-store name="default-file-store" path="timer-service-data" relative-to="jboss.server.data.dir"/>
+ </data-stores>
+ </timer-service>
+ <remote connector-ref="http-remoting-connector" thread-pool-name="default"/>
+ <thread-pools>
+ <thread-pool name="default">
+ <max-threads count="10"/>
+ <keepalive-time time="100" unit="milliseconds"/>
+ </thread-pool>
+ </thread-pools>
+ <default-security-domain value="other"/>
+ <default-missing-method-permissions-deny-access value="true"/>
+ <log-system-exceptions value="true"/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:io:1.1">
+ <worker name="default"/>
+ <buffer-pool name="default"/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:infinispan:4.0">
+ <cache-container name="keycloak" jndi-name="infinispan/Keycloak">
+ <transport lock-timeout="60000"/>
+ <local-cache name="realms">
+ <eviction max-entries="10000" strategy="LRU"/>
+ </local-cache>
+ <local-cache name="users">
+ <eviction max-entries="10000" strategy="LRU"/>
+ </local-cache>
+ <distributed-cache name="sessions" mode="SYNC" owners="1"/>
+ <distributed-cache name="offlineSessions" mode="SYNC" owners="1"/>
+ <distributed-cache name="loginFailures" mode="SYNC" owners="1"/>
+ <distributed-cache name="authorization" mode="SYNC" owners="1"/>
+ <replicated-cache name="work" mode="SYNC"/>
+ <local-cache name="keys">
+ <eviction max-entries="1000" strategy="LRU"/>
+ <expiration max-idle="3600000"/>
+ </local-cache>
+ </cache-container>
+ <cache-container name="server" aliases="singleton cluster" default-cache="default" module="org.wildfly.clustering.server">
+ <transport lock-timeout="60000"/>
+ <replicated-cache name="default" mode="SYNC">
+ <transaction mode="BATCH"/>
+ </replicated-cache>
+ </cache-container>
+ <cache-container name="web" default-cache="dist" module="org.wildfly.clustering.web.infinispan">
+ <transport lock-timeout="60000"/>
+ <distributed-cache name="dist" mode="ASYNC" l1-lifespan="0" owners="2">
+ <locking isolation="REPEATABLE_READ"/>
+ <transaction mode="BATCH"/>
+ <file-store/>
+ </distributed-cache>
+ </cache-container>
+ <cache-container name="ejb" aliases="sfsb" default-cache="dist" module="org.wildfly.clustering.ejb.infinispan">
+ <transport lock-timeout="60000"/>
+ <distributed-cache name="dist" mode="ASYNC" l1-lifespan="0" owners="2">
+ <locking isolation="REPEATABLE_READ"/>
+ <transaction mode="BATCH"/>
+ <file-store/>
+ </distributed-cache>
+ </cache-container>
+ <cache-container name="hibernate" default-cache="local-query" module="org.hibernate.infinispan">
+ <transport lock-timeout="60000"/>
+ <local-cache name="local-query">
+ <eviction strategy="LRU" max-entries="10000"/>
+ <expiration max-idle="100000"/>
+ </local-cache>
+ <invalidation-cache name="entity" mode="SYNC">
+ <transaction mode="NON_XA"/>
+ <eviction strategy="LRU" max-entries="10000"/>
+ <expiration max-idle="100000"/>
+ </invalidation-cache>
+ <replicated-cache name="timestamps" mode="ASYNC"/>
+ </cache-container>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:jaxrs:1.0"/>
+ <subsystem xmlns="urn:jboss:domain:jca:4.0">
+ <archive-validation enabled="true" fail-on-error="true" fail-on-warn="false"/>
+ <bean-validation enabled="true"/>
+ <default-workmanager>
+ <short-running-threads>
+ <core-threads count="50"/>
+ <queue-length count="50"/>
+ <max-threads count="50"/>
+ <keepalive-time time="10" unit="seconds"/>
+ </short-running-threads>
+ <long-running-threads>
+ <core-threads count="50"/>
+ <queue-length count="50"/>
+ <max-threads count="50"/>
+ <keepalive-time time="10" unit="seconds"/>
+ </long-running-threads>
+ </default-workmanager>
+ <cached-connection-manager/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:jdr:1.0"/>
+ <subsystem xmlns="urn:jboss:domain:jgroups:4.0">
+ <channels default="ee">
+ <channel name="ee" stack="udp"/>
+ </channels>
+ <stacks>
+ <stack name="udp">
+ <transport type="UDP" socket-binding="jgroups-udp"/>
+ <protocol type="PING"/>
+ <protocol type="MERGE3"/>
+ <protocol type="FD_SOCK" socket-binding="jgroups-udp-fd"/>
+ <protocol type="FD_ALL"/>
+ <protocol type="VERIFY_SUSPECT"/>
+ <protocol type="pbcast.NAKACK2"/>
+ <protocol type="UNICAST3"/>
+ <protocol type="pbcast.STABLE"/>
+ <protocol type="pbcast.GMS"/>
+ <protocol type="UFC"/>
+ <protocol type="MFC"/>
+ <protocol type="FRAG2"/>
+ </stack>
+ <stack name="tcp">
+ <transport type="TCP" socket-binding="jgroups-tcp"/>
+ <protocol type="MPING" socket-binding="jgroups-mping"/>
+ <protocol type="MERGE3"/>
+ <protocol type="FD_SOCK" socket-binding="jgroups-tcp-fd"/>
+ <protocol type="FD"/>
+ <protocol type="VERIFY_SUSPECT"/>
+ <protocol type="pbcast.NAKACK2"/>
+ <protocol type="UNICAST3"/>
+ <protocol type="pbcast.STABLE"/>
+ <protocol type="pbcast.GMS"/>
+ <protocol type="MFC"/>
+ <protocol type="FRAG2"/>
+ </stack>
+ </stacks>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:jmx:1.3">
+ <expose-resolved-model/>
+ <expose-expression-model/>
+ <!--<remoting-connector use-management-endpoint="false"/>-->
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:jpa:1.1">
+ <jpa default-datasource="" default-extended-persistence-inheritance="DEEP"/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:jsf:1.0"/>
+ <subsystem xmlns="urn:jboss:domain:mail:2.0">
+ <mail-session name="default" jndi-name="java:jboss/mail/Default">
+ <smtp-server outbound-socket-binding-ref="mail-smtp"/>
+ </mail-session>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:modcluster:2.0">
+ <mod-cluster-config advertise-socket="modcluster" connector="ajp">
+ <dynamic-load-provider>
+ <load-metric type="cpu"/>
+ </dynamic-load-provider>
+ </mod-cluster-config>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:naming:2.0">
+ <remote-naming/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:remoting:3.0">
+ <endpoint/>
+ <http-connector name="http-remoting-connector" connector-ref="default" security-realm="ApplicationRealm"/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:request-controller:1.0"/>
+ <subsystem xmlns="urn:jboss:domain:security:1.2">
+ <security-domains>
+ <security-domain name="other" cache-type="default">
+ <authentication>
+ <login-module code="Remoting" flag="optional">
+ <module-option name="password-stacking" value="useFirstPass"/>
+ </login-module>
+ <login-module code="RealmDirect" flag="required">
+ <module-option name="password-stacking" value="useFirstPass"/>
+ </login-module>
+ </authentication>
+ </security-domain>
+ <security-domain name="jboss-web-policy" cache-type="default">
+ <authorization>
+ <policy-module code="Delegating" flag="required"/>
+ </authorization>
+ </security-domain>
+ <security-domain name="jboss-ejb-policy" cache-type="default">
+ <authorization>
+ <policy-module code="Delegating" flag="required"/>
+ </authorization>
+ </security-domain>
+ <security-domain name="jaspitest" cache-type="default">
+ <authentication-jaspi>
+ <login-module-stack name="dummy">
+ <login-module code="Dummy" flag="optional"/>
+ </login-module-stack>
+ <auth-module code="Dummy"/>
+ </authentication-jaspi>
+ </security-domain>
+ </security-domains>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:security-manager:1.0">
+ <deployment-permissions>
+ <maximum-set>
+ <permission class="java.security.AllPermission"/>
+ </maximum-set>
+ </deployment-permissions>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:transactions:3.0">
+ <core-environment>
+ <process-id>
+ <uuid/>
+ </process-id>
+ </core-environment>
+ <recovery-environment socket-binding="txn-recovery-environment" status-socket-binding="txn-status-manager"/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:undertow:3.1">
+ <buffer-cache name="default"/>
+ <server name="default-server">
+ <ajp-listener name="ajp" socket-binding="ajp"/>
+ <http-listener name="default" socket-binding="http" redirect-socket="https"/>
