keycloak-uncached
Changes
distribution/modules/build.xml 4(+4 -0)
distribution/modules/pom.xml 5(+5 -0)
Details
diff --git a/distribution/appliance-dist/assembly.xml b/distribution/appliance-dist/assembly.xml
index 7444400..5f7247b 100755
--- a/distribution/appliance-dist/assembly.xml
+++ b/distribution/appliance-dist/assembly.xml
@@ -22,6 +22,7 @@
<exclude>**/*.sh</exclude>
<exclude>welcome-content/*</exclude>
<exclude>**/modules/system/layers/base/org/picketlink/**</exclude>
+ <exclude>**/modules/system/layers/base/org/jboss/as/cli/**</exclude>
</excludes>
</fileSet>
<fileSet>
distribution/modules/build.xml 4(+4 -0)
diff --git a/distribution/modules/build.xml b/distribution/modules/build.xml
index 7495cdc..f2f0c89 100755
--- a/distribution/modules/build.xml
+++ b/distribution/modules/build.xml
@@ -51,6 +51,10 @@
<maven-resource group="org.bouncycastle" artifact="bcprov-jdk16"/>
</module-def>
+ <module-def name="org.jboss.as.cli">
+ <maven-resource group="org.wildfly.core" artifact="wildfly-cli"/>
+ </module-def>
+
<module-def name="org.keycloak.keycloak-core">
<maven-resource group="org.keycloak" artifact="keycloak-core"/>
</module-def>
distribution/modules/pom.xml 5(+5 -0)
diff --git a/distribution/modules/pom.xml b/distribution/modules/pom.xml
index 503ea21..cfcfccc 100755
--- a/distribution/modules/pom.xml
+++ b/distribution/modules/pom.xml
@@ -84,6 +84,11 @@
<artifactId>bcprov-jdk16</artifactId>
</dependency>
<dependency>
+ <groupId>org.wildfly.core</groupId>
+ <artifactId>wildfly-cli</artifactId>
+ <version>${wildfly.core.version}</version>
+ </dependency>
+ <dependency>
<groupId>org.picketlink</groupId>
<artifactId>picketlink-common</artifactId>
</dependency>
diff --git a/distribution/modules/src/main/resources/modules/org/jboss/as/cli/main/module.xml b/distribution/modules/src/main/resources/modules/org/jboss/as/cli/main/module.xml
new file mode 100644
index 0000000..c46ff3a
--- /dev/null
+++ b/distribution/modules/src/main/resources/modules/org/jboss/as/cli/main/module.xml
@@ -0,0 +1,56 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+ ~ JBoss, Home of Professional Open Source.
+ ~ Copyright 2011, Red Hat, Inc., and individual contributors
+ ~ as indicated by the @author tags. See the copyright.txt file in the
+ ~ distribution for a full listing of individual contributors.
+ ~
+ ~ This is free software; you can redistribute it and/or modify it
+ ~ under the terms of the GNU Lesser General Public License as
+ ~ published by the Free Software Foundation; either version 2.1 of
+ ~ the License, or (at your option) any later version.
+ ~
+ ~ This software is distributed in the hope that it will be useful,
+ ~ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ ~ Lesser General Public License for more details.
+ ~
+ ~ You should have received a copy of the GNU Lesser General Public
+ ~ License along with this software; if not, write to the Free
+ ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ ~ 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ -->
+
+<module xmlns="urn:jboss:module:1.3" name="org.jboss.as.cli">
+ <properties>
+ <property name="jboss.api" value="private"/>
+ <property name="jboss.require-java-version" value="1.7"/>
+ </properties>
+
+ <main-class name="org.jboss.as.cli.CommandLineMain"/>
+
+ <resources>
+ <resource-root path="wildfly-cli-1.0.0.Alpha11-SNAPSHOT.jar"/>
+ </resources>
+
+ <dependencies>
+ <module name="org.jboss.aesh"/>
+ <module name="org.jboss.modules"/>
+ <module name="org.jboss.as.controller-client"/>
+ <module name="org.jboss.as.protocol"/>
+ <module name="org.wildfly.security.manager"/>
+ <module name="org.jboss.as.patching.cli" optional="true" services="import"/>
+ <module name="org.jboss.dmr"/>
+ <module name="org.jboss.logging"/>
+ <module name="org.jboss.logmanager" services="import"/>
+ <module name="org.jboss.remoting"/>
+ <module name="org.jboss.sasl"/>
+ <module name="org.jboss.staxmapper"/>
+ <module name="org.jboss.threads"/>
+ <module name="org.jboss.vfs"/>
+ <module name="org.picketbox" optional="true"/>
+ <module name="javax.api"/>
+ </dependencies>
+
+</module>
diff --git a/distribution/modules/src/main/resources/modules/org/jboss/as/cli/main/wildfly-cli-1.0.0.Alpha11-SNAPSHOT.jar b/distribution/modules/src/main/resources/modules/org/jboss/as/cli/main/wildfly-cli-1.0.0.Alpha11-SNAPSHOT.jar
new file mode 100644
index 0000000..c105089
Binary files /dev/null and b/distribution/modules/src/main/resources/modules/org/jboss/as/cli/main/wildfly-cli-1.0.0.Alpha11-SNAPSHOT.jar differ
diff --git a/docbook/reference/en/en-US/modules/server-installation.xml b/docbook/reference/en/en-US/modules/server-installation.xml
index 1fae98c..e3c01b7 100755
--- a/docbook/reference/en/en-US/modules/server-installation.xml
+++ b/docbook/reference/en/en-US/modules/server-installation.xml
@@ -124,6 +124,14 @@ keycloak-war-dist-all-&project.version;/
If you have Keycloak on JBoss AS 7.1.1 <link linkend="as7-specifics">these steps</link>.
