Prosoft Git

keycloak-aplcache

Merge pull request #4615 from vramik/3.3.x KEYCLOAK-5749

10/26/2017 9:24:39 AM
Marek Posolda

Marek Posolda

Commit: 302d5a9

Tree: b80d2be

Parents: fed39d4
8b8db26

Changes

distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-domain-clustered.cli 170(+164 -6)

distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-domain-standalone.cli 141(+138 -3)

distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-standalone.cli 115(+113 -2)

distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-standalone-ha.cli 158(+154 -4)

Details

distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-domain-clustered.cli 170(+164 -6) 

diff --git a/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-domain-clustered.cli b/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-domain-clustered.cli
index 9344217..ae3098f 100644
--- a/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-domain-clustered.cli
+++ b/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-domain-clustered.cli
@@ -50,15 +50,35 @@ if (result == []) of /profile=$clusteredProfile/subsystem=keycloak-server/:read-
   /profile=$clusteredProfile/subsystem=keycloak-server/:migrate-json(file=$pathToJson)
   echo
 end-if
+if (result == [expression "classpath:${jboss.server.config.dir}/providers/*"]) of /profile=$clusteredProfile/subsystem=keycloak-server/:read-attribute(name=providers)
+    echo Updating provider to default value
+    /profile=$clusteredProfile/subsystem=keycloak-server/:write-attribute(name=providers,value=[classpath:${jboss.home.dir}/providers/*])
+    echo
+end-if
+if (result == keycloak) of /profile=$clusteredProfile/subsystem=keycloak-server/theme=defaults:read-attribute(name=default)
+    echo Undefining default theme...
+    /profile=$clusteredProfile/subsystem=keycloak-server/theme=defaults:undefine-attribute(name=default)
+    echo
+end-if
+if (result == expression "${jboss.server.config.dir}/themes") of /profile=$clusteredProfile/subsystem=keycloak-server/theme=defaults:read-attribute(name=dir)
+    echo Updating theme dir to default value
+    /profile=$clusteredProfile/subsystem=keycloak-server/theme=defaults/:write-attribute(name=dir,value=${jboss.home.dir}/themes)
+    echo
+end-if
 
 set persistenceProvider=jpa
 
 # Migrate from 2.1.0 to 2.2.0
 if (outcome == failed) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/distributed-cache=authorization/:read-resource
-  echo Additing distributed-cache=authorization
-  /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/distributed-cache=authorization/:add(mode=SYNC,owners=1)
-  echo
+    # In migration from 3.0.0 to 3.2.0 there is authorization distributed-cache replaced with local-cache
+    try
+        echo 
+        /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/distributed-cache=authorization/:add(mode=SYNC,owners=1)
+        echo Added distributed-cache=authorization
+    catch
+    end-try
 end-if
+
 if (result == update) of /profile=$clusteredProfile/subsystem=keycloak-server/spi=connectionsJpa/provider=default/:map-get(name=properties,key=databaseSchema)
   echo Updating connectionsJpa default properties...
   /profile=$clusteredProfile/subsystem=keycloak-server/spi=connectionsJpa/provider=default/:map-remove(name=properties,key=databaseSchema)
@@ -193,13 +213,16 @@ if (outcome == failed) of /profile=$clusteredProfile/subsystem=keycloak-server/s
    echo
 end-if
 
-if ((result.default-provider == undefined) && (result.provider.default.enabled == true)) of /subsystem=keycloak-server/spi=connectionsInfinispan/:read-resource(recursive=true,include-defaults=false)
+if ((result.default-provider == undefined) && (result.provider.default.enabled == true)) of /profile=$clusteredProfile/subsystem=keycloak-server/spi=connectionsInfinispan/:read-resource(recursive=true,include-defaults=false)
    echo Adding 'default' as default provider for connectionsInfinispan
    /profile=$clusteredProfile/subsystem=keycloak-server/spi=connectionsInfinispan/:write-attribute(name=default-provider,value=default)
    echo
 end-if
 
-# Migrate from 3.0.0 to 3.2.0
+# Migrate from 3.0.0 to 3.1.0
+# NO CHANGES
+
+# Migrate from 3.1.0 to 3.2.0
 if (outcome == failed) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/distributed-cache=authenticationSessions/:read-resource
   echo Adding distributed-cache=authenticationSessions to keycloak cache container...
   /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/distributed-cache=authenticationSessions/:add(mode=SYNC,owners=1)
@@ -225,4 +248,139 @@ if (outcome == success) of /profile=$clusteredProfile/subsystem=infinispan/cache
   echo
 end-if
 
