keycloak-aplcache
Changes
distribution/feature-packs/server-feature-pack/src/main/resources/configuration/domain/subsystems.xml 126(+66 -60)
distribution/feature-packs/server-feature-pack/src/main/resources/configuration/domain/template.xml 56(+46 -10)
distribution/feature-packs/server-feature-pack/src/main/resources/configuration/host/host.xml 18(+4 -14)
distribution/feature-packs/server-feature-pack/src/main/resources/configuration/host/host-master.xml 16(+4 -12)
distribution/feature-packs/server-feature-pack/src/main/resources/configuration/host/host-slave.xml 17(+5 -12)
distribution/feature-packs/server-feature-pack/src/main/resources/configuration/host/subsystems.xml 2(+0 -2)
distribution/feature-packs/server-feature-pack/src/main/resources/configuration/standalone/subsystems.xml 47(+23 -24)
distribution/feature-packs/server-feature-pack/src/main/resources/configuration/standalone/subsystems-ha.xml 7(+3 -4)
distribution/feature-packs/server-feature-pack/src/main/resources/configuration/standalone/template.xml 45(+28 -17)
pom.xml 10(+5 -5)
Details
diff --git a/common/src/main/java/org/keycloak/common/util/OCSPUtils.java b/common/src/main/java/org/keycloak/common/util/OCSPUtils.java
index 9dedec7..59eaab2 100644
--- a/common/src/main/java/org/keycloak/common/util/OCSPUtils.java
+++ b/common/src/main/java/org/keycloak/common/util/OCSPUtils.java
@@ -317,8 +317,8 @@ public final class OCSPUtils {
}
if (certs.size() > 0) {
- X500Name responderName = basicOcspResponse.getResponderId().toASN1Primitive().getName();
- byte[] responderKey = basicOcspResponse.getResponderId().toASN1Primitive().getKeyHash();
+ X500Name responderName = basicOcspResponse.getResponderId().toASN1Object().getName();
+ byte[] responderKey = basicOcspResponse.getResponderId().toASN1Object().getKeyHash();
if (responderName != null) {
logger.log(Level.INFO, "Responder Name: {0}", responderName.toString());
diff --git a/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/domain/subsystems.xml b/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/domain/subsystems.xml
index ab9bfa9..d2a8706 100755
--- a/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/domain/subsystems.xml
+++ b/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/domain/subsystems.xml
@@ -15,65 +15,71 @@
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
+
+<!-- See src/resources/configuration/ReadMe.txt for how the configuration assembly works -->
<config>
- <subsystems name="auth-server-standalone">
- <subsystem>logging.xml</subsystem>
- <subsystem>bean-validation.xml</subsystem>
- <subsystem>core-management.xml</subsystem>
- <subsystem supplement="default">keycloak-datasources.xml</subsystem>
- <subsystem>ee.xml</subsystem>
- <subsystem>ejb3.xml</subsystem>
- <subsystem>io.xml</subsystem>
- <subsystem>keycloak-infinispan.xml</subsystem>
- <subsystem>jaxrs.xml</subsystem>
- <subsystem>jca.xml</subsystem>
- <subsystem>jdr.xml</subsystem>
- <subsystem supplement="domain">jmx.xml</subsystem>
- <subsystem>jpa.xml</subsystem>
- <subsystem>jsf.xml</subsystem>
- <subsystem>mail.xml</subsystem>
- <subsystem>naming.xml</subsystem>
- <subsystem>remoting.xml</subsystem>
- <subsystem>request-controller.xml</subsystem>
- <subsystem supplement="domain-wildfly">elytron.xml</subsystem>
- <subsystem>security.xml</subsystem>
- <subsystem>security-manager.xml</subsystem>
- <subsystem>transactions.xml</subsystem>
- <subsystem>undertow.xml</subsystem>
- <subsystem>keycloak-server.xml</subsystem>
- </subsystems>
- <subsystems name="auth-server-clustered">
- <!-- Each subsystem to be included relative to the src/main/resources directory -->
- <subsystem>logging.xml</subsystem>
- <subsystem>bean-validation.xml</subsystem>
- <subsystem>core-management.xml</subsystem>
- <subsystem supplement="domain">keycloak-datasources.xml</subsystem>
- <subsystem>ee.xml</subsystem>
- <subsystem supplement="ha">ejb3.xml</subsystem>
- <subsystem>io.xml</subsystem>
- <subsystem supplement="ha">keycloak-infinispan.xml</subsystem>
