keycloak-aplcache

diff --git a/distribution/demo-dist/assembly.xml b/distribution/demo-dist/assembly.xml
index 5a6be78..cdd484d 100755
--- a/distribution/demo-dist/assembly.xml
+++ b/distribution/demo-dist/assembly.xml
@@ -14,6 +14,7 @@
             <outputDirectory>keycloak</outputDirectory>
             <excludes>
                 <exclude>**/*.sh</exclude>
+                <exclude>**/standalone.xml</exclude>
             </excludes>
         </fileSet>
         <fileSet>

diff --git a/distribution/feature-packs/server-feature-pack/feature-pack-build.xml b/distribution/feature-packs/server-feature-pack/feature-pack-build.xml
index 8737c28..48b588e 100644
--- a/distribution/feature-packs/server-feature-pack/feature-pack-build.xml
+++ b/distribution/feature-packs/server-feature-pack/feature-pack-build.xml
@@ -4,6 +4,9 @@
     </dependencies>
     <config>
         <standalone template="configuration/standalone/template.xml" subsystems="configuration/standalone/subsystems.xml" output-file="standalone/configuration/standalone.xml" />
+        <standalone template="configuration/standalone/template.xml" subsystems="configuration/standalone/subsystems-ha.xml" output-file="standalone/configuration/standalone-ha.xml">
+            <property name="jgroups.supplement" value="" />
+        </standalone>
         <domain template="configuration/domain/template.xml" subsystems="configuration/domain/subsystems.xml" output-file="domain/configuration/domain.xml" />
     </config>
 

diff --git a/distribution/feature-packs/server-feature-pack/pom.xml b/distribution/feature-packs/server-feature-pack/pom.xml
index bafc79e..0fc42f8 100644
--- a/distribution/feature-packs/server-feature-pack/pom.xml
+++ b/distribution/feature-packs/server-feature-pack/pom.xml
@@ -40,7 +40,11 @@
             <groupId>org.keycloak.subsystem</groupId>
             <artifactId>keycloak-server</artifactId>
             <type>war</type>
-        </dependency>   
+        </dependency>
+        <dependency>
+            <groupId>org.keycloak</groupId>
+            <artifactId>keycloak-wildfly-extensions</artifactId>
+        </dependency>
         <dependency>
             <groupId>org.keycloak</groupId>
             <artifactId>keycloak-wf9-server-subsystem</artifactId>

diff --git a/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/standalone/subsystems.xml b/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/standalone/subsystems.xml
index d20bf2e..f1dff32 100644
--- a/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/standalone/subsystems.xml
+++ b/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/standalone/subsystems.xml
@@ -3,21 +3,32 @@
 <config>
    <subsystems>
       <subsystem>logging.xml</subsystem>
-      <!-- resteasy complains if bean-validation is missing -->
+      <subsystem>batch.xml</subsystem>
       <subsystem>bean-validation.xml</subsystem>
       <subsystem>keycloak-datasources.xml</subsystem>
-      <subsystem supplement="web-build">ee.xml</subsystem>
+      <subsystem>ee.xml</subsystem>
+      <subsystem>ejb3.xml</subsystem>
       <subsystem>io.xml</subsystem>
-      <subsystem>infinispan.xml</subsystem>
+      <subsystem>keycloak-infinispan.xml</subsystem>
       <subsystem>jaxrs.xml</subsystem>
       <subsystem>jca.xml</subsystem>
+      <subsystem>jdr.xml</subsystem>
+      <subsystem>jmx.xml</subsystem>
       <subsystem>jpa.xml</subsystem>
-      <subsystem supplement="web-build">naming.xml</subsystem>
+      <subsystem>jsf.xml</subsystem>
+      <subsystem>mail.xml</subsystem>
+      <subsystem>naming.xml</subsystem>
+      <subsystem>pojo.xml</subsystem>
+      <subsystem>remoting.xml</subsystem>
+      <subsystem>resource-adapters.xml</subsystem>
       <subsystem>request-controller.xml</subsystem>
+      <subsystem>sar.xml</subsystem>
       <subsystem>security-manager.xml</subsystem>
       <subsystem>security.xml</subsystem>
       <subsystem>transactions.xml</subsystem>
       <subsystem>undertow.xml</subsystem>
+      <subsystem>webservices.xml</subsystem>
+      <subsystem>weld.xml</subsystem>
       <subsystem>keycloak-server.xml</subsystem>
    </subsystems>
 </config>