-echo *** End Migration of /profile=$clusteredProfile ***
\ No newline at end of file
+# Migrate from 3.2.0 to 3.2.1
+# NO CHANGES
+
+# Migrate from 3.2.1 to 3.3.0
+if (outcome == failed) of /profile=$clusteredProfile/subsystem=core-management/:read-resource
+    try
+        echo Trying to add core-management extension
+        /extension=org.wildfly.extension.core-management/:add
+        echo
+    catch
+        echo Wasn't able to add core-management extension, it should be already added by migrate-domain-standalone.cli
+        echo
+    end-try
+    echo Adding subsystem core-management
+    /profile=$clusteredProfile/subsystem=core-management/:add
+    echo
+end-if
+
+if (outcome == failed) of /profile=$clusteredProfile/subsystem=elytron/:read-resource
+    try
+        echo Trying to add elytron extension
+        /extension=org.wildfly.extension.elytron/:add
+        echo
+    catch
+        echo Wasn't able to add elytron extension, it should be already added by migrate-domain-standalone.cli
+        echo
+    end-try
+    echo Adding subsystem elytron
+    /profile=$clusteredProfile/subsystem=elytron/:add
+    /profile=$clusteredProfile/subsystem=elytron/provider-loader=elytron/:add(module=org.wildfly.security.elytron)
+    /profile=$clusteredProfile/subsystem=elytron/provider-loader=openssl/:add(module=org.wildfly.openssl)
+    /profile=$clusteredProfile/subsystem=elytron/aggregate-providers=combined-providers/:add(providers=[elytron,openssl])
+    /profile=$clusteredProfile/subsystem=elytron/file-audit-log=local-audit/:add(path=audit.log,relative-to=jboss.server.log.dir,format=JSON)
+    /profile=$clusteredProfile/subsystem=elytron/identity-realm=local/:add(identity="$local")
+    /profile=$clusteredProfile/subsystem=elytron/properties-realm=ApplicationRealm/:add(users-properties={path=application-users.properties,relative-to=jboss.domain.config.dir,digest-realm-name=ApplicationRealm},groups-properties={path=application-roles.properties,relative-to=jboss.domain.config.dir})
+    /profile=$clusteredProfile/subsystem=elytron/simple-permission-mapper=default-permission-mapper/:add(mapping-mode=first,permission-mappings=[{principals=[anonymous],permissions=[{class-name=org.wildfly.extension.batch.jberet.deployment.BatchPermission,module=org.wildfly.extension.batch.jberet,target-name=*},{class-name=org.wildfly.transaction.client.RemoteTransactionPermission,module=org.wildfly.transaction.client},{class-name=org.jboss.ejb.client.RemoteEJBPermission,module=org.jboss.ejb-client}]},{match-all=true,permissions=[{class-name=org.wildfly.security.auth.permission.LoginPermission},{class-name=org.wildfly.extension.batch.jberet.deployment.BatchPermission,module=org.wildfly.extension.batch.jberet,target-name=*},{class-name=org.wildfly.transaction.client.RemoteTransactionPermission,module=org.wildfly.transaction.client},{class-name=org.jboss.ejb.client.RemoteEJBPermission,module=org.jboss.ejb-client}]}])
+    /profile=$clusteredProfile/subsystem=elytron/constant-realm-mapper=local/:add(realm-name=local)
+    /profile=$clusteredProfile/subsystem=elytron/simple-role-decoder=groups-to-roles/:add(attribute=groups)
+    /profile=$clusteredProfile/subsystem=elytron/constant-role-mapper=super-user-mapper/:add(roles=[SuperUser])
+    /profile=$clusteredProfile/subsystem=elytron/security-domain=ApplicationDomain/:add(default-realm=ApplicationRealm,permission-mapper=default-permission-mapper,realms=[{realm=ApplicationRealm,role-decoder=groups-to-roles},{realm=local}])
+    /profile=$clusteredProfile/subsystem=elytron/provider-http-server-mechanism-factory=global/:add
+    /profile=$clusteredProfile/subsystem=elytron/http-authentication-factory=application-http-authentication/:add(http-server-mechanism-factory=global,security-domain=ApplicationDomain,mechanism-configurations=[{mechanism-name=BASIC,mechanism-realm-configurations=[{realm-name=Application Realm}]},{mechanism-name=FORM}])
+    /profile=$clusteredProfile/subsystem=elytron/provider-sasl-server-factory=global/:add
+    /profile=$clusteredProfile/subsystem=elytron/mechanism-provider-filtering-sasl-server-factory=elytron/:add(sasl-server-factory=global,filters=[{provider-name=WildFlyElytron}])
+    /profile=$clusteredProfile/subsystem=elytron/configurable-sasl-server-factory=configured/:add(sasl-server-factory=elytron,properties={wildfly.sasl.local-user.default-user => "$local"})
+    /profile=$clusteredProfile/subsystem=elytron/sasl-authentication-factory=application-sasl-authentication/:add(sasl-server-factory=configured,security-domain=ApplicationDomain,mechanism-configurations=[{mechanism-name=JBOSS-LOCAL-USER,realm-mapper=local},{mechanism-name=DIGEST-MD5,mechanism-realm-configurations=[{realm-name=ApplicationRealm}]}])
+    /profile=$clusteredProfile/subsystem=elytron/:write-attribute(name=final-providers,value=combined-providers)
+    /profile=$clusteredProfile/subsystem=elytron/:write-attribute(name=disallowed-providers,value=[OracleUcrypto])