- <subsystem>jaxrs.xml</subsystem>
- <subsystem>jca.xml</subsystem>
- <subsystem>jdr.xml</subsystem>
- <subsystem>jgroups.xml</subsystem>
- <subsystem supplement="domain">jmx.xml</subsystem>
- <subsystem>jpa.xml</subsystem>
- <subsystem>jsf.xml</subsystem>
- <subsystem>mail.xml</subsystem>
- <subsystem>mod_cluster.xml</subsystem>
- <subsystem>naming.xml</subsystem>
- <subsystem>remoting.xml</subsystem>
- <subsystem>request-controller.xml</subsystem>
- <subsystem supplement="domain-wildfly">elytron.xml</subsystem>
- <subsystem>security.xml</subsystem>
- <subsystem>security-manager.xml</subsystem>
- <subsystem>transactions.xml</subsystem>
- <subsystem supplement="ha">undertow.xml</subsystem>
- <subsystem>keycloak-server.xml</subsystem>
- </subsystems>
- <subsystems name="load-balancer">
- <subsystem>logging.xml</subsystem>
- <subsystem>io.xml</subsystem>
- <subsystem>undertow-load-balancer.xml</subsystem>
- </subsystems>
+ <subsystems name="load-balancer">
+ <!-- Each subsystem to be included relative to the src/main/resources directory -->
+ <subsystem>logging.xml</subsystem>
+ <subsystem>io.xml</subsystem>
+ <subsystem supplement="domain">jmx.xml</subsystem>
+ <subsystem>naming.xml</subsystem>
+ <subsystem>remoting.xml</subsystem>
+ <subsystem>request-controller.xml</subsystem>
+ <subsystem>security.xml</subsystem>
+ <subsystem>security-manager.xml</subsystem>
+ </subsystems>
+ <subsystems name="auth-server-standalone">
+ <!-- Each subsystem to be included relative to the src/main/resources directory -->
+ <subsystem>logging.xml</subsystem>
+ <subsystem>bean-validation.xml</subsystem>
+ <subsystem supplement="default">keycloak-datasources.xml</subsystem>
+ <subsystem>ee.xml</subsystem>
+ <subsystem>ejb3.xml</subsystem>
+ <subsystem>io.xml</subsystem>
+ <subsystem>keycloak-infinispan.xml</subsystem>
+ <subsystem>jaxrs.xml</subsystem>
+ <subsystem>jca.xml</subsystem>
+ <subsystem>jdr.xml</subsystem>
+ <subsystem supplement="domain">jmx.xml</subsystem>
+ <subsystem>jpa.xml</subsystem>
+ <subsystem>jsf.xml</subsystem>
+ <subsystem>mail.xml</subsystem>
+ <subsystem>naming.xml</subsystem>
+ <subsystem>remoting.xml</subsystem>
+ <subsystem>request-controller.xml</subsystem>
+ <subsystem>security.xml</subsystem>
+ <subsystem>security-manager.xml</subsystem>
+ <subsystem>transactions.xml</subsystem>
+ <subsystem>undertow.xml</subsystem>
+ <subsystem>keycloak-server.xml</subsystem>
+ </subsystems>
+
+ <subsystems name="auth-server-clustered">
+ <!-- Each subsystem to be included relative to the src/main/resources directory -->
+ <subsystem>logging.xml</subsystem>
+ <subsystem>bean-validation.xml</subsystem>
+ <subsystem supplement="domain">keycloak-datasources.xml</subsystem>
+ <subsystem>ee.xml</subsystem>
+ <subsystem supplement="ha">ejb3.xml</subsystem>
+ <subsystem>io.xml</subsystem>
+ <subsystem supplement="ha">keycloak-infinispan.xml</subsystem>
+ <subsystem>jaxrs.xml</subsystem>
+ <subsystem>jca.xml</subsystem>
+ <subsystem>jdr.xml</subsystem>
+ <subsystem>jgroups.xml</subsystem>
+ <subsystem supplement="domain">jmx.xml</subsystem>
+ <subsystem>jpa.xml</subsystem>
+ <subsystem>jsf.xml</subsystem>
+ <subsystem>mail.xml</subsystem>
+ <subsystem>mod_cluster.xml</subsystem>
+ <subsystem>naming.xml</subsystem>
+ <subsystem>remoting.xml</subsystem>
+ <subsystem>request-controller.xml</subsystem>
+ <subsystem>security.xml</subsystem>
+ <subsystem>security-manager.xml</subsystem>
+ <subsystem>transactions.xml</subsystem>
+ <subsystem supplement="ha">undertow.xml</subsystem>
+ <subsystem>keycloak-server.xml</subsystem>
+ </subsystems>
</config>
diff --git a/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/domain/template.xml b/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/domain/template.xml
index 5774706..e7b5885 100755
--- a/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/domain/template.xml
+++ b/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/domain/template.xml
@@ -17,7 +17,7 @@
~ limitations under the License.