</para>
</section>
+ <section id="subsystem_installation">
+ <title>Subsystem Installation</title>
+ <para>
+ For WildFly installations, the Keycloak server is not deployed from the /deployments directory. Instead, the Keycloak
+ subsystem module contains the Keycloak server and it is controlled by the subsystem. If you are using the
+ appliance install, this subsystem is already present and a Keycloak server is pre-defined in the subsytem declaration.
+ </para>
+ </section>
<section>
<title id="configure-server">Configuring the Server</title>
<para>
@@ -749,4 +757,136 @@ keycloak-war-dist-all-&project.version;/
</section>
</section>
+ <section>
+ <title>Configuring Servers from the Subsystem</title>
+ <para>
+ If you are using WildFly, the Keycloak server is deployed and configured from the Keycloak subsystem. This makes provisioning simpler in a domain environment.
+ It also allows you to create more than one Keycloak server instance inside a single WildFly instance. And, you can upload providers, themes, and
+ server configurations without disturbing Keycloak's auth-server.war.
+ </para>
+ <section>
+ <title>Manually Creating A Server</title>
+ <para>
+ A Keycloak server can be declared by editing standalone.xml or domain.xml.
+ </para>
+<para>
+<programlisting><![CDATA[
+<server xmlns="urn:jboss:domain:1.4">
+
+ <profile>
+ <subsystem xmlns="urn:jboss:domain:keycloak:1.0">
+ <auth-server name="keycloak-1">
+ <enabled>true</enabled>
+ <web-context>auth</web-context>
+ </auth-server>
+ <auth-server name="keyclaok-2">
+ <enabled>false</enabled>
+ <web-context>auth2</web-context>
+ </auth-server>
+ </subsystem>
+ </profile>
+]]>
+</programlisting>
+</para>
+ <warning>
+ <para>
+ If you create more than one Keycloak server, you will need to use <ulink url="https://developer.jboss.org/wiki/AGUIForTheCommandLineInterface">CLI GUI</ulink>
+ to fully configure each instance. At the least, you will need to run the <link linkend="uploading-extra-config">update-server-config</link> operation.
+ </para>
+ </warning>
+ </section>
+ <section>
+ <title>Using CLI and CLI GUI with the Keycloak Subsystem</title>
+ <para>
+ Servers can also be added/removed or enabled/disabled at runtime using the <ulink url="https://developer.jboss.org/wiki/CommandLineInterface">CLI</ulink> or
+ <ulink url="https://developer.jboss.org/wiki/AGUIForTheCommandLineInterface">CLI GUI</ulink> tool. These are tools that ship with WildFly and also with
+ the Keycloak Appliance installation. See <ulink url="https://developer.jboss.org/wiki/CommandLineInterface">CLI</ulink> or
+ <ulink url="https://developer.jboss.org/wiki/AGUIForTheCommandLineInterface">CLI GUI</ulink> documentation to learn more about how to start the tools
+ and issue commands.
+ </para>
+<para>
+To start CLI GUI with the Keycloak Appliance install:
+<programlisting><![CDATA[
+cd <APPLIANCE_INSTALL_DIR>/keycloak/bin
+./jboss-cli.sh --gui
+or
+./jboss.cli.bat --gui]]>
+</programlisting>
+<note>Your Keycloak server must be running to start in --gui mode.</note>
+</para>
+ <section>
+ <title>Basic CLI Commands</title>
+<para>
+Command to add a server in CLI:
+<programlisting><![CDATA[
+/subsystem=keycloak/auth-server=my-auth-server/:add(web-context=my-auth, enabled=true)]]>
+</programlisting>
+Because "enabled=true", a new Keycloak server will be immediately deployed. By default "enabled" is set to false.