+ <host name="default-host" alias="localhost">
+ <location name="/" handler="welcome-content"/>
+ <filter-ref name="server-header"/>
+ <filter-ref name="x-powered-by-header"/>
+ </host>
+ </server>
+ <servlet-container name="default">
+ <jsp-config/>
+ <websockets/>
+ </servlet-container>
+ <handlers>
+ <file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>
+ </handlers>
+ <filters>
+ <response-header name="server-header" header-name="Server" header-value="JBoss-EAP/7"/>
+ <response-header name="x-powered-by-header" header-name="X-Powered-By" header-value="Undertow/1"/>
+ </filters>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:keycloak-server:1.1">
+ <web-context>auth</web-context>
+ <providers>
+ <provider>classpath:${jboss.home.dir}/providers/*</provider>
+ </providers>
+ <master-realm-name>master</master-realm-name>
+ <scheduled-task-interval>900</scheduled-task-interval>
+ <theme>
+ <staticMaxAge>2592000</staticMaxAge>
+ <cacheThemes>true</cacheThemes>
+ <cacheTemplates>true</cacheTemplates>
+ <dir>${jboss.home.dir}/themes</dir>
+ </theme>
+ <spi name="eventsStore">
+ <default-provider>jpa</default-provider>
+ <provider name="jpa" enabled="true">
+ <properties>
+ <property name="exclude-events" value="["REFRESH_TOKEN"]"/>
+ </properties>
+ </provider>
+ </spi>
+ <spi name="realm">
+ <default-provider>jpa</default-provider>
+ </spi>
+ <spi name="user">
+ <default-provider>jpa</default-provider>
+ </spi>
+ <spi name="userFederatedStorage">
+ <default-provider>jpa</default-provider>
+ </spi>
+ <spi name="userCache">
+ <provider name="default" enabled="true"/>
+ </spi>
+ <spi name="userSessionPersister">
+ <default-provider>jpa</default-provider>
+ </spi>
+ <spi name="authorizationPersister">
+ <default-provider>jpa</default-provider>
+ </spi>
+ <spi name="timer">
+ <default-provider>basic</default-provider>
+ </spi>
+ <spi name="connectionsHttpClient">
+ <provider name="default" enabled="true"/>
+ </spi>
+ <spi name="connectionsJpa">
+ <provider name="default" enabled="true">
+ <properties>
+ <property name="dataSource" value="java:jboss/datasources/KeycloakDS"/>
+ <property name="initializeEmpty" value="true"/>
+ <property name="migrationStrategy" value="update"/>
+ <property name="migrationExport" value="${jboss.home.dir}/keycloak-database-update.sql"/>
+ </properties>
+ </provider>
+ </spi>
+ <spi name="realmCache">
+ <provider name="default" enabled="true"/>
+ </spi>
+ <spi name="connectionsInfinispan">
+ <default-provider>default</default-provider>
+ <provider name="default" enabled="true">
+ <properties>
+ <property name="cacheContainer" value="java:comp/env/infinispan/Keycloak"/>
+ </properties>
+ </provider>
+ </spi>
+ <spi name="jta-lookup">
+ <default-provider>${keycloak.jta.lookup.provider:jboss}</default-provider>
+ <provider name="jboss" enabled="true"/>
+ </spi>
+ <spi name="publicKeyStorage">
+ <provider name="infinispan" enabled="true">
+ <properties>
+ <property name="minTimeBetweenRequests" value="10"/>
+ </properties>
+ </provider>
+ </spi>
+ </subsystem>
+ </profile>
+ <!--
+ ~
+ ~ This is a profile for the built-in Underto Loadbalancer
+ ~ It should be removed in production systems and replaced with a better software or hardware based one
+ ~
+ -->
+ <profile name="load-balancer">
+ <subsystem xmlns="urn:jboss:domain:logging:3.0">
+ <console-handler name="CONSOLE">
+ <level name="INFO"/>
+ <formatter>
+ <named-formatter name="COLOR-PATTERN"/>
+ </formatter>
+ </console-handler>
+ <periodic-rotating-file-handler name="FILE" autoflush="true">
+ <formatter>
+ <named-formatter name="PATTERN"/>
+ </formatter>
+ <file relative-to="jboss.server.log.dir" path="server.log"/>
+ <suffix value=".yyyy-MM-dd"/>
+ <append value="true"/>
+ </periodic-rotating-file-handler>
+ <logger category="com.arjuna">
+ <level name="WARN"/>
+ </logger>
+ <logger category="org.jboss.as.config">
+ <level name="DEBUG"/>
+ </logger>
+ <logger category="sun.rmi">
+ <level name="WARN"/>
+ </logger>
+ <root-logger>
+ <level name="INFO"/>
+ <handlers>
+ <handler name="CONSOLE"/>
+ <handler name="FILE"/>
+ </handlers>
+ </root-logger>
+ <formatter name="PATTERN">
+ <pattern-formatter pattern="%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n"/>
+ </formatter>
+ <formatter name="COLOR-PATTERN">
+ <pattern-formatter pattern="%K{level}%d{HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n"/>
+ </formatter>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:io:1.1">
+ <worker name="default"/>
+ <buffer-pool name="default"/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:jmx:1.3">
+ <expose-resolved-model/>
+ <expose-expression-model/>
+ <!--<remoting-connector use-management-endpoint="false"/>-->
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:naming:2.0">
+ <remote-naming/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:remoting:3.0">
+ <endpoint/>
+ <http-connector name="http-remoting-connector" connector-ref="default" security-realm="ApplicationRealm"/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:request-controller:1.0"/>
+ <subsystem xmlns="urn:jboss:domain:security:1.2">
+ <security-domains>
+ <security-domain name="other" cache-type="default">
+ <authentication>
+ <login-module code="Remoting" flag="optional">
+ <module-option name="password-stacking" value="useFirstPass"/>
+ </login-module>
+ <login-module code="RealmDirect" flag="required">
+ <module-option name="password-stacking" value="useFirstPass"/>
+ </login-module>
+ </authentication>
+ </security-domain>
+ <security-domain name="jboss-web-policy" cache-type="default">
+ <authorization>
+ <policy-module code="Delegating" flag="required"/>
+ </authorization>
+ </security-domain>
+ <security-domain name="jboss-ejb-policy" cache-type="default">
+ <authorization>
+ <policy-module code="Delegating" flag="required"/>
+ </authorization>
+ </security-domain>
+ <security-domain name="jaspitest" cache-type="default">
+ <authentication-jaspi>
+ <login-module-stack name="dummy">
+ <login-module code="Dummy" flag="optional"/>
+ </login-module-stack>
+ <auth-module code="Dummy"/>
+ </authentication-jaspi>
+ </security-domain>
+ </security-domains>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:security-manager:1.0">
+ <deployment-permissions>
+ <maximum-set>
+ <permission class="java.security.AllPermission"/>
+ </maximum-set>
+ </deployment-permissions>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:undertow:3.0">
+ <buffer-cache name="default"/>
+ <server name="default-server">
+ <http-listener name="default" socket-binding="http" redirect-socket="https"/>
+ <host name="default-host" alias="localhost">
+ <location name="/" handler="lb-handler"/>
+ <filter-ref name="server-header"/>
+ <filter-ref name="x-powered-by-header"/>
+ </host>
+ </server>
+ <servlet-container name="default">
+ <jsp-config/>
+ <websockets/>
+ </servlet-container>
+ <handlers>
+ <reverse-proxy name="lb-handler">
+ <host name="host1" outbound-socket-binding="remote-host1" scheme="ajp" path="/" instance-id="myroute1"/>
+ <host name="host2" outbound-socket-binding="remote-host2" scheme="ajp" path="/" instance-id="myroute2"/>
+ </reverse-proxy>
+ </handlers>
+ <filters>
+ <response-header name="server-header" header-name="Server" header-value="WildFly/10"/>
+ <response-header name="x-powered-by-header" header-name="X-Powered-By" header-value="Undertow/1"/>
+ </filters>
+ </subsystem>
+ </profile>
+ </profiles>
+ <!--
+ ~
+ ~ Named interfaces that can be referenced elsewhere in the configuration. The configuration
+ ~ for how to associate these logical names with an actual network interface can either
+ ~ be specified here or can be declared on a per-host basis in the equivalent element in host.xml.
+ ~
+ ~ These default configurations require the binding specification to be done in host.xml.