-->
-<domain xmlns="urn:jboss:domain:5.0">
+<domain xmlns="urn:jboss:domain:4.0">
<extensions>
<?EXTENSIONS?>
@@ -60,6 +60,31 @@
-->
<profile name="load-balancer">
<?SUBSYSTEMS socket-binding-group="load-balancer-sockets"?>
+ <subsystem xmlns="urn:jboss:domain:undertow:3.0">
+ <buffer-cache name="default"/>
+ <server name="default-server">
+ <http-listener name="default" socket-binding="http" redirect-socket="https"/>
+ <host name="default-host" alias="localhost">
+ <location name="/" handler="lb-handler"/>
+ <filter-ref name="server-header"/>
+ <filter-ref name="x-powered-by-header"/>
+ </host>
+ </server>
+ <servlet-container name="default">
+ <jsp-config/>
+ <websockets/>
+ </servlet-container>
+ <handlers>
+ <reverse-proxy name="lb-handler">
+ <host name="host1" outbound-socket-binding="remote-host1" scheme="ajp" path="/" instance-id="myroute1"/>
+ <host name="host2" outbound-socket-binding="remote-host2" scheme="ajp" path="/" instance-id="myroute2"/>
+ </reverse-proxy>
+ </handlers>
+ <filters>
+ <response-header name="server-header" header-name="Server" header-value="WildFly/10"/>
+ <response-header name="x-powered-by-header" header-name="X-Powered-By" header-value="Undertow/1"/>
+ </filters>
+ </subsystem>
</profile>
</profiles>
@@ -71,8 +96,12 @@
These default configurations require the binding specification to be done in host.xml.
-->
<interfaces>
- <interface name="management"/>
- <interface name="public"/>
+ <interface name="management">
+ <inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
+ </interface>
+ <interface name="public">
+ <inet-address value="${jboss.bind.address:127.0.0.1}"/>
+ </interface>
<?INTERFACES?>
</interfaces>
@@ -85,25 +114,32 @@
</socket-binding-group>
<!-- load-balancer-sockets should be removed in production systems and replaced with a better softare or hardare based one -->
<socket-binding-group name="load-balancer-sockets" default-interface="public">
- <!-- Needed for server groups using the 'load-balancer' profile -->
+ <socket-binding name="ajp" port="${jboss.ajp.port:8009}"/>
+ <socket-binding name="http" port="${jboss.http.port:8080}"/>
+ <socket-binding name="https" port="${jboss.https.port:8443}"/>
+ <outbound-socket-binding name="remote-host1">
+ <remote-destination host="localhost" port="8159"/>
+ </outbound-socket-binding>
+ <outbound-socket-binding name="remote-host2">
+ <remote-destination host="localhost" port="8259"/>
+ </outbound-socket-binding>
<?SOCKET-BINDINGS?>
</socket-binding-group>
</socket-binding-groups>
<server-groups>
- <server-group name="auth-server-group" profile="auth-server-clustered">
+ <!-- load-balancer-group should be removed in production systems and replaced with a better softare or hardare based one -->
+ <server-group name="load-balancer-group" profile="load-balancer">
<jvm name="default">
<heap size="64m" max-size="512m"/>
</jvm>
- <socket-binding-group ref="ha-sockets"/>
+ <socket-binding-group ref="load-balancer-sockets"/>
</server-group>
-
- <!-- load-balancer-group should be removed in production systems and replaced with a better softare or hardare based one -->
- <server-group name="load-balancer-group" profile="load-balancer">
+ <server-group name="auth-server-group" profile="auth-server-clustered">
<jvm name="default">
<heap size="64m" max-size="512m"/>
</jvm>
- <socket-binding-group ref="load-balancer-sockets"/>
+ <socket-binding-group ref="ha-sockets"/>
</server-group>
</server-groups>
diff --git a/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/host/host.xml b/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/host/host.xml
index 6a4dba4..a5c9afb 100755
--- a/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/host/host.xml
+++ b/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/host/host.xml
@@ -23,7 +23,7 @@
via host-slave.xml
-->
-<host name="master" xmlns="urn:jboss:domain:5.0">
+<host name="master" xmlns="urn:jboss:domain:4.0">
<extensions>
<?EXTENSIONS?>
</extensions>
@@ -40,11 +40,6 @@
</authorization>
</security-realm>
<security-realm name="ApplicationRealm">
- <server-identities>
- <ssl>
- <keystore path="application.keystore" relative-to="jboss.domain.config.dir" keystore-password="password" alias="server" key-password="password" generate-self-signed-certificate-host="localhost"/>
- </ssl>
- </server-identities>
<authentication>
<local default-user="$local" allowed-users="*" skip-group-loading="true"/>
<properties path="application-users.properties" relative-to="jboss.domain.config.dir"/>