diff --git a/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/standalone/subsystems-ha.xml b/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/standalone/subsystems-ha.xml
new file mode 100644
index 0000000..c402990
--- /dev/null
+++ b/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/standalone/subsystems-ha.xml
@@ -0,0 +1,36 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!--  See src/resources/configuration/ReadMe.txt for how the configuration assembly works -->
+<config>
+   <subsystems>
+      <subsystem>logging.xml</subsystem>
+      <subsystem>batch.xml</subsystem>
+      <subsystem>bean-validation.xml</subsystem>
+      <subsystem>keycloak-datasources.xml</subsystem>
+      <subsystem>ee.xml</subsystem>
+      <subsystem supplement="ha">ejb3.xml</subsystem>
+      <subsystem>io.xml</subsystem>
+      <subsystem supplement="ha">keycloak-infinispan.xml</subsystem>
+      <subsystem>jaxrs.xml</subsystem>
+      <subsystem>jca.xml</subsystem>
+      <subsystem>jdr.xml</subsystem>
+      <subsystem>jgroups.xml</subsystem>
+      <subsystem>jmx.xml</subsystem>
+      <subsystem>jpa.xml</subsystem>
+      <subsystem>jsf.xml</subsystem>
+      <subsystem>mail.xml</subsystem>
+      <subsystem>mod_cluster.xml</subsystem>
+      <subsystem>naming.xml</subsystem>
+      <subsystem>pojo.xml</subsystem>
+      <subsystem>remoting.xml</subsystem>
+      <subsystem>resource-adapters.xml</subsystem>
+      <subsystem>request-controller.xml</subsystem>
+      <subsystem>sar.xml</subsystem>
+      <subsystem>security-manager.xml</subsystem>
+      <subsystem>security.xml</subsystem>
+      <subsystem>transactions.xml</subsystem>
+      <subsystem supplement="ha">undertow.xml</subsystem>
+      <subsystem>webservices.xml</subsystem>
+      <subsystem>weld.xml</subsystem>
+      <subsystem>keycloak-server.xml</subsystem>
+   </subsystems>
+</config>
\ No newline at end of file

diff --git a/distribution/feature-packs/server-feature-pack/src/main/resources/content/standalone/configuration/keycloak-server.json b/distribution/feature-packs/server-feature-pack/src/main/resources/content/standalone/configuration/keycloak-server.json
index 9f0d03e..9b8f051 100644
--- a/distribution/feature-packs/server-feature-pack/src/main/resources/content/standalone/configuration/keycloak-server.json
+++ b/distribution/feature-packs/server-feature-pack/src/main/resources/content/standalone/configuration/keycloak-server.json
@@ -1,4 +1,8 @@
 {
+    "providers": [
+        "classpath:${jboss.server.config.dir}/providers/*"
+    ],
+
     "admin": {
         "realm": "master"
     },
@@ -63,6 +67,12 @@
         "interval": 900
     },
 
+    "connectionsHttpClient": {
+        "default": {
+            "disable-trust-manager": true
+        }
+    },
+
     "connectionsJpa": {
         "default": {
             "dataSource": "java:jboss/datasources/KeycloakDS",

diff --git a/distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/base/org/keycloak/keycloak-services/main/module.xml b/distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/base/org/keycloak/keycloak-services/main/module.xml
index 00d6162..df80d95 100644
--- a/distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/base/org/keycloak/keycloak-services/main/module.xml
+++ b/distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/base/org/keycloak/keycloak-services/main/module.xml
@@ -60,6 +60,7 @@
         <module name="org.keycloak.keycloak-social-stackoverflow" services="import"/>
         <module name="org.keycloak.keycloak-timer-api" services="import"/>
         <module name="org.keycloak.keycloak-timer-basic" services="import"/>
+        <module name="org.keycloak.keycloak-wildfly-extensions" services="import"/>
 