+ ~
+ -->
+ <interfaces>
+ <interface name="management">
+ <inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
+ </interface>
+ <interface name="public">
+ <inet-address value="${jboss.bind.address:127.0.0.1}"/>
+ </interface>
+ <interface name="private">
+ <inet-address value="${jboss.bind.address.private:127.0.0.1}"/>
+ </interface>
+ </interfaces>
+ <socket-binding-groups>
+ <socket-binding-group name="standard-sockets" default-interface="public">
+ <socket-binding name="ajp" port="${jboss.ajp.port:8009}"/>
+ <socket-binding name="http" port="${jboss.http.port:8080}"/>
+ <socket-binding name="https" port="${jboss.https.port:8443}"/>
+ <socket-binding name="txn-recovery-environment" port="4712"/>
+ <socket-binding name="txn-status-manager" port="4713"/>
+ <outbound-socket-binding name="mail-smtp">
+ <remote-destination host="localhost" port="25"/>
+ </outbound-socket-binding>
+ </socket-binding-group>
+ <socket-binding-group name="ha-sockets" default-interface="public">
+ <socket-binding name="ajp" port="${jboss.ajp.port:8009}"/>
+ <socket-binding name="http" port="${jboss.http.port:8080}"/>
+ <socket-binding name="https" port="${jboss.https.port:8443}"/>
+ <socket-binding name="jgroups-mping" interface="private" port="0" multicast-address="${jboss.default.multicast.address:230.0.0.4}" multicast-port="45700"/>
+ <socket-binding name="jgroups-tcp" interface="private" port="7600"/>
+ <socket-binding name="jgroups-tcp-fd" interface="private" port="57600"/>
+ <socket-binding name="jgroups-udp" interface="private" port="55200" multicast-address="${jboss.default.multicast.address:230.0.0.4}" multicast-port="45688"/>
+ <socket-binding name="jgroups-udp-fd" interface="private" port="54200"/>
+ <socket-binding name="modcluster" port="0" multicast-address="224.0.1.105" multicast-port="23364"/>
+ <socket-binding name="txn-recovery-environment" port="4712"/>
+ <socket-binding name="txn-status-manager" port="4713"/>
+ <outbound-socket-binding name="mail-smtp">
+ <remote-destination host="localhost" port="25"/>
+ </outbound-socket-binding>
+ </socket-binding-group>
+ <!-- load-balancer-sockets should be removed in production systems and replaced with a better softare or hardare based one -->
+ <socket-binding-group name="load-balancer-sockets" default-interface="public">
+ <socket-binding name="ajp" port="${jboss.ajp.port:8009}"/>
+ <socket-binding name="http" port="${jboss.http.port:8080}"/>
+ <socket-binding name="https" port="${jboss.https.port:8443}"/>
+ <outbound-socket-binding name="remote-host1">
+ <remote-destination host="localhost" port="8159"/>
+ </outbound-socket-binding>
+ <outbound-socket-binding name="remote-host2">
+ <remote-destination host="localhost" port="8259"/>
+ </outbound-socket-binding>
+ </socket-binding-group>
+ </socket-binding-groups>
+ <server-groups>
+ <!-- load-balancer-group should be removed in production systems and replaced with a better softare or hardare based one -->
+ <server-group name="load-balancer-group" profile="load-balancer">
+ <jvm name="default">
+ <heap size="64m" max-size="512m"/>
+ </jvm>
+ <socket-binding-group ref="load-balancer-sockets"/>
+ </server-group>
+ <server-group name="auth-server-group" profile="auth-server-clustered">
+ <jvm name="default">
+ <heap size="64m" max-size="512m"/>
+ </jvm>
+ <socket-binding-group ref="ha-sockets"/>
+ </server-group>
+ </server-groups>
+</domain>
diff --git a/testsuite/integration-arquillian/tests/other/server-config-migration/src/test/resources/domain/host-master-2.5.5.Final-redhat-1.xml b/testsuite/integration-arquillian/tests/other/server-config-migration/src/test/resources/domain/host-master-2.5.5.Final-redhat-1.xml
new file mode 100644
index 0000000..62ceae0
--- /dev/null
+++ b/testsuite/integration-arquillian/tests/other/server-config-migration/src/test/resources/domain/host-master-2.5.5.Final-redhat-1.xml
@@ -0,0 +1,102 @@
+<?xml version="1.0" ?>
+
+<host xmlns="urn:jboss:domain:4.1" name="master">
+ <extensions>
+ <extension module="org.jboss.as.jmx"/>
+ </extensions>
+ <management>
+ <security-realms>
+ <security-realm name="ManagementRealm">
+ <authentication>
+ <local default-user="$local" skip-group-loading="true"/>
+ <properties path="mgmt-users.properties" relative-to="jboss.domain.config.dir"/>
+ </authentication>
+ <authorization map-groups-to-roles="false">
+ <properties path="mgmt-groups.properties" relative-to="jboss.domain.config.dir"/>
+ </authorization>
+ </security-realm>
+ <security-realm name="ApplicationRealm">
+ <authentication>
+ <local default-user="$local" allowed-users="*" skip-group-loading="true"/>
+ <properties path="application-users.properties" relative-to="jboss.domain.config.dir"/>
+ </authentication>
+ <authorization>
+ <properties path="application-roles.properties" relative-to="jboss.domain.config.dir"/>
+ </authorization>
+ </security-realm>
+ </security-realms>
+ <audit-log>
+ <formatters>
+ <json-formatter name="json-formatter"/>
+ </formatters>
+ <handlers>
+ <file-handler name="host-file" formatter="json-formatter" relative-to="jboss.domain.data.dir" path="audit-log.log"/>
+ <file-handler name="server-file" formatter="json-formatter" relative-to="jboss.server.data.dir" path="audit-log.log"/>
+ </handlers>
+ <logger log-boot="true" log-read-only="false" enabled="false">
+ <handlers>
+ <handler name="host-file"/>
+ </handlers>
+ </logger>
+ <server-logger log-boot="true" log-read-only="false" enabled="false">
+ <handlers>
+ <handler name="server-file"/>
+ </handlers>
+ </server-logger>
+ </audit-log>
+ <management-interfaces>
+ <native-interface security-realm="ManagementRealm">
+ <socket interface="management" port="${jboss.management.native.port:9999}"/>
+ </native-interface>
+ <http-interface security-realm="ManagementRealm" http-upgrade-enabled="true">
+ <socket interface="management" port="${jboss.management.http.port:9990}"/>
+ </http-interface>
+ </management-interfaces>
+ </management>
+ <domain-controller>
+ <local/>
+ </domain-controller>
+ <interfaces>
+ <interface name="management">
+ <inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
+ </interface>
+ <interface name="public">
+ <inet-address value="${jboss.bind.address:127.0.0.1}"/>
+ </interface>
+ </interfaces>
+ <jvms>
+ <jvm name="default">
+ <heap size="64m" max-size="256m"/>
+ <jvm-options>
+ <option value="-server"/>
+ </jvm-options>
+ </jvm>
+ </jvms>
+ <servers>
+ <!-- load-balancer should be removed in production systems and replaced with a better softare or hardare based one -->
+ <server name="load-balancer" group="load-balancer-group"/>
+ <server name="server-one" group="auth-server-group" auto-start="true">
+ <!--
+ ~ Remote JPDA debugging for a specific server
+ ~ <jvm name="default">
+ ~ <jvm-options>
+ ~ <option value="-agentlib:jdwp=transport=dt_socket,address=8787,server=y,suspend=n"/>
+ ~ </jvm-options>
+ ~ </jvm>
+ ~
+ -->
+ <!--
+ ~ server-two avoids port conflicts by incrementing the ports in
+ ~ the default socket-group declared in the server-group
+ -->
+ <socket-bindings port-offset="150"/>
+ </server>
+ </servers>
+ <profile>
+ <subsystem xmlns="urn:jboss:domain:jmx:1.3">
+ <expose-resolved-model/>
+ <expose-expression-model/>
+ <remoting-connector/>
+ </subsystem>
+ </profile>
+</host>
diff --git a/testsuite/integration-arquillian/tests/other/server-config-migration/src/test/resources/standalone/standalone-2.5.5.Final-redhat-1.xml b/testsuite/integration-arquillian/tests/other/server-config-migration/src/test/resources/standalone/standalone-2.5.5.Final-redhat-1.xml
new file mode 100644
index 0000000..d344581
--- /dev/null
+++ b/testsuite/integration-arquillian/tests/other/server-config-migration/src/test/resources/standalone/standalone-2.5.5.Final-redhat-1.xml
@@ -0,0 +1,479 @@
+<?xml version="1.0" ?>
+
+<server xmlns="urn:jboss:domain:4.1">