+    echo
+end-if
+
+if (outcome == failed) of /profile=$clusteredProfile/subsystem=ejb3/service=remote/channel-creation-options=READ_TIMEOUT/:read-resource
+    echo Adding channel-creation-options READ_TIMEOUT and MAX_OUTBOUND_MESSAGES to ejb3 remote
+    /profile=$clusteredProfile/subsystem=ejb3/service=remote/channel-creation-options=READ_TIMEOUT/:add(value="${prop.remoting-connector.read.timeout:20}",type=xnio)
+    /profile=$clusteredProfile/subsystem=ejb3/service=remote/channel-creation-options=MAX_OUTBOUND_MESSAGES/:add(value=1234,type=remoting)
+    echo
+end-if
+
+if (result == ASYNC) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=web/distributed-cache=dist:read-attribute(name=mode)
+    echo Setting SYNC mode for web cache-container
+    /profile=$clusteredProfile/subsystem=infinispan/cache-container=web/distributed-cache=dist:write-attribute(name=mode,value=SYNC)
+    echo
+end-if
+
+if (result == ASYNC) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=ejb/distributed-cache=dist:read-attribute(name=mode)
+    echo Setting SYNC mode for ejb cache-container
+    /profile=$clusteredProfile/subsystem=infinispan/cache-container=ejb/distributed-cache=dist:write-attribute(name=mode,value=SYNC)
+    echo
+end-if
+
+if (result == undefined) of /profile=$clusteredProfile/subsystem=jgroups/channel=ee/:read-attribute(name=cluster)
+    echo Setting cluster attribute to ejb in jgroups subsystem
+    /profile=$clusteredProfile/subsystem=jgroups/channel=ee/:write-attribute(name=cluster,value=ejb)
+    echo
+end-if
+
+if (result != undefined) of /profile=$clusteredProfile/subsystem=jgroups/stack=udp/protocol=FD_SOCK/:read-attribute(name=socket-binding)
+    echo Unsetting socket-binding from udp FD_SOCK protocol
+    # it has to be done via remove and add, because socket-binding is not writable attribute
+    /profile=$clusteredProfile/subsystem=jgroups/stack=udp/protocol=FD_SOCK/:remove
+    /profile=$clusteredProfile/subsystem=jgroups/stack=udp/protocol=FD_SOCK/:add
+    echo
+end-if
+
+if (outcome == success) of /profile=$clusteredProfile/subsystem=jgroups/stack=tcp/protocol=FD/:read-resource
+    echo Replacing tcp FD protocol with FD_ALL
+    /profile=$clusteredProfile/subsystem=jgroups/stack=tcp/protocol=FD/:remove
+    /profile=$clusteredProfile/subsystem=jgroups/stack=tcp/protocol=FD_ALL/:add
+    echo
+end-if   
+
+if (result != undefined) of /profile=$clusteredProfile/subsystem=jgroups/stack=tcp/protocol=FD_SOCK/:read-attribute(name=socket-binding)
+    echo Unsetting socket-binding from tcp FD_SOCK protocol
+    # it has to be done via remove and add, because socket-binding is not writable attribute
+    /profile=$clusteredProfile/subsystem=jgroups/stack=tcp/protocol=FD_SOCK/:remove
+    /profile=$clusteredProfile/subsystem=jgroups/stack=tcp/protocol=FD_SOCK/:add
+    echo
+end-if 
+
+if (outcome == failed) of /profile=$clusteredProfile/subsystem=undertow/server=default-server/host=default-host/setting=http-invoker/:read-resource
+    echo Adding http-invoker to default-host
+    /profile=$clusteredProfile/subsystem=undertow/server=default-server/host=default-host/setting=http-invoker/:add(security-realm=ApplicationRealm)
+    echo
+end-if
+
+if (result == false) of /profile=$clusteredProfile/subsystem=undertow/server=default-server/http-listener=default/:read-attribute(name=enable-http2)
+    echo Enabling http2 for default http-listener
+    /profile=$clusteredProfile/subsystem=undertow/server=default-server/http-listener=default/:write-attribute(name=enable-http2,value=true)
+    echo
+end-if
+
+if (outcome == failed) of /profile=$clusteredProfile/subsystem=undertow/server=default-server/https-listener=https/:read-resource
+    echo Adding https-listener
+    /profile=$clusteredProfile/subsystem=undertow/server=default-server/https-listener=https/:add(socket-binding=https,security-realm=ApplicationRealm,enable-http2=true)
+    echo
+end-if
+
+if (outcome == success) of /socket-binding-group=ha-sockets/socket-binding=jgroups-tcp-fd/:read-resource
+    echo Removing socket-binding jgroups-tcp-fd
+    /socket-binding-group=ha-sockets/socket-binding=jgroups-tcp-fd/:remove
+    echo
+end-if
+
+if (outcome == success) of /socket-binding-group=ha-sockets/socket-binding=jgroups-udp-fd/:read-resource
+    echo Removing socket-binding jgroups-udp-fd
+    /socket-binding-group=ha-sockets/socket-binding=jgroups-udp-fd/:remove
+    echo
+end-if
+
+if (result == 224.0.1.105) of /socket-binding-group=ha-sockets/socket-binding=modcluster/:read-attribute(name=multicast-address)
+    echo Adding jboss.modcluster.multicast.address property to modcluster multicast-address
+    /socket-binding-group=ha-sockets/socket-binding=modcluster/:write-attribute(name=multicast-address,value=${jboss.modcluster.multicast.address:224.0.1.105})
+    echo
+end-if
+
+echo *** End Migration of /profile=$clusteredProfile ***

distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-domain-standalone.cli 141(+138 -3) 

diff --git a/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-domain-standalone.cli b/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-domain-standalone.cli
index fc01c29..23dc62b 100644
--- a/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-domain-standalone.cli
+++ b/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-domain-standalone.cli
@@ -62,6 +62,21 @@ if (result == []) of /profile=$standaloneProfile/subsystem=keycloak-server/:read
   /profile=$standaloneProfile/subsystem=keycloak-server/:migrate-json(file=$pathToJson)
   echo
 end-if
+if (result == [expression "classpath:${jboss.server.config.dir}/providers/*"]) of /profile=$standaloneProfile/subsystem=keycloak-server/:read-attribute(name=providers)
+    echo Updating provider to default value
+    /profile=$standaloneProfile/subsystem=keycloak-server/:write-attribute(name=providers,value=[classpath:${jboss.home.dir}/providers/*])
+    echo
+end-if
+if (result == keycloak) of /profile=$standaloneProfile/subsystem=keycloak-server/theme=defaults:read-attribute(name=default)
+    echo Undefining default theme...
+    /profile=$standaloneProfile/subsystem=keycloak-server/theme=defaults:undefine-attribute(name=default)
+    echo
+end-if
+if (result == expression "${jboss.server.config.dir}/themes") of /profile=$standaloneProfile/subsystem=keycloak-server/theme=defaults:read-attribute(name=dir)
+    echo Updating theme dir to default value
+    /profile=$standaloneProfile/subsystem=keycloak-server/theme=defaults/:write-attribute(name=dir,value=${jboss.home.dir}/themes)
+    echo
+end-if
 
 set persistenceProvider=jpa
 
@@ -181,14 +196,16 @@ if (outcome == failed) of /profile=$standaloneProfile/subsystem=keycloak-server/
    echo
 end-if
 
-if ((result.default-provider == undefined) && (result.provider.default.enabled == true)) of /subsystem=keycloak-server/spi=connectionsInfinispan/:read-resource(recursive=true,include-defaults=false)
+if ((result.default-provider == undefined) && (result.provider.default.enabled == true)) of /profile=$standaloneProfile/subsystem=keycloak-server/spi=connectionsInfinispan/:read-resource(recursive=true,include-defaults=false)
    echo Adding 'default' as default provider for connectionsInfinispan
    /profile=$standaloneProfile/subsystem=keycloak-server/spi=connectionsInfinispan/:write-attribute(name=default-provider,value=default)
    echo
 end-if
 