         <module name="javax.ws.rs.api"/>
         <module name="org.jboss.resteasy.resteasy-jaxrs"/>

diff --git a/distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/base/org/keycloak/keycloak-wildfly-extensions/main/module.xml b/distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/base/org/keycloak/keycloak-wildfly-extensions/main/module.xml
new file mode 100644
index 0000000..556769e
--- /dev/null
+++ b/distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/base/org/keycloak/keycloak-wildfly-extensions/main/module.xml
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-wildfly-extensions">
+    <resources>
+        <artifact name="${org.keycloak:keycloak-wildfly-extensions}"/>
+    </resources>
+    <dependencies>
+        <module name="org.keycloak.keycloak-core"/>
+        <module name="org.keycloak.keycloak-model-api"/>
+        <module name="org.keycloak.keycloak-services"/>
+        <module name="org.keycloak.keycloak-forms-common-freemarker"/>
+        <module name="org.keycloak.keycloak-forms-common-themes"/>
+        <module name="org.jboss.modules"/>
+    </dependencies>
+</module>

diff --git a/distribution/server-overlay/eap6/eap6-server-modules/build.xml b/distribution/server-overlay/eap6/eap6-server-modules/build.xml
index bf6a829..b709a59 100755
--- a/distribution/server-overlay/eap6/eap6-server-modules/build.xml
+++ b/distribution/server-overlay/eap6/eap6-server-modules/build.xml
@@ -317,6 +317,10 @@
 
         <module-def name="org.keycloak.keycloak-server-subsystem"/>
 
+        <module-def name="org.keycloak.keycloak-wildfly-extensions">
+            <maven-resource group="org.keycloak" artifact="keycloak-wildfly-extensions"/>
+        </module-def>
+
     </target>
 
     <target name="clean-target">

diff --git a/distribution/server-overlay/eap6/eap6-server-modules/pom.xml b/distribution/server-overlay/eap6/eap6-server-modules/pom.xml
index e66ad80..a7c2fbe 100755
--- a/distribution/server-overlay/eap6/eap6-server-modules/pom.xml
+++ b/distribution/server-overlay/eap6/eap6-server-modules/pom.xml
@@ -40,6 +40,10 @@
             <type>war</type>
         </dependency>
         <dependency>
+            <groupId>org.keycloak</groupId>
+            <artifactId>keycloak-wildfly-extensions</artifactId>
+        </dependency>
+        <dependency>
             <groupId>org.bouncycastle</groupId>
             <artifactId>bcprov-jdk15on</artifactId>
         </dependency>

diff --git a/distribution/server-overlay/eap6/eap6-server-modules/src/main/resources/modules/org/keycloak/keycloak-services/main/module.xml b/distribution/server-overlay/eap6/eap6-server-modules/src/main/resources/modules/org/keycloak/keycloak-services/main/module.xml
index 0ff106f..045e788 100755
--- a/distribution/server-overlay/eap6/eap6-server-modules/src/main/resources/modules/org/keycloak/keycloak-services/main/module.xml
+++ b/distribution/server-overlay/eap6/eap6-server-modules/src/main/resources/modules/org/keycloak/keycloak-services/main/module.xml
@@ -61,6 +61,7 @@
         <module name="org.keycloak.keycloak-social-stackoverflow" services="import"/>
         <module name="org.keycloak.keycloak-timer-api" services="import"/>
         <module name="org.keycloak.keycloak-timer-basic" services="import"/>
+        <module name="org.keycloak.keycloak-wildfly-extensions" services="import"/>
 
         <module name="javax.ws.rs.api"/>
         <module name="org.jboss.resteasy.resteasy-jaxrs"/>

diff --git a/distribution/server-overlay/eap6/eap6-server-modules/src/main/resources/modules/org/keycloak/keycloak-wildfly-extensions/main/module.xml b/distribution/server-overlay/eap6/eap6-server-modules/src/main/resources/modules/org/keycloak/keycloak-wildfly-extensions/main/module.xml
new file mode 100644
index 0000000..787fd2f
--- /dev/null
+++ b/distribution/server-overlay/eap6/eap6-server-modules/src/main/resources/modules/org/keycloak/keycloak-wildfly-extensions/main/module.xml
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-wildfly-extensions">
+    <resources>
+        <!-- Insert resources here -->
+    </resources>
+    <dependencies>
+        <module name="org.keycloak.keycloak-core"/>
+        <module name="org.keycloak.keycloak-model-api"/>
+        <module name="org.keycloak.keycloak-services"/>
+        <module name="org.keycloak.keycloak-forms-common-freemarker"/>
+        <module name="org.keycloak.keycloak-forms-common-themes"/>
+        <module name="org.jboss.modules"/>
+    </dependencies>
+</module>

diff --git a/distribution/server-overlay/eap6/eap6-server-overlay/src/main/keycloak-server.json b/distribution/server-overlay/eap6/eap6-server-overlay/src/main/keycloak-server.json
index 9f0d03e..9b8f051 100644
--- a/distribution/server-overlay/eap6/eap6-server-overlay/src/main/keycloak-server.json
+++ b/distribution/server-overlay/eap6/eap6-server-overlay/src/main/keycloak-server.json
@@ -1,4 +1,8 @@
 {
+    "providers": [
+        "classpath:${jboss.server.config.dir}/providers/*"
+    ],
+
     "admin": {
         "realm": "master"
     },
@@ -63,6 +67,12 @@
         "interval": 900
     },
 