+ <extensions>
+ <extension module="org.jboss.as.clustering.infinispan"/>
+ <extension module="org.jboss.as.connector"/>
+ <extension module="org.jboss.as.deployment-scanner"/>
+ <extension module="org.jboss.as.ee"/>
+ <extension module="org.jboss.as.ejb3"/>
+ <extension module="org.jboss.as.jaxrs"/>
+ <extension module="org.jboss.as.jdr"/>
+ <extension module="org.jboss.as.jmx"/>
+ <extension module="org.jboss.as.jpa"/>
+ <extension module="org.jboss.as.jsf"/>
+ <extension module="org.jboss.as.logging"/>
+ <extension module="org.jboss.as.mail"/>
+ <extension module="org.jboss.as.naming"/>
+ <extension module="org.jboss.as.remoting"/>
+ <extension module="org.jboss.as.security"/>
+ <extension module="org.jboss.as.transactions"/>
+ <extension module="org.keycloak.keycloak-server-subsystem"/>
+ <extension module="org.wildfly.extension.bean-validation"/>
+ <extension module="org.wildfly.extension.io"/>
+ <extension module="org.wildfly.extension.request-controller"/>
+ <extension module="org.wildfly.extension.security.manager"/>
+ <extension module="org.wildfly.extension.undertow"/>
+ </extensions>
+ <management>
+ <security-realms>
+ <security-realm name="ManagementRealm">
+ <authentication>
+ <local default-user="$local" skip-group-loading="true"/>
+ <properties path="mgmt-users.properties" relative-to="jboss.server.config.dir"/>
+ </authentication>
+ <authorization map-groups-to-roles="false">
+ <properties path="mgmt-groups.properties" relative-to="jboss.server.config.dir"/>
+ </authorization>
+ </security-realm>
+ <security-realm name="ApplicationRealm">
+ <authentication>
+ <local default-user="$local" allowed-users="*" skip-group-loading="true"/>
+ <properties path="application-users.properties" relative-to="jboss.server.config.dir"/>
+ </authentication>
+ <authorization>
+ <properties path="application-roles.properties" relative-to="jboss.server.config.dir"/>
+ </authorization>
+ </security-realm>
+ </security-realms>
+ <audit-log>
+ <formatters>
+ <json-formatter name="json-formatter"/>
+ </formatters>
+ <handlers>
+ <file-handler name="file" formatter="json-formatter" relative-to="jboss.server.data.dir" path="audit-log.log"/>
+ </handlers>
+ <logger log-boot="true" log-read-only="false" enabled="false">
+ <handlers>
+ <handler name="file"/>
+ </handlers>
+ </logger>
+ </audit-log>
+ <management-interfaces>
+ <http-interface security-realm="ManagementRealm" http-upgrade-enabled="true">
+ <socket-binding http="management-http"/>
+ </http-interface>
+ </management-interfaces>
+ <access-control provider="simple">
+ <role-mapping>
+ <role name="SuperUser">
+ <include>
+ <user name="$local"/>
+ </include>
+ </role>
+ </role-mapping>
+ </access-control>
+ </management>
+ <profile>
+ <subsystem xmlns="urn:jboss:domain:logging:3.0">
+ <console-handler name="CONSOLE">
+ <level name="INFO"/>
+ <formatter>
+ <named-formatter name="COLOR-PATTERN"/>
+ </formatter>
+ </console-handler>
+ <periodic-rotating-file-handler name="FILE" autoflush="true">
+ <formatter>
+ <named-formatter name="PATTERN"/>
+ </formatter>
+ <file relative-to="jboss.server.log.dir" path="server.log"/>
+ <suffix value=".yyyy-MM-dd"/>
+ <append value="true"/>
+ </periodic-rotating-file-handler>
+ <logger category="com.arjuna">
+ <level name="WARN"/>
+ </logger>
+ <logger category="org.jboss.as.config">
+ <level name="DEBUG"/>
+ </logger>
+ <logger category="sun.rmi">
+ <level name="WARN"/>
+ </logger>
+ <root-logger>
+ <level name="INFO"/>
+ <handlers>
+ <handler name="CONSOLE"/>
+ <handler name="FILE"/>
+ </handlers>
+ </root-logger>
+ <formatter name="PATTERN">
+ <pattern-formatter pattern="%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n"/>
+ </formatter>
+ <formatter name="COLOR-PATTERN">
+ <pattern-formatter pattern="%K{level}%d{HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n"/>
+ </formatter>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:bean-validation:1.0"/>
+ <subsystem xmlns="urn:jboss:domain:datasources:4.0">
+ <datasources>
+ <datasource jndi-name="java:jboss/datasources/ExampleDS" pool-name="ExampleDS" enabled="true" use-java-context="true">
+ <connection-url>jdbc:h2:mem:test;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE</connection-url>
+ <driver>h2</driver>
+ <security>
+ <user-name>sa</user-name>
+ <password>sa</password>
+ </security>
+ </datasource>
+ <datasource jndi-name="java:jboss/datasources/KeycloakDS" pool-name="KeycloakDS" enabled="true" use-java-context="true">
+ <connection-url>jdbc:h2:${jboss.server.data.dir}/keycloak;AUTO_SERVER=TRUE</connection-url>
+ <driver>h2</driver>
+ <security>
+ <user-name>sa</user-name>
+ <password>sa</password>
+ </security>
+ </datasource>
+ <drivers>
+ <driver name="h2" module="com.h2database.h2">
+ <xa-datasource-class>org.h2.jdbcx.JdbcDataSource</xa-datasource-class>
+ </driver>
+ </drivers>
+ </datasources>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:deployment-scanner:2.0">
+ <deployment-scanner path="deployments" relative-to="jboss.server.base.dir" scan-interval="5000" runtime-failure-causes-rollback="${jboss.deployment.scanner.rollback.on.failure:false}"/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:ee:4.0">
+ <spec-descriptor-property-replacement>false</spec-descriptor-property-replacement>
+ <concurrent>
+ <context-services>
+ <context-service name="default" jndi-name="java:jboss/ee/concurrency/context/default" use-transaction-setup-provider="true"/>
+ </context-services>
+ <managed-thread-factories>
+ <managed-thread-factory name="default" jndi-name="java:jboss/ee/concurrency/factory/default" context-service="default"/>
+ </managed-thread-factories>
+ <managed-executor-services>
+ <managed-executor-service name="default" jndi-name="java:jboss/ee/concurrency/executor/default" context-service="default" hung-task-threshold="60000" keepalive-time="5000"/>
+ </managed-executor-services>
+ <managed-scheduled-executor-services>
+ <managed-scheduled-executor-service name="default" jndi-name="java:jboss/ee/concurrency/scheduler/default" context-service="default" hung-task-threshold="60000" keepalive-time="3000"/>
+ </managed-scheduled-executor-services>
+ </concurrent>
+ <default-bindings context-service="java:jboss/ee/concurrency/context/default" datasource="java:jboss/datasources/ExampleDS" managed-executor-service="java:jboss/ee/concurrency/executor/default" managed-scheduled-executor-service="java:jboss/ee/concurrency/scheduler/default" managed-thread-factory="java:jboss/ee/concurrency/factory/default"/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:ejb3:4.0">
+ <session-bean>
+ <stateless>
+ <bean-instance-pool-ref pool-name="slsb-strict-max-pool"/>
+ </stateless>
+ <stateful default-access-timeout="5000" cache-ref="simple" passivation-disabled-cache-ref="simple"/>
+ <singleton default-access-timeout="5000"/>
+ </session-bean>
+ <pools>
+ <bean-instance-pools>
+ <!-- Automatically configure pools. Alternatively, max-pool-size can be set to a specific value -->
+ <strict-max-pool name="slsb-strict-max-pool" derive-size="from-worker-pools" instance-acquisition-timeout="5" instance-acquisition-timeout-unit="MINUTES"/>
+ <strict-max-pool name="mdb-strict-max-pool" derive-size="from-cpu-count" instance-acquisition-timeout="5" instance-acquisition-timeout-unit="MINUTES"/>
+ </bean-instance-pools>
+ </pools>
+ <caches>
+ <cache name="simple"/>
+ <cache name="distributable" passivation-store-ref="infinispan" aliases="passivating clustered"/>
+ </caches>
+ <passivation-stores>
+ <passivation-store name="infinispan" cache-container="ejb" max-size="10000"/>
+ </passivation-stores>
+ <async thread-pool-name="default"/>
+ <timer-service thread-pool-name="default" default-data-store="default-file-store">
+ <data-stores>
+ <file-data-store name="default-file-store" path="timer-service-data" relative-to="jboss.server.data.dir"/>
