keycloak-uncached

diff --git a/distribution/modules/build.xml b/distribution/modules/build.xml
index 80ff507..3c87a2f 100755
--- a/distribution/modules/build.xml
+++ b/distribution/modules/build.xml
@@ -46,6 +46,12 @@
             <maven-resource group="net.iharder" artifact="base64"/>
         </module-def>
 
+        <module-def name="org.bouncycastle">
+            <maven-resource group="org.bouncycastle" artifact="bcprov-jdk15on"/>
+            <maven-resource group="org.bouncycastle" artifact="bcpkix-jdk15on"/>
+            <maven-resource group="org.bouncycastle" artifact="bcmail-jdk15on"/>
+        </module-def>
+
         <module-def name="org.keycloak.keycloak-broker-core">
             <maven-resource group="org.keycloak" artifact="keycloak-broker-core"/>
         </module-def>

diff --git a/distribution/modules/pom.xml b/distribution/modules/pom.xml
index 9b69d37..aa14cb0 100755
--- a/distribution/modules/pom.xml
+++ b/distribution/modules/pom.xml
@@ -144,6 +144,12 @@
             <groupId>org.jboss.aesh</groupId>
             <artifactId>aesh</artifactId>
         </dependency>
+
+        <dependency>
+            <groupId>org.bouncycastle</groupId>
+            <artifactId>bcmail-jdk15on</artifactId>
+        </dependency>
+
     </dependencies>
 
     <build>

diff --git a/distribution/modules/src/main/resources/modules/org/bouncycastle/main/module.xml b/distribution/modules/src/main/resources/modules/org/bouncycastle/main/module.xml
new file mode 100644
index 0000000..c32565f
--- /dev/null
+++ b/distribution/modules/src/main/resources/modules/org/bouncycastle/main/module.xml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<module xmlns="urn:jboss:module:1.1" name="org.bouncycastle">
+    <resources>
+        <resource-root path="bcprov-jdk15on-1.50.jar"/>
+        <resource-root path="bcmail-jdk15on-1.50.jar"/>
+        <resource-root path="bcpkix-jdk15on-1.50.jar"/>
+    </resources>
+    <dependencies>
+        <module name="javax.api"/>
+    </dependencies>
+
+</module>
\ No newline at end of file

diff --git a/examples/demo-template/README.md.unconfigured b/examples/demo-template/README.md.unconfigured
index 73279e0..2752997 100755
--- a/examples/demo-template/README.md.unconfigured
+++ b/examples/demo-template/README.md.unconfigured
@@ -129,7 +129,7 @@ Then edit `<WILDFLY HOME>/standalone/configuration/standalone.xml` and add the f
     <secure-deployment name="product-portal.war">
         <realm>demo</realm>
         <resource>product-portal</resource>
-        <credential name="secret">484ba263-8bb5-4048-bb6f-40da75e9eefb</credential>
+        <credential name="secret">APPLICATION SECRET</credential>
     </secure-deployment>
 
 In the above snippet replace the following:

diff --git a/examples/kerberos/README.md b/examples/kerberos/README.md
index 5acdb62..f594fa5 100644
--- a/examples/kerberos/README.md
+++ b/examples/kerberos/README.md
@@ -31,8 +31,18 @@ Alternatively you can use OpenJDK7 but in this case you will need to use aes256-
 you can add system property to the maven command when running ApacheDS Kerberos server `-Dkerberos.encTypes=aes256-cts-hmac-sha1-96` (see below) and for 
 client add encryption types to configuration file like `/etc/krb5.conf` (but they should be already available. See below).
 
+Also if you are on Linux, make sure that record like:
+```
+127.0.0.1       localhost
+```
+is in your `/etc/hosts` before other records for the 127.0.0.1 host to avoid issues related to incompatible reverse lookup (Ensure the similar for other OS as well)
+
+
+**4)** Configure Kerberos client (On linux it's in file `/etc/krb5.conf` ). You need to configure `KEYCLOAK.ORG` realm and enable `forwardable` flag, which is needed 
+for credential delegation example, as application needs to forward Kerberos ticket and authenticate with it against LDAP server. 
+See [this file](https://github.com/keycloak/keycloak/blob/master/testsuite/integration/src/main/resources/kerberos/test-krb5.conf) for inspiration.
 
-**4)**  Run ApacheDS based Kerberos server embedded in Keycloak. Easiest is to checkout keycloak sources, build and then run KerberosEmbeddedServer 
+**5)**  Run ApacheDS based Kerberos server embedded in Keycloak. Easiest is to checkout keycloak sources, build and then run KerberosEmbeddedServer 
 as shown here: 
 
 ```
@@ -44,11 +54,6 @@ mvn exec:java -Pkerberos
 
 More details about embedded Kerberos server in [testsuite README](https://github.com/keycloak/keycloak/blob/master/testsuite/integration/README.md#kerberos-server).
 
-
-**5)** Configure Kerberos client (On linux it's in file `/etc/krb5.conf` ). You need to configure `KEYCLOAK.ORG` realm and enable `forwardable` flag, which is needed 
-for credential delegation example, as application needs to forward Kerberos ticket and authenticate with it against LDAP server. 
-See [this file](https://github.com/keycloak/keycloak/blob/master/testsuite/integration/src/main/resources/kerberos/test-krb5.conf) for inspiration.
-
   
 **6)** Configure browser (Firefox, Chrome or other) and enable SPNEGO authentication and credential delegation for `localhost` . 
 In Firefox it can be done by adding `localhost` to both `network.negotiate-auth.trusted-uris` and `network.negotiate-auth.delegation-uris` .