@@ -59,8 +54,8 @@
<json-formatter name="json-formatter"/>
</formatters>
<handlers>
- <file-handler name="host-file" formatter="json-formatter" path="audit-log.log" relative-to="jboss.domain.data.dir"/>
- <file-handler name="server-file" formatter="json-formatter" path="audit-log.log" relative-to="jboss.server.data.dir"/>
+ <file-handler name="host-file" formatter="json-formatter" relative-to="jboss.domain.data.dir" path="audit-log.log"/>
+ <file-handler name="server-file" formatter="json-formatter" relative-to="jboss.server.data.dir" path="audit-log.log"/>
</handlers>
<logger log-boot="true" log-read-only="false" enabled="false">
<handlers>
@@ -77,8 +72,7 @@
<native-interface security-realm="ManagementRealm">
<socket interface="management" port="${jboss.management.native.port:9999}"/>
</native-interface>
- <http-interface security-realm="ManagementRealm">
- <http-upgrade enabled="true" />
+ <http-interface security-realm="ManagementRealm" http-upgrade-enabled="true">
<socket interface="management" port="${jboss.management.http.port:9990}"/>
</http-interface>
</management-interfaces>
@@ -86,8 +80,6 @@
<domain-controller>
<local/>
- <!-- Alternative remote domain controller configuration with a host and port -->
- <!-- <remote protocol="remote" host="${jboss.domain.master.address}" port="${jboss.domain.master.port:9999}" security-realm="ManagementRealm"/> -->
</domain-controller>
<interfaces>
@@ -107,8 +99,6 @@
<heap size="64m" max-size="256m"/>
<jvm-options>
<option value="-server"/>
- <option value="-XX:MetaspaceSize=96m"/>
- <option value="-XX:MaxMetaspaceSize=256m"/>
</jvm-options>
</jvm>
</jvms>
diff --git a/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/host/host-master.xml b/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/host/host-master.xml
index 095fcc4..f5d89ee 100755
--- a/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/host/host-master.xml
+++ b/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/host/host-master.xml
@@ -22,7 +22,7 @@
is also started by this host controller file. The other instance must be started
via host-slave.xml
-->
-<host name="master" xmlns="urn:jboss:domain:5.0">
+<host name="master" xmlns="urn:jboss:domain:4.0">
<extensions>
<?EXTENSIONS?>
</extensions>
@@ -39,11 +39,6 @@
</authorization>
</security-realm>
<security-realm name="ApplicationRealm">
- <server-identities>
- <ssl>
- <keystore path="application.keystore" relative-to="jboss.domain.config.dir" keystore-password="password" alias="server" key-password="password" generate-self-signed-certificate-host="localhost"/>
- </ssl>
- </server-identities>
<authentication>
<local default-user="$local" allowed-users="*" skip-group-loading="true"/>
<properties path="application-users.properties" relative-to="jboss.domain.config.dir"/>
@@ -58,8 +53,8 @@
<json-formatter name="json-formatter"/>
</formatters>
<handlers>
- <file-handler name="host-file" formatter="json-formatter" path="audit-log.log" relative-to="jboss.domain.data.dir"/>
- <file-handler name="server-file" formatter="json-formatter" path="audit-log.log" relative-to="jboss.server.data.dir"/>
+ <file-handler name="host-file" formatter="json-formatter" relative-to="jboss.domain.data.dir" path="audit-log.log"/>
+ <file-handler name="server-file" formatter="json-formatter" relative-to="jboss.server.data.dir" path="audit-log.log"/>
</handlers>
<logger log-boot="true" log-read-only="false" enabled="false">
<handlers>
@@ -76,8 +71,7 @@
<native-interface security-realm="ManagementRealm">
<socket interface="management" port="${jboss.management.native.port:9999}"/>
</native-interface>
- <http-interface security-realm="ManagementRealm">
- <http-upgrade enabled="true" />
+ <http-interface security-realm="ManagementRealm" http-upgrade-enabled="true">
<socket interface="management" port="${jboss.management.http.port:9990}"/>
</http-interface>
</management-interfaces>
@@ -104,8 +98,6 @@
<heap size="64m" max-size="256m"/>
<jvm-options>
<option value="-server"/>
- <option value="-XX:MetaspaceSize=96m"/>
- <option value="-XX:MaxMetaspaceSize=256m"/>
</jvm-options>
</jvm>
</jvms>
diff --git a/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/host/host-slave.xml b/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/host/host-slave.xml
index 3b1812e..f8695d7 100755
--- a/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/host/host-slave.xml
+++ b/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/host/host-slave.xml
@@ -17,7 +17,7 @@
~ limitations under the License.