+# Migrate from 3.0.0 to 3.1.0
+# NO CHANGES
 
-# Migrate from 3.0.0 to 3.2.0
+# Migrate from 3.1.0 to 3.2.0
 if (outcome == failed) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=authenticationSessions/:read-resource
   echo Adding local-cache=authenticationSessions to keycloak cache container...
   /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=authenticationSessions/:add(indexing=NONE,start=LAZY)
@@ -205,4 +222,122 @@ if (outcome == failed) of /profile=$standaloneProfile/subsystem=infinispan/cache
   echo
 end-if
 
-echo *** End Migration of /profile=$standaloneProfile ***
\ No newline at end of file
+if (result == 100L) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/component=eviction/:read-attribute(name=max-entries)
+    echo Updating eviction in local-cache=authorization...
+    /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/component=eviction/:write-attribute(name=max-entries,value=10000)
+    echo
+end-if
+
+# Migrate from 3.2.0 to 3.2.1
+# NO CHANGES
+
+# Migrate from 3.2.1 to 3.3.0
+if (outcome == failed) of /profile=$standaloneProfile/subsystem=core-management/:read-resource
+    try
+        echo Trying to add core-management extension
+        /extension=org.wildfly.extension.core-management/:add
+        echo
+    catch
+        echo Wasn't able to add core-management extension, it should be already added by migrate-domain-clustered.cli
+        echo
+    end-try
+    echo Adding subsystem core-management
+    /profile=$standaloneProfile/subsystem=core-management/:add
+    echo
+end-if
+
+if (outcome == failed) of /profile=$standaloneProfile/subsystem=elytron/:read-resource
+    try
+        echo Trying to add elytron extension
+        /extension=org.wildfly.extension.elytron/:add
+        echo
+    catch
+        echo Wasn't able to add elytron extension, it should be already added by migrate-domain-clustered.cli
+        echo
+    end-try
+    echo Adding subsystem elytron
+    /profile=$standaloneProfile/subsystem=elytron/:add
+    /profile=$standaloneProfile/subsystem=elytron/provider-loader=elytron/:add(module=org.wildfly.security.elytron)
+    /profile=$standaloneProfile/subsystem=elytron/provider-loader=openssl/:add(module=org.wildfly.openssl)
+    /profile=$standaloneProfile/subsystem=elytron/aggregate-providers=combined-providers/:add(providers=[elytron,openssl])
+    /profile=$standaloneProfile/subsystem=elytron/file-audit-log=local-audit/:add(path=audit.log,relative-to=jboss.server.log.dir,format=JSON)
+    /profile=$standaloneProfile/subsystem=elytron/identity-realm=local/:add(identity="$local")
+    /profile=$standaloneProfile/subsystem=elytron/properties-realm=ApplicationRealm/:add(users-properties={path=application-users.properties,relative-to=jboss.domain.config.dir,digest-realm-name=ApplicationRealm},groups-properties={path=application-roles.properties,relative-to=jboss.domain.config.dir})
+    /profile=$standaloneProfile/subsystem=elytron/simple-permission-mapper=default-permission-mapper/:add(mapping-mode=first,permission-mappings=[{principals=[anonymous],permissions=[{class-name=org.wildfly.extension.batch.jberet.deployment.BatchPermission,module=org.wildfly.extension.batch.jberet,target-name=*},{class-name=org.wildfly.transaction.client.RemoteTransactionPermission,module=org.wildfly.transaction.client},{class-name=org.jboss.ejb.client.RemoteEJBPermission,module=org.jboss.ejb-client}]},{match-all=true,permissions=[{class-name=org.wildfly.security.auth.permission.LoginPermission},{class-name=org.wildfly.extension.batch.jberet.deployment.BatchPermission,module=org.wildfly.extension.batch.jberet,target-name=*},{class-name=org.wildfly.transaction.client.RemoteTransactionPermission,module=org.wildfly.transaction.client},{class-name=org.jboss.ejb.client.RemoteEJBPermission,module=org.jboss.ejb-client}]}])
+    /profile=$standaloneProfile/subsystem=elytron/constant-realm-mapper=local/:add(realm-name=local)
+    /profile=$standaloneProfile/subsystem=elytron/simple-role-decoder=groups-to-roles/:add(attribute=groups)
+    /profile=$standaloneProfile/subsystem=elytron/constant-role-mapper=super-user-mapper/:add(roles=[SuperUser])
+    /profile=$standaloneProfile/subsystem=elytron/security-domain=ApplicationDomain/:add(default-realm=ApplicationRealm,permission-mapper=default-permission-mapper,realms=[{realm=ApplicationRealm,role-decoder=groups-to-roles},{realm=local}])
+    /profile=$standaloneProfile/subsystem=elytron/provider-http-server-mechanism-factory=global/:add
+    /profile=$standaloneProfile/subsystem=elytron/http-authentication-factory=application-http-authentication/:add(http-server-mechanism-factory=global,security-domain=ApplicationDomain,mechanism-configurations=[{mechanism-name=BASIC,mechanism-realm-configurations=[{realm-name=Application Realm}]},{mechanism-name=FORM}])