+</para>
+<para>
+Command to remove a server in CLI:
+<programlisting><![CDATA[
+/subsystem=keycloak/auth-server=my-auth-server/:remove]]>
+</programlisting>
+The Keycloak server will be immediately deleted and undeployed.
+</para>
+<para>
+Command to enable or disable a server in CLI:
+<programlisting><![CDATA[
+/subsystem=keycloak/auth-server=foo/:write-attribute(name=enabled,value=true)]]>
+</programlisting>
+The Keycloak server will be immediately deployed or undeployed, but not deleted.
+</para>
+ </section>
+ <section id="uploading-extra-config">
+ <title>Uploading extra configuration using CLI GUI</title>
+ <para>
+ The WildFly Keycloak subsystem allows you to upload keycloak-server.json, provider jars, and theme jars to a Keycloak server instance. The
+ CLI operations for this are "update-server-config" and "add-provider". You must use
+ <ulink url="https://developer.jboss.org/wiki/AGUIForTheCommandLineInterface">CLI GUI</ulink> for these operations.
+ </para>
+ <para>
+ To use a new keycloak-server.json file for your server, find your server under the Keycloak subsystem. Then right-click the server,
+ select "update-server-config", and upload your file.
+ </para>
+
+ <para>
+ <imagedata fileref="images/update-server-config-select.png"/>
+ </para>
+ <para>
+ <imagedata fileref="images/update-server-config-dialog.png"/>
+ </para>
+
+ <warning>
+ <para>
+ If you use the update-server-config operation, you should delete or rename <WILDFLY_HOME>/standalone/configuration/keycloak-server.json.
+ Otherwise, all Keycloak server instances will use this file instead of your uploaded file.
+ </para>
+ </warning>
+ <para>
+ To upload a new provider jar or theme jar to your server, find your server under the Keycloak subsystem. Then right-click the server,
+ select "add-provider", and upload your file.
+ </para>
+ <para>
+ <imagedata fileref="images/add-provider-select.png"/>
+ </para>
+ <para>
+ <imagedata fileref="images/add-provider-dialog.png"/>
+ </para>
+ </section>
+ </section>
+ <section>
+ <title>Adding a Keycloak server in Domain Mode</title>
+ <para>
+ In domain mode, you start the server with the "domain" command instead of the "standalone" command. In this case, the Keycloak subsystem is
+ defined in domain/configuration/domain.xml instead of standalone/configuration.standalone.xml. Inside domain.xml, you will see more than one
+ profile. A Keycloak subsystem can be defined in zero or more of those profiles.
+ </para>
+ <para>
+ In the example below, a Keycloak server named "foo" is defined in the "full" profile. The "full" profile is assigned to the "main-server-group".
+ Every WildFly instance that belongs to "main-server-group" will get an identically configured deployment of the "foo" Keycloak server.
+ <imagedata fileref="images/domain-mode.png"/>
+ </para>
+ </section>
+ </section>
</chapter>
diff --git a/docbook/reference/en/images/add-provider-dialog.png b/docbook/reference/en/images/add-provider-dialog.png
new file mode 100644
index 0000000..ee1c44a
Binary files /dev/null and b/docbook/reference/en/images/add-provider-dialog.png differ
diff --git a/docbook/reference/en/images/add-provider-select.png b/docbook/reference/en/images/add-provider-select.png
new file mode 100644
index 0000000..c0f6766
Binary files /dev/null and b/docbook/reference/en/images/add-provider-select.png differ
diff --git a/docbook/reference/en/images/domain-mode.png b/docbook/reference/en/images/domain-mode.png
new file mode 100644
index 0000000..9d96bd0
Binary files /dev/null and b/docbook/reference/en/images/domain-mode.png differ
diff --git a/docbook/reference/en/images/update-server-config-dialog.png b/docbook/reference/en/images/update-server-config-dialog.png
new file mode 100644
index 0000000..9c52546
Binary files /dev/null and b/docbook/reference/en/images/update-server-config-dialog.png differ
diff --git a/docbook/reference/en/images/update-server-config-select.png b/docbook/reference/en/images/update-server-config-select.png
new file mode 100644
index 0000000..2af89df
Binary files /dev/null and b/docbook/reference/en/images/update-server-config-select.png differ