+ </data-stores>
+ </timer-service>
+ <remote connector-ref="http-remoting-connector" thread-pool-name="default"/>
+ <thread-pools>
+ <thread-pool name="default">
+ <max-threads count="10"/>
+ <keepalive-time time="100" unit="milliseconds"/>
+ </thread-pool>
+ </thread-pools>
+ <default-security-domain value="other"/>
+ <default-missing-method-permissions-deny-access value="true"/>
+ <log-system-exceptions value="true"/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:io:1.1">
+ <worker name="default"/>
+ <buffer-pool name="default"/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:infinispan:4.0">
+ <cache-container name="keycloak" jndi-name="infinispan/Keycloak">
+ <local-cache name="realms">
+ <eviction max-entries="10000" strategy="LRU"/>
+ </local-cache>
+ <local-cache name="users">
+ <eviction max-entries="10000" strategy="LRU"/>
+ </local-cache>
+ <local-cache name="sessions"/>
+ <local-cache name="offlineSessions"/>
+ <local-cache name="loginFailures"/>
+ <local-cache name="work"/>
+ <local-cache name="authorization">
+ <eviction max-entries="100" strategy="LRU"/>
+ </local-cache>
+ <local-cache name="keys">
+ <eviction max-entries="1000" strategy="LRU"/>
+ <expiration max-idle="3600000"/>
+ </local-cache>
+ </cache-container>
+ <cache-container name="server" default-cache="default" module="org.wildfly.clustering.server">
+ <local-cache name="default">
+ <transaction mode="BATCH"/>
+ </local-cache>
+ </cache-container>
+ <cache-container name="web" default-cache="passivation" module="org.wildfly.clustering.web.infinispan">
+ <local-cache name="passivation">
+ <locking isolation="REPEATABLE_READ"/>
+ <transaction mode="BATCH"/>
+ <file-store passivation="true" purge="false"/>
+ </local-cache>
+ <local-cache name="persistent">
+ <locking isolation="REPEATABLE_READ"/>
+ <transaction mode="BATCH"/>
+ <file-store passivation="false" purge="false"/>
+ </local-cache>
+ </cache-container>
+ <cache-container name="ejb" aliases="sfsb" default-cache="passivation" module="org.wildfly.clustering.ejb.infinispan">
+ <local-cache name="passivation">
+ <locking isolation="REPEATABLE_READ"/>
+ <transaction mode="BATCH"/>
+ <file-store passivation="true" purge="false"/>
+ </local-cache>
+ <local-cache name="persistent">
+ <locking isolation="REPEATABLE_READ"/>
+ <transaction mode="BATCH"/>
+ <file-store passivation="false" purge="false"/>
+ </local-cache>
+ </cache-container>
+ <cache-container name="hibernate" default-cache="local-query" module="org.hibernate.infinispan">
+ <local-cache name="entity">
+ <transaction mode="NON_XA"/>
+ <eviction strategy="LRU" max-entries="10000"/>
+ <expiration max-idle="100000"/>
+ </local-cache>
+ <local-cache name="local-query">
+ <eviction strategy="LRU" max-entries="10000"/>
+ <expiration max-idle="100000"/>
+ </local-cache>
+ <local-cache name="timestamps"/>
+ </cache-container>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:jaxrs:1.0"/>
+ <subsystem xmlns="urn:jboss:domain:jca:4.0">
+ <archive-validation enabled="true" fail-on-error="true" fail-on-warn="false"/>
+ <bean-validation enabled="true"/>
+ <default-workmanager>
+ <short-running-threads>
+ <core-threads count="50"/>
+ <queue-length count="50"/>
+ <max-threads count="50"/>
+ <keepalive-time time="10" unit="seconds"/>
+ </short-running-threads>
+ <long-running-threads>
+ <core-threads count="50"/>
+ <queue-length count="50"/>
+ <max-threads count="50"/>
+ <keepalive-time time="10" unit="seconds"/>
+ </long-running-threads>
+ </default-workmanager>
+ <cached-connection-manager/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:jdr:1.0"/>
+ <subsystem xmlns="urn:jboss:domain:jmx:1.3">
+ <expose-resolved-model/>
+ <expose-expression-model/>
+ <remoting-connector/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:jpa:1.1">
+ <jpa default-datasource="" default-extended-persistence-inheritance="DEEP"/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:jsf:1.0"/>
+ <subsystem xmlns="urn:jboss:domain:mail:2.0">
+ <mail-session name="default" jndi-name="java:jboss/mail/Default">
+ <smtp-server outbound-socket-binding-ref="mail-smtp"/>
+ </mail-session>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:naming:2.0">
+ <remote-naming/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:remoting:3.0">
+ <endpoint/>
+ <http-connector name="http-remoting-connector" connector-ref="default" security-realm="ApplicationRealm"/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:request-controller:1.0"/>
+ <subsystem xmlns="urn:jboss:domain:security-manager:1.0">
+ <deployment-permissions>
+ <maximum-set>
+ <permission class="java.security.AllPermission"/>
+ </maximum-set>
+ </deployment-permissions>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:security:1.2">
+ <security-domains>
+ <security-domain name="other" cache-type="default">
+ <authentication>
+ <login-module code="Remoting" flag="optional">
+ <module-option name="password-stacking" value="useFirstPass"/>
+ </login-module>
+ <login-module code="RealmDirect" flag="required">
+ <module-option name="password-stacking" value="useFirstPass"/>
+ </login-module>
+ </authentication>
+ </security-domain>
+ <security-domain name="jboss-web-policy" cache-type="default">
+ <authorization>
+ <policy-module code="Delegating" flag="required"/>
+ </authorization>
+ </security-domain>
+ <security-domain name="jboss-ejb-policy" cache-type="default">
+ <authorization>
+ <policy-module code="Delegating" flag="required"/>
+ </authorization>
+ </security-domain>
+ <security-domain name="jaspitest" cache-type="default">
+ <authentication-jaspi>
+ <login-module-stack name="dummy">
+ <login-module code="Dummy" flag="optional"/>
+ </login-module-stack>
+ <auth-module code="Dummy"/>
+ </authentication-jaspi>
+ </security-domain>
+ </security-domains>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:transactions:3.0">
+ <core-environment>
+ <process-id>
+ <uuid/>
+ </process-id>
+ </core-environment>
+ <recovery-environment socket-binding="txn-recovery-environment" status-socket-binding="txn-status-manager"/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:undertow:3.1">
+ <buffer-cache name="default"/>
+ <server name="default-server">
+ <http-listener name="default" socket-binding="http" redirect-socket="https"/>
+ <host name="default-host" alias="localhost">
+ <location name="/" handler="welcome-content"/>
+ <filter-ref name="server-header"/>
+ <filter-ref name="x-powered-by-header"/>
+ </host>
+ </server>
+ <servlet-container name="default">
+ <jsp-config/>
+ <websockets/>
+ </servlet-container>
+ <handlers>
+ <file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>
+ </handlers>
+ <filters>
+ <response-header name="server-header" header-name="Server" header-value="JBoss-EAP/7"/>
+ <response-header name="x-powered-by-header" header-name="X-Powered-By" header-value="Undertow/1"/>
+ </filters>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:keycloak-server:1.1">
+ <web-context>auth</web-context>
+ <providers>
+ <provider>classpath:${jboss.home.dir}/providers/*</provider>
+ </providers>
+ <master-realm-name>master</master-realm-name>
+ <scheduled-task-interval>900</scheduled-task-interval>
+ <theme>
+ <staticMaxAge>2592000</staticMaxAge>
+ <cacheThemes>true</cacheThemes>
+ <cacheTemplates>true</cacheTemplates>
+ <dir>${jboss.home.dir}/themes</dir>
+ </theme>
+ <spi name="eventsStore">
+ <default-provider>jpa</default-provider>
+ <provider name="jpa" enabled="true">
+ <properties>
+ <property name="exclude-events" value="["REFRESH_TOKEN"]"/>
+ </properties>
+ </provider>
+ </spi>
+ <spi name="realm">
+ <default-provider>jpa</default-provider>
+ </spi>
+ <spi name="user">
+ <default-provider>jpa</default-provider>
+ </spi>
+ <spi name="userFederatedStorage">