+    "connectionsHttpClient": {
+        "default": {
+            "disable-trust-manager": true
+        }
+    },
+
     "connectionsJpa": {
         "default": {
             "dataSource": "java:jboss/datasources/KeycloakDS",

diff --git a/distribution/server-overlay/eap6/eap6-server-overlay/src/main/xslt/standalone.xsl b/distribution/server-overlay/eap6/eap6-server-overlay/src/main/xslt/standalone.xsl
index 6f0abad..69ea1c1 100755
--- a/distribution/server-overlay/eap6/eap6-server-overlay/src/main/xslt/standalone.xsl
+++ b/distribution/server-overlay/eap6/eap6-server-overlay/src/main/xslt/standalone.xsl
@@ -8,6 +8,7 @@
                 exclude-result-prefixes="xalan j ds k sec">
 
     <xsl:param name="config"/>
+    <xsl:variable name="log" select="'urn:jboss:domain:logging:'"/>
 
     <xsl:output method="xml" version="1.0" encoding="UTF-8" indent="yes" xalan:indent-amount="4" standalone="no"/>
     <xsl:strip-space elements="*"/>
@@ -59,6 +60,15 @@
         </xsl:copy>
     </xsl:template>
 
+    <xsl:template match="//*[local-name()='subsystem' and starts-with(namespace-uri(), $log)]">
+        <xsl:copy>
+            <xsl:apply-templates select="node()|@*"/>
+            <logger category="org.jboss.resteasy.resteasy_jaxrs.i18n">
+                <level name="ERROR"/>
+            </logger>
+        </xsl:copy>
+    </xsl:template>
+
     <xsl:template match="@*|node()">
         <xsl:copy>
             <xsl:apply-templates select="@*|node()" />

diff --git a/distribution/server-overlay/pom.xml b/distribution/server-overlay/pom.xml
index f05e486..fff09c7 100755
--- a/distribution/server-overlay/pom.xml
+++ b/distribution/server-overlay/pom.xml
@@ -8,9 +8,9 @@
         <relativePath>../../pom.xml</relativePath>
     </parent>
 
-    <artifactId>keycloak-server-overlay</artifactId>
+    <artifactId>keycloak-server-overlay-parent</artifactId>
     <packaging>pom</packaging>
-    <name>Keycloak Server Overlay Distributions</name>
+    <name>Keycloak Server Overlay Parent</name>
     <description/>
 
 

diff --git a/distribution/server-overlay/wf9-server-overlay/pom.xml b/distribution/server-overlay/wf9-server-overlay/pom.xml
index 5219ebc..03353a7 100755
--- a/distribution/server-overlay/wf9-server-overlay/pom.xml
+++ b/distribution/server-overlay/wf9-server-overlay/pom.xml
@@ -8,9 +8,9 @@
         <relativePath>../../../pom.xml</relativePath>
     </parent>
 
-    <artifactId>keycloak-wf9-server-overlay</artifactId>
+    <artifactId>keycloak-server-overlay</artifactId>
     <packaging>pom</packaging>
-    <name>Keycloak Wildfly 9 Server Overlay Distribution</name>
+    <name>Keycloak Server Overlay Distribution</name>
     <description/>
 
     <dependencies>

diff --git a/distribution/subsystem-war/pom.xml b/distribution/subsystem-war/pom.xml
index 4be6a11..66c20fd 100755
--- a/distribution/subsystem-war/pom.xml
+++ b/distribution/subsystem-war/pom.xml
@@ -15,6 +15,18 @@
     <name>Keycloak Subsystem Server WAR</name>
     <description/>
 