-->
-<host xmlns="urn:jboss:domain:5.0">
+<host xmlns="urn:jboss:domain:4.0">
<extensions>
<?EXTENSIONS?>
</extensions>
@@ -27,7 +27,7 @@
<security-realm name="ManagementRealm">
<server-identities>
<!-- Replace this with either a base64 password of your own, or use a vault with a vault expression -->
- <secret value="c2xhdmVfdXMzcl9wYXNzd29yZA=="/>
+ <secret value="c2xhdmVfdXNlcl9wYXNzd29yZA=="/>
</server-identities>
<authentication>
@@ -39,11 +39,6 @@
</authorization>
</security-realm>
<security-realm name="ApplicationRealm">
- <server-identities>
- <ssl>
- <keystore path="application.keystore" relative-to="jboss.domain.config.dir" keystore-password="password" alias="server" key-password="password" generate-self-signed-certificate-host="localhost"/>
- </ssl>
- </server-identities>
<authentication>
<local default-user="$local" allowed-users="*" skip-group-loading="true"/>
<properties path="application-users.properties" relative-to="jboss.domain.config.dir"/>
@@ -58,8 +53,8 @@
<json-formatter name="json-formatter"/>
</formatters>
<handlers>
- <file-handler name="host-file" formatter="json-formatter" path="audit-log.log" relative-to="jboss.domain.data.dir"/>
- <file-handler name="server-file" formatter="json-formatter" path="audit-log.log" relative-to="jboss.server.data.dir"/>
+ <file-handler name="host-file" formatter="json-formatter" relative-to="jboss.domain.data.dir" path="audit-log.log"/>
+ <file-handler name="server-file" formatter="json-formatter" relative-to="jboss.server.data.dir" path="audit-log.log"/>
</handlers>
<logger log-boot="true" log-read-only="false" enabled="false">
<handlers>
@@ -80,7 +75,7 @@
</management>
<domain-controller>
- <remote username="$local" security-realm="ManagementRealm">
+ <remote security-realm="ManagementRealm">
<discovery-options>
<static-discovery name="primary" protocol="${jboss.domain.master.protocol:remote}" host="${jboss.domain.master.address:127.0.0.1}" port="${jboss.domain.master.port:9999}"/>
</discovery-options>
@@ -104,8 +99,6 @@
<heap size="64m" max-size="256m"/>
<jvm-options>
<option value="-server"/>
- <option value="-XX:MetaspaceSize=96m"/>
- <option value="-XX:MaxMetaspaceSize=256m"/>
</jvm-options>
</jvm>
</jvms>
diff --git a/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/host/subsystems.xml b/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/host/subsystems.xml
index 67bc4cd..ada31ff 100644
--- a/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/host/subsystems.xml
+++ b/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/host/subsystems.xml
@@ -19,8 +19,6 @@
<!-- See src/resources/configuration/ReadMe.txt for how the configuration assembly works -->
<config>
<subsystems>
- <subsystem>core-management.xml</subsystem>
<subsystem>jmx.xml</subsystem>
- <subsystem supplement="host">elytron.xml</subsystem>
</subsystems>
</config>
diff --git a/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/standalone/subsystems.xml b/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/standalone/subsystems.xml
index 823b45c..0e27539 100755
--- a/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/standalone/subsystems.xml
+++ b/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/standalone/subsystems.xml
@@ -19,29 +19,28 @@
<!-- See src/resources/configuration/ReadMe.txt for how the configuration assembly works -->
<config>
<subsystems>
- <subsystem>logging.xml</subsystem>
- <subsystem>bean-validation.xml</subsystem>
- <subsystem supplement="default">keycloak-datasources2.xml</subsystem>
- <subsystem>deployment-scanner.xml</subsystem>
- <subsystem>ee.xml</subsystem>