+ <default-provider>jpa</default-provider>
+ </spi>
+ <spi name="userCache">
+ <provider name="default" enabled="true"/>
+ </spi>
+ <spi name="userSessionPersister">
+ <default-provider>jpa</default-provider>
+ </spi>
+ <spi name="authorizationPersister">
+ <default-provider>jpa</default-provider>
+ </spi>
+ <spi name="timer">
+ <default-provider>basic</default-provider>
+ </spi>
+ <spi name="connectionsHttpClient">
+ <provider name="default" enabled="true"/>
+ </spi>
+ <spi name="connectionsJpa">
+ <provider name="default" enabled="true">
+ <properties>
+ <property name="dataSource" value="java:jboss/datasources/KeycloakDS"/>
+ <property name="initializeEmpty" value="true"/>
+ <property name="migrationStrategy" value="update"/>
+ <property name="migrationExport" value="${jboss.home.dir}/keycloak-database-update.sql"/>
+ </properties>
+ </provider>
+ </spi>
+ <spi name="realmCache">
+ <provider name="default" enabled="true"/>
+ </spi>
+ <spi name="connectionsInfinispan">
+ <default-provider>default</default-provider>
+ <provider name="default" enabled="true">
+ <properties>
+ <property name="cacheContainer" value="java:comp/env/infinispan/Keycloak"/>
+ </properties>
+ </provider>
+ </spi>
+ <spi name="jta-lookup">
+ <default-provider>${keycloak.jta.lookup.provider:jboss}</default-provider>
+ <provider name="jboss" enabled="true"/>
+ </spi>
+ <spi name="publicKeyStorage">
+ <provider name="infinispan" enabled="true">
+ <properties>
+ <property name="minTimeBetweenRequests" value="10"/>
+ </properties>
+ </provider>
+ </spi>
+ </subsystem>
+ </profile>
+ <interfaces>
+ <interface name="management">
+ <inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
+ </interface>
+ <interface name="public">
+ <inet-address value="${jboss.bind.address:127.0.0.1}"/>
+ </interface>
+ </interfaces>
+ <socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
+ <socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/>
+ <socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9993}"/>
+ <socket-binding name="ajp" port="${jboss.ajp.port:8009}"/>
+ <socket-binding name="http" port="${jboss.http.port:8080}"/>
+ <socket-binding name="https" port="${jboss.https.port:8443}"/>
+ <socket-binding name="txn-recovery-environment" port="4712"/>
+ <socket-binding name="txn-status-manager" port="4713"/>
+ <outbound-socket-binding name="mail-smtp">
+ <remote-destination host="localhost" port="25"/>
+ </outbound-socket-binding>
+ </socket-binding-group>
+</server>
diff --git a/testsuite/integration-arquillian/tests/other/server-config-migration/src/test/resources/standalone/standalone-ha-2.5.5.Final-redhat-1.xml b/testsuite/integration-arquillian/tests/other/server-config-migration/src/test/resources/standalone/standalone-ha-2.5.5.Final-redhat-1.xml
new file mode 100644
index 0000000..d85e77f
--- /dev/null
+++ b/testsuite/integration-arquillian/tests/other/server-config-migration/src/test/resources/standalone/standalone-ha-2.5.5.Final-redhat-1.xml
@@ -0,0 +1,527 @@
+<?xml version="1.0" ?>
+
+<server xmlns="urn:jboss:domain:4.1">
+ <extensions>
+ <extension module="org.jboss.as.clustering.infinispan"/>
+ <extension module="org.jboss.as.clustering.jgroups"/>
+ <extension module="org.jboss.as.connector"/>
+ <extension module="org.jboss.as.deployment-scanner"/>
+ <extension module="org.jboss.as.ee"/>
+ <extension module="org.jboss.as.ejb3"/>
+ <extension module="org.jboss.as.jaxrs"/>
+ <extension module="org.jboss.as.jdr"/>
+ <extension module="org.jboss.as.jmx"/>
+ <extension module="org.jboss.as.jpa"/>
+ <extension module="org.jboss.as.jsf"/>
+ <extension module="org.jboss.as.logging"/>
+ <extension module="org.jboss.as.mail"/>
+ <extension module="org.jboss.as.modcluster"/>
+ <extension module="org.jboss.as.naming"/>
+ <extension module="org.jboss.as.remoting"/>
+ <extension module="org.jboss.as.security"/>
+ <extension module="org.jboss.as.transactions"/>
+ <extension module="org.keycloak.keycloak-server-subsystem"/>
+ <extension module="org.wildfly.extension.bean-validation"/>
+ <extension module="org.wildfly.extension.io"/>
+ <extension module="org.wildfly.extension.request-controller"/>
+ <extension module="org.wildfly.extension.security.manager"/>
+ <extension module="org.wildfly.extension.undertow"/>
+ </extensions>
+ <management>
+ <security-realms>
+ <security-realm name="ManagementRealm">
+ <authentication>
+ <local default-user="$local" skip-group-loading="true"/>
+ <properties path="mgmt-users.properties" relative-to="jboss.server.config.dir"/>
+ </authentication>
+ <authorization map-groups-to-roles="false">
+ <properties path="mgmt-groups.properties" relative-to="jboss.server.config.dir"/>
+ </authorization>
+ </security-realm>
+ <security-realm name="ApplicationRealm">
+ <authentication>
+ <local default-user="$local" allowed-users="*" skip-group-loading="true"/>
+ <properties path="application-users.properties" relative-to="jboss.server.config.dir"/>
+ </authentication>
+ <authorization>
+ <properties path="application-roles.properties" relative-to="jboss.server.config.dir"/>
+ </authorization>
+ </security-realm>
+ </security-realms>
+ <audit-log>
+ <formatters>
+ <json-formatter name="json-formatter"/>
+ </formatters>
+ <handlers>
+ <file-handler name="file" formatter="json-formatter" relative-to="jboss.server.data.dir" path="audit-log.log"/>
+ </handlers>
+ <logger log-boot="true" log-read-only="false" enabled="false">
+ <handlers>
+ <handler name="file"/>
+ </handlers>
+ </logger>
+ </audit-log>
+ <management-interfaces>
+ <http-interface security-realm="ManagementRealm" http-upgrade-enabled="true">
+ <socket-binding http="management-http"/>
+ </http-interface>
+ </management-interfaces>
+ <access-control provider="simple">
+ <role-mapping>
+ <role name="SuperUser">
+ <include>
+ <user name="$local"/>
+ </include>
+ </role>
+ </role-mapping>
+ </access-control>
+ </management>
+ <profile>
+ <subsystem xmlns="urn:jboss:domain:logging:3.0">
+ <console-handler name="CONSOLE">
+ <level name="INFO"/>
+ <formatter>
+ <named-formatter name="COLOR-PATTERN"/>
+ </formatter>
+ </console-handler>
+ <periodic-rotating-file-handler name="FILE" autoflush="true">
+ <formatter>
+ <named-formatter name="PATTERN"/>
+ </formatter>
+ <file relative-to="jboss.server.log.dir" path="server.log"/>
+ <suffix value=".yyyy-MM-dd"/>
+ <append value="true"/>
+ </periodic-rotating-file-handler>
+ <logger category="com.arjuna">
+ <level name="WARN"/>
+ </logger>
+ <logger category="org.jboss.as.config">
+ <level name="DEBUG"/>
+ </logger>
+ <logger category="sun.rmi">
+ <level name="WARN"/>
+ </logger>
+ <root-logger>
+ <level name="INFO"/>
+ <handlers>
+ <handler name="CONSOLE"/>
+ <handler name="FILE"/>
+ </handlers>
+ </root-logger>
+ <formatter name="PATTERN">
+ <pattern-formatter pattern="%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n"/>
+ </formatter>
+ <formatter name="COLOR-PATTERN">
+ <pattern-formatter pattern="%K{level}%d{HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n"/>
+ </formatter>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:bean-validation:1.0"/>
+ <subsystem xmlns="urn:jboss:domain:datasources:4.0">
+ <datasources>
+ <datasource jndi-name="java:jboss/datasources/ExampleDS" pool-name="ExampleDS" enabled="true" use-java-context="true">
+ <connection-url>jdbc:h2:mem:test;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE</connection-url>
+ <driver>h2</driver>
+ <security>
+ <user-name>sa</user-name>
+ <password>sa</password>
+ </security>
+ </datasource>
+ <datasource jndi-name="java:jboss/datasources/KeycloakDS" pool-name="KeycloakDS" enabled="true" use-java-context="true">
+ <connection-url>jdbc:h2:${jboss.server.data.dir}/keycloak;AUTO_SERVER=TRUE</connection-url>
+ <driver>h2</driver>
+ <security>
+ <user-name>sa</user-name>
+ <password>sa</password>