+    /profile=$standaloneProfile/subsystem=elytron/provider-sasl-server-factory=global/:add
+    /profile=$standaloneProfile/subsystem=elytron/mechanism-provider-filtering-sasl-server-factory=elytron/:add(sasl-server-factory=global,filters=[{provider-name=WildFlyElytron}])
+    /profile=$standaloneProfile/subsystem=elytron/configurable-sasl-server-factory=configured/:add(sasl-server-factory=elytron,properties={wildfly.sasl.local-user.default-user => "$local"})
+    /profile=$standaloneProfile/subsystem=elytron/sasl-authentication-factory=application-sasl-authentication/:add(sasl-server-factory=configured,security-domain=ApplicationDomain,mechanism-configurations=[{mechanism-name=JBOSS-LOCAL-USER,realm-mapper=local},{mechanism-name=DIGEST-MD5,mechanism-realm-configurations=[{realm-name=ApplicationRealm}]}])
+    /profile=$standaloneProfile/subsystem=elytron/:write-attribute(name=final-providers,value=combined-providers)
+    /profile=$standaloneProfile/subsystem=elytron/:write-attribute(name=disallowed-providers,value=[OracleUcrypto])
+    echo
+end-if
+
+if (outcome == failed) of /profile=$standaloneProfile/subsystem=ejb3/service=remote/channel-creation-options=READ_TIMEOUT/:read-resource
+    echo Adding channel-creation-options READ_TIMEOUT and MAX_OUTBOUND_MESSAGES to ejb3 remote
+    /profile=$standaloneProfile/subsystem=ejb3/service=remote/channel-creation-options=READ_TIMEOUT/:add(value="${prop.remoting-connector.read.timeout:20}",type=xnio)
+    /profile=$standaloneProfile/subsystem=ejb3/service=remote/channel-creation-options=MAX_OUTBOUND_MESSAGES/:add(value=1234,type=remoting)
+    echo
+end-if
+
+if (outcome == success) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=web/local-cache=persistent:read-resource
+    echo Removing local-cache persistent from web cache-container
+    /profile=$standaloneProfile/subsystem=infinispan/cache-container=web/local-cache=persistent:remove
+    echo
+end-if
+
+if (outcome == success) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=ejb/local-cache=persistent:read-resource
+    echo Removing local-cache persistent from ejb cache-container
+    /profile=$standaloneProfile/subsystem=infinispan/cache-container=ejb/local-cache=persistent:remove
+    echo
+end-if
+
+if (result == local-query) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=hibernate/:read-attribute(name=default-cache)
+    echo Removing default-cache from hibernate cache-container
+    /profile=$standaloneProfile/subsystem=infinispan/cache-container=hibernate/:undefine-attribute(name=default-cache)
+    echo
+end-if
+
+if (outcome == failed) of /profile=$standaloneProfile/subsystem=undertow/server=default-server/host=default-host/setting=http-invoker/:read-resource
+    echo Adding http-invoker to default-host
+    /profile=$standaloneProfile/subsystem=undertow/server=default-server/host=default-host/setting=http-invoker/:add(security-realm=ApplicationRealm)
+    echo
+end-if
+
+if (result == false) of /profile=$standaloneProfile/subsystem=undertow/server=default-server/http-listener=default/:read-attribute(name=enable-http2)
+    echo Enabling http2 for default http-listener
+    /profile=$standaloneProfile/subsystem=undertow/server=default-server/http-listener=default/:write-attribute(name=enable-http2,value=true)
+    echo
+end-if
+
+if (outcome == failed) of /profile=$standaloneProfile/subsystem=undertow/server=default-server/https-listener=https/:read-resource
+    echo Adding https-listener
+    /profile=$standaloneProfile/subsystem=undertow/server=default-server/https-listener=https/:add(socket-binding=https,security-realm=ApplicationRealm,enable-http2=true)
+    echo
+end-if
+
+if (outcome == success) of /socket-binding-group=ha-sockets/socket-binding=jgroups-tcp-fd/:read-resource
+    echo Removing socket-binding jgroups-tcp-fd
+    /socket-binding-group=ha-sockets/socket-binding=jgroups-tcp-fd/:remove
+    echo
+end-if
+
+if (outcome == success) of /socket-binding-group=ha-sockets/socket-binding=jgroups-udp-fd/:read-resource
+    echo Removing socket-binding jgroups-udp-fd
+    /socket-binding-group=ha-sockets/socket-binding=jgroups-udp-fd/:remove
+    echo
+end-if
+
+if (result == 224.0.1.105) of /socket-binding-group=ha-sockets/socket-binding=modcluster/:read-attribute(name=multicast-address)
+    echo Adding jboss.modcluster.multicast.address property to modcluster multicast-address
+    /socket-binding-group=ha-sockets/socket-binding=modcluster/:write-attribute(name=multicast-address,value=${jboss.modcluster.multicast.address:224.0.1.105})
+    echo
+end-if
+
+echo *** End Migration of /profile=$standaloneProfile ***

distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-standalone.cli 115(+113 -2) 

diff --git a/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-standalone.cli b/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-standalone.cli
index 517759f..632604f 100644
--- a/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-standalone.cli
+++ b/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-standalone.cli
@@ -55,6 +55,21 @@ if (result == []) of /subsystem=keycloak-server/:read-children-names(child-type=
   /subsystem=keycloak-server/:migrate-json
   echo
 end-if
+if (result == [expression "classpath:${jboss.server.config.dir}/providers/*"]) of /subsystem=keycloak-server/:read-attribute(name=providers)
+    echo Updating provider to default value
+    /subsystem=keycloak-server/:write-attribute(name=providers,value=[classpath:${jboss.home.dir}/providers/*])
+    echo
+end-if
+if (result == keycloak) of /subsystem=keycloak-server/theme=defaults:read-attribute(name=default)
+    echo Undefining default theme...
+    /subsystem=keycloak-server/theme=defaults:undefine-attribute(name=default)
+    echo
+end-if
+if (result == expression "${jboss.server.config.dir}/themes") of /subsystem=keycloak-server/theme=defaults:read-attribute(name=dir)
+    echo Updating theme dir to default value
+    /subsystem=keycloak-server/theme=defaults/:write-attribute(name=dir,value=${jboss.home.dir}/themes)
+    echo
+end-if
 
 set persistenceProvider=jpa
 
@@ -195,8 +210,10 @@ if ((result.default-provider == undefined) && (result.provider.default.enabled =
    echo
 end-if
 
+# Migrate from 3.0.0 to 3.1.0
+# NO CHANGES
 
-# Migrate from 3.0.0 to 3.2.0
+# Migrate from 3.1.0 to 3.2.0
 if (outcome == failed) of /subsystem=infinispan/cache-container=keycloak/local-cache=authenticationSessions/:read-resource
   echo Adding local-cache=authenticationSessions to keycloak cache container...
   /subsystem=infinispan/cache-container=keycloak/local-cache=authenticationSessions/:add(indexing=NONE,start=LAZY)
@@ -213,4 +230,98 @@ if (outcome == failed) of /subsystem=infinispan/cache-container=keycloak/local-c
   echo
 end-if
 