- <subsystem>ejb3.xml</subsystem>
- <subsystem>io.xml</subsystem>
- <subsystem>keycloak-infinispan2.xml</subsystem>
- <subsystem>jaxrs.xml</subsystem>
- <subsystem>jca.xml</subsystem>
- <subsystem>jdr.xml</subsystem>
- <subsystem>jmx.xml</subsystem>
- <subsystem>jpa.xml</subsystem>
- <subsystem>jsf.xml</subsystem>
- <subsystem>mail.xml</subsystem>
- <subsystem>naming.xml</subsystem>
- <subsystem>remoting.xml</subsystem>
- <subsystem>request-controller.xml</subsystem>
- <subsystem>security-manager.xml</subsystem>
- <subsystem supplement="standalone-wildfly">elytron.xml</subsystem>
- <subsystem>security.xml</subsystem>
- <subsystem>transactions.xml</subsystem>
- <subsystem>undertow.xml</subsystem>
- <subsystem>keycloak-server.xml</subsystem>
+ <subsystem>logging.xml</subsystem>
+ <subsystem>bean-validation.xml</subsystem>
+ <subsystem supplement="default">keycloak-datasources.xml</subsystem>
+ <subsystem>deployment-scanner.xml</subsystem>
+ <subsystem>ee.xml</subsystem>
+ <subsystem>ejb3.xml</subsystem>
+ <subsystem>io.xml</subsystem>
+ <subsystem>keycloak-infinispan.xml</subsystem>
+ <subsystem>jaxrs.xml</subsystem>
+ <subsystem>jca.xml</subsystem>
+ <subsystem>jdr.xml</subsystem>
+ <subsystem>jmx.xml</subsystem>
+ <subsystem>jpa.xml</subsystem>
+ <subsystem>jsf.xml</subsystem>
+ <subsystem>mail.xml</subsystem>
+ <subsystem>naming.xml</subsystem>
+ <subsystem>remoting.xml</subsystem>
+ <subsystem>request-controller.xml</subsystem>
+ <subsystem>security-manager.xml</subsystem>
+ <subsystem>security.xml</subsystem>
+ <subsystem>transactions.xml</subsystem>
+ <subsystem>undertow.xml</subsystem>
+ <subsystem>keycloak-server.xml</subsystem>
</subsystems>
</config>
diff --git a/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/standalone/subsystems-ha.xml b/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/standalone/subsystems-ha.xml
index 9d9954d..99a6d1b 100755
--- a/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/standalone/subsystems-ha.xml
+++ b/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/standalone/subsystems-ha.xml
@@ -30,20 +30,19 @@
<subsystem>jaxrs.xml</subsystem>
<subsystem>jca.xml</subsystem>
<subsystem>jdr.xml</subsystem>
- <subsystem supplement="default">jgroups.xml</subsystem>
+ <subsystem>jgroups.xml</subsystem>
<subsystem>jmx.xml</subsystem>
<subsystem>jpa.xml</subsystem>
<subsystem>jsf.xml</subsystem>
<subsystem>mail.xml</subsystem>
- <subsystem supplement="default">mod_cluster.xml</subsystem>
+ <subsystem>mod_cluster.xml</subsystem>
<subsystem>naming.xml</subsystem>
<subsystem>remoting.xml</subsystem>
<subsystem>request-controller.xml</subsystem>
<subsystem>security-manager.xml</subsystem>
- <subsystem supplement="standalone-wildfly">elytron.xml</subsystem>
<subsystem>security.xml</subsystem>
<subsystem>transactions.xml</subsystem>
<subsystem supplement="ha">undertow.xml</subsystem>
<subsystem>keycloak-server.xml</subsystem>
</subsystems>
-</config>
\ No newline at end of file
+</config>
diff --git a/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/standalone/template.xml b/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/standalone/template.xml
index 7b13afe..c0cc9e5 100644
--- a/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/standalone/template.xml
+++ b/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/standalone/template.xml
@@ -1,6 +1,23 @@
<?xml version='1.0' encoding='UTF-8'?>
-<server xmlns="urn:jboss:domain:5.0">
+<!--
+ ~ Copyright 2016 Red Hat, Inc. and/or its affiliates
+ ~ and other contributors as indicated by the @author tags.