+ </security>
+ </datasource>
+ <drivers>
+ <driver name="h2" module="com.h2database.h2">
+ <xa-datasource-class>org.h2.jdbcx.JdbcDataSource</xa-datasource-class>
+ </driver>
+ </drivers>
+ </datasources>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:deployment-scanner:2.0">
+ <deployment-scanner path="deployments" relative-to="jboss.server.base.dir" scan-interval="5000" runtime-failure-causes-rollback="${jboss.deployment.scanner.rollback.on.failure:false}"/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:ee:4.0">
+ <spec-descriptor-property-replacement>false</spec-descriptor-property-replacement>
+ <concurrent>
+ <context-services>
+ <context-service name="default" jndi-name="java:jboss/ee/concurrency/context/default" use-transaction-setup-provider="true"/>
+ </context-services>
+ <managed-thread-factories>
+ <managed-thread-factory name="default" jndi-name="java:jboss/ee/concurrency/factory/default" context-service="default"/>
+ </managed-thread-factories>
+ <managed-executor-services>
+ <managed-executor-service name="default" jndi-name="java:jboss/ee/concurrency/executor/default" context-service="default" hung-task-threshold="60000" keepalive-time="5000"/>
+ </managed-executor-services>
+ <managed-scheduled-executor-services>
+ <managed-scheduled-executor-service name="default" jndi-name="java:jboss/ee/concurrency/scheduler/default" context-service="default" hung-task-threshold="60000" keepalive-time="3000"/>
+ </managed-scheduled-executor-services>
+ </concurrent>
+ <default-bindings context-service="java:jboss/ee/concurrency/context/default" datasource="java:jboss/datasources/ExampleDS" managed-executor-service="java:jboss/ee/concurrency/executor/default" managed-scheduled-executor-service="java:jboss/ee/concurrency/scheduler/default" managed-thread-factory="java:jboss/ee/concurrency/factory/default"/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:ejb3:4.0">
+ <session-bean>
+ <stateless>
+ <bean-instance-pool-ref pool-name="slsb-strict-max-pool"/>
+ </stateless>
+ <stateful default-access-timeout="5000" cache-ref="distributable" passivation-disabled-cache-ref="simple"/>
+ <singleton default-access-timeout="5000"/>
+ </session-bean>
+ <pools>
+ <bean-instance-pools>
+ <!-- Automatically configure pools. Alternatively, max-pool-size can be set to a specific value -->
+ <strict-max-pool name="slsb-strict-max-pool" derive-size="from-worker-pools" instance-acquisition-timeout="5" instance-acquisition-timeout-unit="MINUTES"/>
+ <strict-max-pool name="mdb-strict-max-pool" derive-size="from-cpu-count" instance-acquisition-timeout="5" instance-acquisition-timeout-unit="MINUTES"/>
+ </bean-instance-pools>
+ </pools>
+ <caches>
+ <cache name="simple"/>
+ <cache name="distributable" passivation-store-ref="infinispan" aliases="passivating clustered"/>
+ </caches>
+ <passivation-stores>
+ <passivation-store name="infinispan" cache-container="ejb" max-size="10000"/>
+ </passivation-stores>
+ <async thread-pool-name="default"/>
+ <timer-service thread-pool-name="default" default-data-store="default-file-store">
+ <data-stores>
+ <file-data-store name="default-file-store" path="timer-service-data" relative-to="jboss.server.data.dir"/>
+ </data-stores>
+ </timer-service>
+ <remote connector-ref="http-remoting-connector" thread-pool-name="default"/>
+ <thread-pools>
+ <thread-pool name="default">
+ <max-threads count="10"/>
+ <keepalive-time time="100" unit="milliseconds"/>
+ </thread-pool>
+ </thread-pools>
+ <default-security-domain value="other"/>
+ <default-missing-method-permissions-deny-access value="true"/>
+ <log-system-exceptions value="true"/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:io:1.1">
+ <worker name="default"/>
+ <buffer-pool name="default"/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:infinispan:4.0">
+ <cache-container name="keycloak" jndi-name="infinispan/Keycloak">
+ <transport lock-timeout="60000"/>
+ <local-cache name="realms">
+ <eviction max-entries="10000" strategy="LRU"/>
+ </local-cache>
+ <local-cache name="users">
+ <eviction max-entries="10000" strategy="LRU"/>
+ </local-cache>
+ <distributed-cache name="sessions" mode="SYNC" owners="1"/>
+ <distributed-cache name="offlineSessions" mode="SYNC" owners="1"/>
+ <distributed-cache name="loginFailures" mode="SYNC" owners="1"/>
+ <distributed-cache name="authorization" mode="SYNC" owners="1"/>
+ <replicated-cache name="work" mode="SYNC"/>
+ <local-cache name="keys">
+ <eviction max-entries="1000" strategy="LRU"/>
+ <expiration max-idle="3600000"/>
+ </local-cache>
+ </cache-container>
+ <cache-container name="server" aliases="singleton cluster" default-cache="default" module="org.wildfly.clustering.server">
+ <transport lock-timeout="60000"/>
+ <replicated-cache name="default" mode="SYNC">
+ <transaction mode="BATCH"/>
+ </replicated-cache>
+ </cache-container>
+ <cache-container name="web" default-cache="dist" module="org.wildfly.clustering.web.infinispan">
+ <transport lock-timeout="60000"/>
+ <distributed-cache name="dist" mode="ASYNC" l1-lifespan="0" owners="2">
+ <locking isolation="REPEATABLE_READ"/>
+ <transaction mode="BATCH"/>
+ <file-store/>
+ </distributed-cache>
+ </cache-container>
+ <cache-container name="ejb" aliases="sfsb" default-cache="dist" module="org.wildfly.clustering.ejb.infinispan">
+ <transport lock-timeout="60000"/>
+ <distributed-cache name="dist" mode="ASYNC" l1-lifespan="0" owners="2">
+ <locking isolation="REPEATABLE_READ"/>
+ <transaction mode="BATCH"/>
+ <file-store/>
+ </distributed-cache>
+ </cache-container>
+ <cache-container name="hibernate" default-cache="local-query" module="org.hibernate.infinispan">
+ <transport lock-timeout="60000"/>
+ <local-cache name="local-query">
+ <eviction strategy="LRU" max-entries="10000"/>
+ <expiration max-idle="100000"/>
+ </local-cache>
+ <invalidation-cache name="entity" mode="SYNC">
+ <transaction mode="NON_XA"/>
+ <eviction strategy="LRU" max-entries="10000"/>
+ <expiration max-idle="100000"/>
+ </invalidation-cache>
+ <replicated-cache name="timestamps" mode="ASYNC"/>
+ </cache-container>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:jaxrs:1.0"/>
+ <subsystem xmlns="urn:jboss:domain:jca:4.0">
+ <archive-validation enabled="true" fail-on-error="true" fail-on-warn="false"/>
+ <bean-validation enabled="true"/>
+ <default-workmanager>
+ <short-running-threads>
+ <core-threads count="50"/>
+ <queue-length count="50"/>
+ <max-threads count="50"/>
+ <keepalive-time time="10" unit="seconds"/>
+ </short-running-threads>
+ <long-running-threads>
+ <core-threads count="50"/>
+ <queue-length count="50"/>
+ <max-threads count="50"/>
+ <keepalive-time time="10" unit="seconds"/>
+ </long-running-threads>
+ </default-workmanager>
+ <cached-connection-manager/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:jdr:1.0"/>
+ <subsystem xmlns="urn:jboss:domain:jgroups:4.0">
+ <channels default="ee">
+ <channel name="ee" stack="udp"/>
+ </channels>
+ <stacks>
+ <stack name="udp">
+ <transport type="UDP" socket-binding="jgroups-udp"/>
+ <protocol type="PING"/>
+ <protocol type="MERGE3"/>
+ <protocol type="FD_SOCK" socket-binding="jgroups-udp-fd"/>
+ <protocol type="FD_ALL"/>
+ <protocol type="VERIFY_SUSPECT"/>
+ <protocol type="pbcast.NAKACK2"/>
+ <protocol type="UNICAST3"/>
+ <protocol type="pbcast.STABLE"/>
+ <protocol type="pbcast.GMS"/>
+ <protocol type="UFC"/>
+ <protocol type="MFC"/>
+ <protocol type="FRAG2"/>
+ </stack>
+ <stack name="tcp">
+ <transport type="TCP" socket-binding="jgroups-tcp"/>
+ <protocol type="MPING" socket-binding="jgroups-mping"/>
+ <protocol type="MERGE3"/>
+ <protocol type="FD_SOCK" socket-binding="jgroups-tcp-fd"/>
+ <protocol type="FD"/>
+ <protocol type="VERIFY_SUSPECT"/>
+ <protocol type="pbcast.NAKACK2"/>
+ <protocol type="UNICAST3"/>
+ <protocol type="pbcast.STABLE"/>