+    <dependencies>
+        <dependency>
+            <groupId>org.jboss.msc</groupId>
+            <artifactId>jboss-msc</artifactId>
+            <version>1.2.6.Final</version>
+        </dependency>
+        <dependency>
+            <groupId>org.keycloak</groupId>
+            <artifactId>keycloak-core</artifactId>
+        </dependency>
+    </dependencies>
+
     <build>
         <finalName>auth-server</finalName>
         <plugins>

diff --git a/distribution/subsystem-war/src/main/java/org/keycloak/provider/wildfly/InfinispanCacheActivator.java b/distribution/subsystem-war/src/main/java/org/keycloak/provider/wildfly/InfinispanCacheActivator.java
new file mode 100644
index 0000000..943f7a4
--- /dev/null
+++ b/distribution/subsystem-war/src/main/java/org/keycloak/provider/wildfly/InfinispanCacheActivator.java
@@ -0,0 +1,29 @@
+package org.keycloak.provider.wildfly;
+
+import org.jboss.msc.service.*;
+import org.keycloak.Config;
+
+import java.util.List;
+
+/**
+ * Used to add a dependency on Infinispan caches to make sure they are started.
+ *
+ * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
+ */
+public class InfinispanCacheActivator implements ServiceActivator {
+
+    private static final ServiceName cacheContainerService = ServiceName.of("jboss", "infinispan", "keycloak");
+
+    @Override
+    public void activate(ServiceActivatorContext context) throws ServiceRegistryException {
+        if (context.getServiceRegistry().getService(cacheContainerService) != null) {
+            ServiceTarget st = context.getServiceTarget();
+            st.addDependency(cacheContainerService);
+            st.addDependency(cacheContainerService.append("realms"));
+            st.addDependency(cacheContainerService.append("users"));
+            st.addDependency(cacheContainerService.append("sessions"));
+            st.addDependency(cacheContainerService.append("loginFailures"));
+        }
+    }
+
+}

diff --git a/distribution/subsystem-war/src/main/resources/META-INF/services/org.jboss.msc.service.ServiceActivator b/distribution/subsystem-war/src/main/resources/META-INF/services/org.jboss.msc.service.ServiceActivator
new file mode 100644
index 0000000..bfed2e1
--- /dev/null
+++ b/distribution/subsystem-war/src/main/resources/META-INF/services/org.jboss.msc.service.ServiceActivator
@@ -0,0 +1 @@
+org.keycloak.provider.wildfly.InfinispanCacheActivator
\ No newline at end of file

diff --git a/distribution/subsystem-war/src/main/webapp/WEB-INF/jboss-deployment-structure.xml b/distribution/subsystem-war/src/main/webapp/WEB-INF/jboss-deployment-structure.xml
index 816245c..f67884e 100755
--- a/distribution/subsystem-war/src/main/webapp/WEB-INF/jboss-deployment-structure.xml
+++ b/distribution/subsystem-war/src/main/webapp/WEB-INF/jboss-deployment-structure.xml
@@ -56,6 +56,8 @@
             <module name="org.jboss.resteasy.resteasy-jackson-provider" services="import"/>
             <module name="org.jboss.resteasy.resteasy-multipart-provider" services="import"/>
             <module name="org.jboss.resteasy.resteasy-jaxrs"/>
+
+            <module name="org.jboss.msc"/>
         </dependencies>
         <exclusions>
             <module name="org.jboss.resteasy.resteasy-jackson2-provider"/>

diff --git a/docbook/reference/en/en-US/modules/clustering.xml b/docbook/reference/en/en-US/modules/clustering.xml
index 194a95b..2b352bb 100755
--- a/docbook/reference/en/en-US/modules/clustering.xml
+++ b/docbook/reference/en/en-US/modules/clustering.xml
@@ -57,31 +57,7 @@
             cache.
         </para>
         <para>
-            To configure the required Infinspan caches open <literal>standalone/configuration/standalone-ha.xml</literal> and add:
-<programlisting>
-<![CDATA[
-<subsystem xmlns="urn:jboss:domain:infinispan:2.0">
-    <cache-container name="keycloak" jndi-name="infinispan/Keycloak" start="EAGER">
-        <transport lock-timeout="60000"/>
-        <invalidation-cache name="realms" mode="SYNC" start="EAGER"/>
-        <invalidation-cache name="users" mode="SYNC" start="EAGER"/>
-        <distributed-cache name="sessions" mode="SYNC" owners="1" start="EAGER"/>
-        <distributed-cache name="loginFailures" mode="SYNC" owners="1" start="EAGER"/>
-    </cache-container>
-    ...
-</subsystem>
-]]>
-</programlisting>
-        </para>
-        <para>
-            For more advanced options refer to the
-            <ulink url="http://docs.jboss.org/author/display/WFLY8/Infinispan+Subsystem">Infinispan Subsystem</ulink>
-            and
-            <ulink url="http://www.infinispan.org/docs/6.0.x/user_guide/user_guide.html">Infinispan</ulink>
-            documentation.
-        </para>
-        <para>
-            Next open <literal>standalone/configuration/keycloak-server.json</literal> and add:
+            To enable clustering in Keycloak open <literal>standalone/configuration/keycloak-server.json</literal> and add:
 <programlisting>
 "connectionsInfinispan": {
     "default" : {