+ ~
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ -->
+
+<server xmlns="urn:jboss:domain:4.0">
<extensions>
<?EXTENSIONS?>
@@ -10,7 +27,7 @@
<security-realms>
<security-realm name="ManagementRealm">
<authentication>
- <local default-user="$local" skip-group-loading="true"/>
+ <local default-user="$local" skip-group-loading="true" />
<properties path="mgmt-users.properties" relative-to="jboss.server.config.dir"/>
</authentication>
<authorization map-groups-to-roles="false">
@@ -18,13 +35,8 @@
</authorization>
</security-realm>
<security-realm name="ApplicationRealm">
- <server-identities>
- <ssl>
- <keystore path="application.keystore" relative-to="jboss.server.config.dir" keystore-password="password" alias="server" key-password="password" generate-self-signed-certificate-host="localhost"/>
- </ssl>
- </server-identities>
<authentication>
- <local default-user="$local" allowed-users="*" skip-group-loading="true"/>
+ <local default-user="$local" allowed-users="*" skip-group-loading="true" />
<properties path="application-users.properties" relative-to="jboss.server.config.dir"/>
</authentication>
<authorization>
@@ -34,20 +46,19 @@
</security-realms>
<audit-log>
<formatters>
- <json-formatter name="json-formatter"/>
- </formatters>
+ <json-formatter name="json-formatter"/>
+ </formatters>
<handlers>
- <file-handler name="file" formatter="json-formatter" path="audit-log.log" relative-to="jboss.server.data.dir"/>
+ <file-handler name="file" formatter="json-formatter" relative-to="jboss.server.data.dir" path="audit-log.log"/>
</handlers>
<logger log-boot="true" log-read-only="false" enabled="false">
- <handlers>
- <handler name="file"/>
- </handlers>
+ <handlers>
+ <handler name="file"/>
+ </handlers>
</logger>
</audit-log>
<management-interfaces>
- <http-interface security-realm="ManagementRealm">
- <http-upgrade enabled="true" />
+ <http-interface security-realm="ManagementRealm" http-upgrade-enabled="true">
<socket-binding http="management-http"/>
</http-interface>
</management-interfaces>
@@ -87,4 +98,4 @@
<?SOCKET-BINDINGS?>
</socket-binding-group>
-</server>
\ No newline at end of file
+</server>
pom.xml 10(+5 -5)
diff --git a/pom.xml b/pom.xml
index 2b47da7..0400907 100755
--- a/pom.xml
+++ b/pom.xml
@@ -43,11 +43,11 @@
<!-- WildFly -->
<jboss.as.version>7.2.0.Final</jboss.as.version>
- <wildfly.version>11.0.0.Alpha1</wildfly.version>
+ <wildfly.version>10.0.0.Final</wildfly.version>
<wildfly.build-tools.version>1.2.2.Final</wildfly.build-tools.version>
<eap.version>7.1.0.Beta1-redhat-5</eap.version>
<eap.build-tools.version>1.2.2.Final</eap.build-tools.version>
- <wildfly.core.version>3.0.0.Beta11</wildfly.core.version>
+ <wildfly.core.version>2.0.10.Final</wildfly.core.version>
<version.org.wildfly.security.wildfly-elytron>1.1.0.Beta32</version.org.wildfly.security.wildfly-elytron>
<version.org.wildfly.security.elytron-web.undertow-server>1.0.0.Beta14</version.org.wildfly.security.elytron-web.undertow-server>
@@ -57,14 +57,14 @@
<apache.httpcomponents.httpcore.version>4.4.1</apache.httpcomponents.httpcore.version>
<apache.mime4j.version>0.6</apache.mime4j.version>
<jboss.dmr.version>1.3.0.Final</jboss.dmr.version>
- <bouncycastle.version>1.56</bouncycastle.version>
+ <bouncycastle.version>1.52</bouncycastle.version>
<cxf.version>3.1.5</cxf.version>
<dom4j.version>1.6.1</dom4j.version>
<github.relaxng.version>2011.1</github.relaxng.version>
<h2.version>1.3.173</h2.version>
<hibernate.entitymanager.version>5.0.7.Final</hibernate.entitymanager.version>
<hibernate.javax.persistence.version>1.0.0.Final</hibernate.javax.persistence.version>
- <infinispan.version>8.2.6.Final</infinispan.version>
+ <infinispan.version>8.1.0.Final</infinispan.version>
<jackson.version>2.5.4</jackson.version>
<javax.mail.version>1.5.5</javax.mail.version>
<jboss.logging.version>3.3.0.Final</jboss.logging.version>
@@ -79,7 +79,7 @@
<sun.istack.version>2.21</sun.istack.version>
<sun.jaxb.version>2.2.11</sun.jaxb.version>
<sun.xsom.version>20140925</sun.xsom.version>
- <undertow.version>1.4.11.Final</undertow.version>
+ <undertow.version>1.3.15.Final</undertow.version>
<xmlsec.version>2.0.5</xmlsec.version>