+ <protocol type="pbcast.GMS"/>
+ <protocol type="MFC"/>
+ <protocol type="FRAG2"/>
+ </stack>
+ </stacks>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:jmx:1.3">
+ <expose-resolved-model/>
+ <expose-expression-model/>
+ <remoting-connector/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:jpa:1.1">
+ <jpa default-datasource="" default-extended-persistence-inheritance="DEEP"/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:jsf:1.0"/>
+ <subsystem xmlns="urn:jboss:domain:mail:2.0">
+ <mail-session name="default" jndi-name="java:jboss/mail/Default">
+ <smtp-server outbound-socket-binding-ref="mail-smtp"/>
+ </mail-session>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:modcluster:2.0">
+ <mod-cluster-config advertise-socket="modcluster" connector="ajp">
+ <dynamic-load-provider>
+ <load-metric type="cpu"/>
+ </dynamic-load-provider>
+ </mod-cluster-config>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:naming:2.0">
+ <remote-naming/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:remoting:3.0">
+ <endpoint/>
+ <http-connector name="http-remoting-connector" connector-ref="default" security-realm="ApplicationRealm"/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:request-controller:1.0"/>
+ <subsystem xmlns="urn:jboss:domain:security-manager:1.0">
+ <deployment-permissions>
+ <maximum-set>
+ <permission class="java.security.AllPermission"/>
+ </maximum-set>
+ </deployment-permissions>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:security:1.2">
+ <security-domains>
+ <security-domain name="other" cache-type="default">
+ <authentication>
+ <login-module code="Remoting" flag="optional">
+ <module-option name="password-stacking" value="useFirstPass"/>
+ </login-module>
+ <login-module code="RealmDirect" flag="required">
+ <module-option name="password-stacking" value="useFirstPass"/>
+ </login-module>
+ </authentication>
+ </security-domain>
+ <security-domain name="jboss-web-policy" cache-type="default">
+ <authorization>
+ <policy-module code="Delegating" flag="required"/>
+ </authorization>
+ </security-domain>
+ <security-domain name="jboss-ejb-policy" cache-type="default">
+ <authorization>
+ <policy-module code="Delegating" flag="required"/>
+ </authorization>
+ </security-domain>
+ <security-domain name="jaspitest" cache-type="default">
+ <authentication-jaspi>
+ <login-module-stack name="dummy">
+ <login-module code="Dummy" flag="optional"/>
+ </login-module-stack>
+ <auth-module code="Dummy"/>
+ </authentication-jaspi>
+ </security-domain>
+ </security-domains>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:transactions:3.0">
+ <core-environment>
+ <process-id>
+ <uuid/>
+ </process-id>
+ </core-environment>
+ <recovery-environment socket-binding="txn-recovery-environment" status-socket-binding="txn-status-manager"/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:undertow:3.1">
+ <buffer-cache name="default"/>
+ <server name="default-server">
+ <ajp-listener name="ajp" socket-binding="ajp"/>
+ <http-listener name="default" socket-binding="http" redirect-socket="https"/>
+ <host name="default-host" alias="localhost">
+ <location name="/" handler="welcome-content"/>
+ <filter-ref name="server-header"/>
+ <filter-ref name="x-powered-by-header"/>
+ </host>
+ </server>
+ <servlet-container name="default">
+ <jsp-config/>
+ <websockets/>
+ </servlet-container>
+ <handlers>
+ <file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>
+ </handlers>
+ <filters>
+ <response-header name="server-header" header-name="Server" header-value="JBoss-EAP/7"/>
+ <response-header name="x-powered-by-header" header-name="X-Powered-By" header-value="Undertow/1"/>
+ </filters>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:keycloak-server:1.1">
+ <web-context>auth</web-context>
+ <providers>
+ <provider>classpath:${jboss.home.dir}/providers/*</provider>
+ </providers>
+ <master-realm-name>master</master-realm-name>
+ <scheduled-task-interval>900</scheduled-task-interval>
+ <theme>
+ <staticMaxAge>2592000</staticMaxAge>
+ <cacheThemes>true</cacheThemes>
+ <cacheTemplates>true</cacheTemplates>
+ <dir>${jboss.home.dir}/themes</dir>
+ </theme>
+ <spi name="eventsStore">
+ <default-provider>jpa</default-provider>
+ <provider name="jpa" enabled="true">
+ <properties>
+ <property name="exclude-events" value="["REFRESH_TOKEN"]"/>
+ </properties>
+ </provider>
+ </spi>
+ <spi name="realm">
+ <default-provider>jpa</default-provider>
+ </spi>
+ <spi name="user">
+ <default-provider>jpa</default-provider>
+ </spi>
+ <spi name="userFederatedStorage">
+ <default-provider>jpa</default-provider>
+ </spi>
+ <spi name="userCache">
+ <provider name="default" enabled="true"/>
+ </spi>
+ <spi name="userSessionPersister">
+ <default-provider>jpa</default-provider>
+ </spi>
+ <spi name="authorizationPersister">
+ <default-provider>jpa</default-provider>
+ </spi>
+ <spi name="timer">
+ <default-provider>basic</default-provider>
+ </spi>
+ <spi name="connectionsHttpClient">
+ <provider name="default" enabled="true"/>
+ </spi>
+ <spi name="connectionsJpa">
+ <provider name="default" enabled="true">
+ <properties>
+ <property name="dataSource" value="java:jboss/datasources/KeycloakDS"/>
+ <property name="initializeEmpty" value="true"/>
+ <property name="migrationStrategy" value="update"/>
+ <property name="migrationExport" value="${jboss.home.dir}/keycloak-database-update.sql"/>
+ </properties>
+ </provider>
+ </spi>
+ <spi name="realmCache">
+ <provider name="default" enabled="true"/>
+ </spi>
+ <spi name="connectionsInfinispan">
+ <default-provider>default</default-provider>
+ <provider name="default" enabled="true">
+ <properties>
+ <property name="cacheContainer" value="java:comp/env/infinispan/Keycloak"/>
+ </properties>
+ </provider>
+ </spi>
+ <spi name="jta-lookup">
+ <default-provider>${keycloak.jta.lookup.provider:jboss}</default-provider>
+ <provider name="jboss" enabled="true"/>
+ </spi>
+ <spi name="publicKeyStorage">
+ <provider name="infinispan" enabled="true">
+ <properties>
+ <property name="minTimeBetweenRequests" value="10"/>
+ </properties>
+ </provider>
+ </spi>
+ </subsystem>
+ </profile>
+ <interfaces>
+ <interface name="management">
+ <inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
+ </interface>
+ <interface name="public">
+ <inet-address value="${jboss.bind.address:127.0.0.1}"/>
+ </interface>
+ <interface name="private">
+ <inet-address value="${jboss.bind.address.private:127.0.0.1}"/>
+ </interface>
+ </interfaces>
+ <socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
+ <socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/>
+ <socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9993}"/>
+ <socket-binding name="ajp" port="${jboss.ajp.port:8009}"/>
+ <socket-binding name="http" port="${jboss.http.port:8080}"/>
+ <socket-binding name="https" port="${jboss.https.port:8443}"/>
+ <socket-binding name="jgroups-mping" interface="private" port="0" multicast-address="${jboss.default.multicast.address:230.0.0.4}" multicast-port="45700"/>
+ <socket-binding name="jgroups-tcp" interface="private" port="7600"/>
+ <socket-binding name="jgroups-tcp-fd" interface="private" port="57600"/>
+ <socket-binding name="jgroups-udp" interface="private" port="55200" multicast-address="${jboss.default.multicast.address:230.0.0.4}" multicast-port="45688"/>
+ <socket-binding name="jgroups-udp-fd" interface="private" port="54200"/>
+ <socket-binding name="modcluster" port="0" multicast-address="224.0.1.105" multicast-port="23364"/>
+ <socket-binding name="txn-recovery-environment" port="4712"/>
+ <socket-binding name="txn-status-manager" port="4713"/>
+ <outbound-socket-binding name="mail-smtp">
+ <remote-destination host="localhost" port="25"/>
+ </outbound-socket-binding>
+ </socket-binding-group>
+</server>