diff --git a/examples/providers/event-store-mem/src/main/java/org/keycloak/examples/providers/events/MemEventStoreProviderFactory.java b/examples/providers/event-store-mem/src/main/java/org/keycloak/examples/providers/events/MemEventStoreProviderFactory.java
index d09b1a3..f08d31a 100755
--- a/examples/providers/event-store-mem/src/main/java/org/keycloak/examples/providers/events/MemEventStoreProviderFactory.java
+++ b/examples/providers/event-store-mem/src/main/java/org/keycloak/examples/providers/events/MemEventStoreProviderFactory.java
@@ -34,6 +34,7 @@ public class MemEventStoreProviderFactory implements EventStoreProviderFactory {
     @Override
     public void init(Config.Scope config) {
         events = Collections.synchronizedList(new LinkedList<Event>());
+        adminEvents = Collections.synchronizedList(new LinkedList<AdminEvent>());
 
         String excludes = config.get("excludes");
         if (excludes != null) {

diff --git a/integration/as7-eap6/as7-subsystem/src/main/java/org/keycloak/subsystem/as7/KeycloakAdapterConfigDeploymentProcessor.java b/integration/as7-eap6/as7-subsystem/src/main/java/org/keycloak/subsystem/as7/KeycloakAdapterConfigDeploymentProcessor.java
index 184de35..08dbdd7 100755
--- a/integration/as7-eap6/as7-subsystem/src/main/java/org/keycloak/subsystem/as7/KeycloakAdapterConfigDeploymentProcessor.java
+++ b/integration/as7-eap6/as7-subsystem/src/main/java/org/keycloak/subsystem/as7/KeycloakAdapterConfigDeploymentProcessor.java
@@ -14,7 +14,6 @@
  * License for the specific language governing permissions and limitations under
  * the License.
  */
-
 package org.keycloak.subsystem.as7;
 
 import org.jboss.as.server.deployment.DeploymentPhaseContext;
@@ -46,64 +45,41 @@ public class KeycloakAdapterConfigDeploymentProcessor implements DeploymentUnitP
     // two places to avoid dependency between Keycloak Subsystem and Keyclaok Undertow Integration.
     public static final String AUTH_DATA_PARAM_NAME = "org.keycloak.json.adapterConfig";
 
-    // not sure if we need this yet, keeping here just in case
-    protected void addSecurityDomain(DeploymentUnit deploymentUnit, KeycloakAdapterConfigService service) {
-        String deploymentName = deploymentUnit.getName();
-        if (!service.isSecureDeployment(deploymentName)) {
-            return;
-        }
-        WarMetaData warMetaData = deploymentUnit.getAttachment(WarMetaData.ATTACHMENT_KEY);
-        if (warMetaData == null) return;
-        JBossWebMetaData webMetaData = warMetaData.getMergedJBossWebMetaData();
-        if (webMetaData == null) return;
-
-        LoginConfigMetaData loginConfig = webMetaData.getLoginConfig();
-        if (loginConfig == null || !loginConfig.getAuthMethod().equalsIgnoreCase("KEYCLOAK")) {
-            return;
-        }
-
-        webMetaData.setSecurityDomain("keycloak");
-    }
 
     @Override
     public void deploy(DeploymentPhaseContext phaseContext) throws DeploymentUnitProcessingException {
         DeploymentUnit deploymentUnit = phaseContext.getDeploymentUnit();
-
         String deploymentName = deploymentUnit.getName();
-        KeycloakAdapterConfigService service = KeycloakAdapterConfigService.getInstance();
-        if (service.isSecureDeployment(deploymentName)) {
-            addKeycloakAuthData(phaseContext, deploymentName, service);
-        }
 