<!-- Authorization Drools Policy Provider -->
diff --git a/testsuite/integration-arquillian/pom.xml b/testsuite/integration-arquillian/pom.xml
index 7e36d1a..70ff933 100644
--- a/testsuite/integration-arquillian/pom.xml
+++ b/testsuite/integration-arquillian/pom.xml
@@ -45,7 +45,8 @@
<selenium.version>2.53.0</selenium.version>
<arquillian-drone.version>2.0.1.Final</arquillian-drone.version>
<arquillian-graphene.version>2.1.0.Alpha3</arquillian-graphene.version>
- <arquillian-wildfly-container.version>2.1.0.Alpha2</arquillian-wildfly-container.version>
+ <!-- This reverts change from commit 67bee0dfc2240db237165b9dd988b2c1d74cab92 and needs to be 2.1.0.Alpha2 or later for WF 11 but that fails with WF 10 -->
+ <arquillian-wildfly-container.version>2.0.0.Final</arquillian-wildfly-container.version>
<arquillian-infinispan-container.version>1.2.0.Beta2</arquillian-infinispan-container.version>
<version.shrinkwrap.resolvers>2.2.2</version.shrinkwrap.resolvers>
<undertow-embedded.version>1.0.0.Alpha2</undertow-embedded.version>
diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/AuthServerTestEnricher.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/AuthServerTestEnricher.java
index 97347d9..4215cee 100644
--- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/AuthServerTestEnricher.java
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/AuthServerTestEnricher.java
@@ -44,6 +44,7 @@ import java.util.List;
import java.util.Objects;
import java.util.Set;
+import java.util.concurrent.atomic.AtomicInteger;
import java.util.stream.Collectors;
import javax.ws.rs.NotFoundException;
@@ -172,11 +173,13 @@ public class AuthServerTestEnricher {
updateWithAuthServerInfo(container);
suiteContext.setAuthServerInfo(container);
+ // TODO: fix to use bindHttpPortOffset configuration option from arquillian.xml similarly to cross-DC setup instead
+ AtomicInteger backendIndex = new AtomicInteger(0);
containers.stream()
.filter(c -> c.getQualifier().startsWith(AUTH_SERVER_BACKEND))
+ .sorted((a, b) -> a.getQualifier().compareTo(b.getQualifier()))
.forEach(c -> {
- String portOffsetString = c.getArquillianContainer().getContainerConfiguration().getContainerProperties().getOrDefault("bindHttpPortOffset", "0");
- updateWithAuthServerInfo(c, Integer.valueOf(portOffsetString));
+ updateWithAuthServerInfo(c, backendIndex.incrementAndGet());
suiteContext.addAuthServerBackendsInfo(0, c);
});
diff --git a/wildfly/server-subsystem/src/main/java/org/keycloak/subsystem/server/extension/KeycloakServerDeploymentProcessor.java b/wildfly/server-subsystem/src/main/java/org/keycloak/subsystem/server/extension/KeycloakServerDeploymentProcessor.java
index 53e97a5..d83cd18 100755
--- a/wildfly/server-subsystem/src/main/java/org/keycloak/subsystem/server/extension/KeycloakServerDeploymentProcessor.java
+++ b/wildfly/server-subsystem/src/main/java/org/keycloak/subsystem/server/extension/KeycloakServerDeploymentProcessor.java
@@ -96,11 +96,22 @@ public class KeycloakServerDeploymentProcessor implements DeploymentUnitProcesso
}
private void addInfinispanCaches(DeploymentPhaseContext context) {
- ServiceTarget st = context.getServiceTarget();
- CapabilityServiceSupport support = context.getDeploymentUnit().getAttachment(Attachments.CAPABILITY_SERVICE_SUPPORT);
- for (String c : CACHES) {
- ServiceName sn = support.getCapabilityServiceName("org.wildfly.clustering.infinispan.cache", "keycloak", c);
- st.addDependency(sn);
+ // TODO Can be removed once we upgrade to WildFly 11
+ ServiceName wf10CacheContainerService = ServiceName.of("jboss", "infinispan", "keycloak");
+ boolean legacy = context.getServiceRegistry().getService(wf10CacheContainerService) != null;
+
+ if (!legacy) {
+ ServiceTarget st = context.getServiceTarget();
+ CapabilityServiceSupport support = context.getDeploymentUnit().getAttachment(Attachments.CAPABILITY_SERVICE_SUPPORT);
+ for (String c : CACHES) {
+ ServiceName sn = support.getCapabilityServiceName("org.wildfly.clustering.infinispan.cache.keycloak." + c);
+ st.addDependency(sn);
+ }
+ } else {
+ ServiceTarget st = context.getServiceTarget();
+ for (String c : CACHES) {
+ st.addDependency(wf10CacheContainerService.append(c));
+ }
}
}