-        // FYI, Undertow Extension will find deployments that have auth-method set to KEYCLOAK
-
-        // todo notsure if we need this
-        // addSecurityDomain(deploymentUnit, service);
-    }
-
-    private void addKeycloakAuthData(DeploymentPhaseContext phaseContext, String deploymentName, KeycloakAdapterConfigService service) throws DeploymentUnitProcessingException {
-        DeploymentUnit deploymentUnit = phaseContext.getDeploymentUnit();
+        // if it's not a web-app there's nothing to secure
         WarMetaData warMetaData = deploymentUnit.getAttachment(WarMetaData.ATTACHMENT_KEY);
         if (warMetaData == null) {
-            throw new DeploymentUnitProcessingException("WarMetaData not found for " + deploymentName + ".  Make sure you have specified a WAR as your secure-deployment in the Keycloak subsystem.");
+            return;
         }
-
-        addJSONData(service.getJSON(deploymentName), warMetaData);
         JBossWebMetaData webMetaData = warMetaData.getMergedJBossWebMetaData();
         if (webMetaData == null) {
             webMetaData = new JBossWebMetaData();
             warMetaData.setMergedJBossWebMetaData(webMetaData);
         }
 
-        addValve(webMetaData);
+        KeycloakAdapterConfigService service = KeycloakAdapterConfigService.getInstance();
 
+        // if secure-deployment configuration exists for web app, we force KEYCLOAK auth method on it
+        // otherwise we only set up KEYCLOAK auth if it's requested through web.xml auth-method
         LoginConfigMetaData loginConfig = webMetaData.getLoginConfig();
-        if (loginConfig == null) {
-            loginConfig = new LoginConfigMetaData();
-            webMetaData.setLoginConfig(loginConfig);
+        if (!service.isSecureDeployment(deploymentName) && (loginConfig == null || !loginConfig.getAuthMethod().equalsIgnoreCase("KEYCLOAK"))) {
+            return;
         }
+
+        log.debug("Setting up KEYCLOAK auth method for WAR: " + deploymentName);
         loginConfig.setAuthMethod("KEYCLOAK");
-        loginConfig.setRealmName(service.getRealmName(deploymentName));
+
+        if (service.isSecureDeployment(deploymentName)) {
+            addJSONData(service.getJSON(deploymentName), warMetaData);
+            loginConfig.setRealmName(service.getRealmName(deploymentName));
+        }
+        addValve(webMetaData);
+
         KeycloakLogger.ROOT_LOGGER.deploymentSecured(deploymentName);
     }
 

diff --git a/integration/wildfly/wf9-server-subsystem/src/main/resources/subsystem-templates/keycloak-datasources.xml b/integration/wildfly/wf9-server-subsystem/src/main/resources/subsystem-templates/keycloak-datasources.xml
index 114545f..9f05130 100644
--- a/integration/wildfly/wf9-server-subsystem/src/main/resources/subsystem-templates/keycloak-datasources.xml
+++ b/integration/wildfly/wf9-server-subsystem/src/main/resources/subsystem-templates/keycloak-datasources.xml
@@ -4,6 +4,14 @@
     <extension-module>org.jboss.as.connector</extension-module>
     <subsystem xmlns="urn:jboss:domain:datasources:3.0">
         <datasources>
+            <datasource jndi-name="java:jboss/datasources/ExampleDS" pool-name="ExampleDS" enabled="true" use-java-context="true">
+                <connection-url>jdbc:h2:mem:test;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE</connection-url>
+                <driver>h2</driver>
+                <security>
+                    <user-name>sa</user-name>
+                    <password>sa</password>
+                </security>
+            </datasource>
             <datasource jndi-name="java:jboss/datasources/KeycloakDS" pool-name="KeycloakDS" enabled="true" use-java-context="true">
                 <connection-url>jdbc:h2:${jboss.server.data.dir}/keycloak;AUTO_SERVER=TRUE</connection-url>
                 <driver>h2</driver>

diff --git a/integration/wildfly/wf9-server-subsystem/src/main/resources/subsystem-templates/keycloak-infinispan.xml b/integration/wildfly/wf9-server-subsystem/src/main/resources/subsystem-templates/keycloak-infinispan.xml
new file mode 100644
index 0000000..30706ac
--- /dev/null
+++ b/integration/wildfly/wf9-server-subsystem/src/main/resources/subsystem-templates/keycloak-infinispan.xml
@@ -0,0 +1,93 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!--  See src/resources/configuration/ReadMe.txt for how the configuration assembly works -->
+<config default-supplement="default">
+    <extension-module>org.jboss.as.clustering.infinispan</extension-module>
+    <subsystem xmlns="urn:jboss:domain:infinispan:3.0">
+        <?CACHE-CONTAINERS?>
+    </subsystem>
+    <supplement name="default">
+        <replacement placeholder="CACHE-CONTAINERS">
+            <cache-container name="server" default-cache="default" module="org.wildfly.clustering.server">
+                <local-cache name="default">
+                    <transaction mode="BATCH"/>
+                </local-cache>
+            </cache-container>
+            <cache-container name="web" default-cache="passivation" module="org.wildfly.clustering.web.infinispan">
+                <local-cache name="passivation">
+                    <transaction mode="BATCH"/>
+                    <file-store passivation="true" purge="false"/>
+                </local-cache>
+                <local-cache name="persistent">
+                    <transaction mode="BATCH"/>
+                    <file-store passivation="false" purge="false"/>
+                </local-cache>
+            </cache-container>
+            <cache-container name="ejb" aliases="sfsb" default-cache="passivation" module="org.wildfly.clustering.ejb.infinispan">
+                <local-cache name="passivation">
+                    <transaction mode="BATCH"/>
+                    <file-store passivation="true" purge="false"/>
+                </local-cache>
+                <local-cache name="persistent">
+                    <transaction mode="BATCH"/>
+                    <file-store passivation="false" purge="false"/>
+                </local-cache>
+            </cache-container>
+            <cache-container name="hibernate" default-cache="local-query" module="org.hibernate.infinispan">
+                <local-cache name="entity">
+                    <transaction mode="NON_XA"/>
+                    <eviction strategy="LRU" max-entries="10000"/>
+                    <expiration max-idle="100000"/>
+                </local-cache>
+                <local-cache name="local-query">
+                    <eviction strategy="LRU" max-entries="10000"/>
+                    <expiration max-idle="100000"/>
+                </local-cache>
+                <local-cache name="timestamps"/>
+            </cache-container>
+        </replacement>
+    </supplement>
+    <supplement name="ha">
+        <replacement placeholder="CACHE-CONTAINERS">
+            <cache-container name="keycloak" jndi-name="infinispan/Keycloak">
+                <transport lock-timeout="60000"/>
+                <invalidation-cache name="realms" mode="SYNC"/>
+                <invalidation-cache name="users" mode="SYNC"/>
+                <distributed-cache name="sessions" mode="SYNC" owners="1"/>
+                <distributed-cache name="loginFailures" mode="SYNC" owners="1"/>
+            </cache-container>
+            <cache-container name="server" aliases="singleton cluster" default-cache="default" module="org.wildfly.clustering.server">
+                <transport lock-timeout="60000"/>
+                <replicated-cache name="default" mode="SYNC">
+                    <transaction mode="BATCH"/>
+                </replicated-cache>
+            </cache-container>
+            <cache-container name="web" default-cache="dist" module="org.wildfly.clustering.web.infinispan">
+                <transport lock-timeout="60000"/>
+                <distributed-cache name="dist" mode="ASYNC" l1-lifespan="0" owners="2">
+                    <transaction mode="BATCH"/>
+                    <file-store/>
+                </distributed-cache>
+            </cache-container>
+            <cache-container name="ejb" aliases="sfsb" default-cache="dist" module="org.wildfly.clustering.ejb.infinispan">
+                <transport lock-timeout="60000"/>
+                <distributed-cache name="dist" mode="ASYNC" l1-lifespan="0" owners="2">
+                    <transaction mode="BATCH"/>
+                    <file-store/>
+                </distributed-cache>
+            </cache-container>
+            <cache-container name="hibernate" default-cache="local-query" module="org.hibernate.infinispan">
+                <transport lock-timeout="60000"/>
+                <invalidation-cache name="entity" mode="SYNC">
+                    <transaction mode="NON_XA"/>
+                    <eviction strategy="LRU" max-entries="10000"/>
+                    <expiration max-idle="100000"/>
+                </invalidation-cache>
+                <local-cache name="local-query">
+                    <eviction strategy="LRU" max-entries="10000"/>
+                    <expiration max-idle="100000"/>
+                </local-cache>
+                <replicated-cache name="timestamps" mode="ASYNC"/>
+            </cache-container>
+        </replacement>
+    </supplement>
+</config>
\ No newline at end of file