-echo *** End Migration ***
\ No newline at end of file
+if (result == 100L) of /subsystem=infinispan/cache-container=keycloak/local-cache=authorization/component=eviction/:read-attribute(name=max-entries)
+    echo Updating eviction in local-cache=authorization...
+    /subsystem=infinispan/cache-container=keycloak/local-cache=authorization/component=eviction/:write-attribute(name=max-entries,value=10000)
+    echo
+end-if
+
+# Migrate from 3.2.0 to 3.2.1
+# NO CHANGES
+
+# Migrate from 3.2.1 to 3.3.0
+if (outcome == failed) of /core-service=management/security-realm=ApplicationRealm/server-identity=ssl:read-resource
+    echo Adding keystore to ApplicationRealm...
+    /core-service=management/security-realm=ApplicationRealm/server-identity=ssl:add(keystore-path=application.keystore,keystore-relative-to=jboss.server.config.dir,keystore-password=password,alias=server,key-password=password,generate-self-signed-certificate-host=localhost)
+    echo
+end-if    
+
+if (outcome == failed) of /extension=org.wildfly.extension.elytron/:read-resource
+    echo Adding elytron extension...
+    /extension=org.wildfly.extension.elytron/:add(module=org.wildfly.extension.elytron)
+    echo
+end-if
+
+if (outcome == failed) of /subsystem=elytron/:read-resource
+    echo Adding elytron subsystem
+    /subsystem=elytron:add
+    /subsystem=elytron/provider-loader=elytron/:add(module=org.wildfly.security.elytron)
+    /subsystem=elytron/provider-loader=openssl/:add(module=org.wildfly.openssl)
+    /subsystem=elytron/aggregate-providers=combined-providers/:add(providers=[elytron,openssl])
+    /subsystem=elytron/file-audit-log=local-audit/:add(path=audit.log,relative-to=jboss.server.log.dir,format=JSON)
+    /subsystem=elytron/identity-realm=local/:add(identity="$local")
+    /subsystem=elytron/properties-realm=ApplicationRealm/:add(users-properties={path=application-users.properties,relative-to=jboss.server.config.dir,digest-realm-name=ApplicationRealm},groups-properties={path=application-roles.properties,relative-to=jboss.server.config.dir})
+    /subsystem=elytron/properties-realm=ManagementRealm/:add(users-properties={path=mgmt-users.properties,relative-to=jboss.server.config.dir,digest-realm-name=ManagementRealm},groups-properties={path=mgmt-groups.properties,relative-to=jboss.server.config.dir})
+    /subsystem=elytron/simple-permission-mapper=default-permission-mapper/:add(mapping-mode=first,permission-mappings=[{principals=[anonymous],permissions=[{class-name=org.wildfly.extension.batch.jberet.deployment.BatchPermission,module=org.wildfly.extension.batch.jberet,target-name=*},{class-name=org.wildfly.transaction.client.RemoteTransactionPermission,module=org.wildfly.transaction.client},{class-name=org.jboss.ejb.client.RemoteEJBPermission,module=org.jboss.ejb-client}]},{match-all=true,permissions=[{class-name=org.wildfly.security.auth.permission.LoginPermission},{class-name=org.wildfly.extension.batch.jberet.deployment.BatchPermission,module=org.wildfly.extension.batch.jberet,target-name=*},{class-name=org.wildfly.transaction.client.RemoteTransactionPermission,module=org.wildfly.transaction.client},{class-name=org.jboss.ejb.client.RemoteEJBPermission,module=org.jboss.ejb-client}]}])
+    /subsystem=elytron/constant-realm-mapper=local/:add(realm-name=local)
+    /subsystem=elytron/simple-role-decoder=groups-to-roles/:add(attribute=groups)
+    /subsystem=elytron/constant-role-mapper=super-user-mapper/:add(roles=[SuperUser])
+    /subsystem=elytron/security-domain=ApplicationDomain/:add(default-realm=ApplicationRealm,permission-mapper=default-permission-mapper,realms=[{realm=ApplicationRealm,role-decoder=groups-to-roles},{realm=local}])
+    /subsystem=elytron/security-domain=ManagementDomain/:add(default-realm=ManagementRealm,permission-mapper=default-permission-mapper,realms=[{realm=ManagementRealm,role-decoder=groups-to-roles},{realm=local,role-mapper=super-user-mapper}])
+    /subsystem=elytron/provider-http-server-mechanism-factory=global/:add
+    /subsystem=elytron/http-authentication-factory=management-http-authentication/:add(http-server-mechanism-factory=global,security-domain=ManagementDomain,mechanism-configurations=[{mechanism-name=DIGEST,mechanism-realm-configurations=[{realm-name=ManagementRealm}]}])
+    /subsystem=elytron/http-authentication-factory=application-http-authentication/:add(http-server-mechanism-factory=global,security-domain=ApplicationDomain,mechanism-configurations=[{mechanism-name=BASIC,mechanism-realm-configurations=[{realm-name=Application Realm}]},{mechanism-name=FORM}])
+    /subsystem=elytron/provider-sasl-server-factory=global/:add
+    /subsystem=elytron/mechanism-provider-filtering-sasl-server-factory=elytron/:add(sasl-server-factory=global,filters=[{provider-name=WildFlyElytron}])
+    /subsystem=elytron/configurable-sasl-server-factory=configured/:add(sasl-server-factory=elytron,properties={wildfly.sasl.local-user.default-user => "$local"})
+    /subsystem=elytron/sasl-authentication-factory=management-sasl-authentication/:add(sasl-server-factory=configured,security-domain=ManagementDomain,mechanism-configurations=[{mechanism-name=JBOSS-LOCAL-USER,realm-mapper=local},{mechanism-name=DIGEST-MD5,mechanism-realm-configurations=[{realm-name=ManagementRealm}]}])
+    /subsystem=elytron/sasl-authentication-factory=application-sasl-authentication/:add(sasl-server-factory=configured,security-domain=ApplicationDomain,mechanism-configurations=[{mechanism-name=JBOSS-LOCAL-USER,realm-mapper=local},{mechanism-name=DIGEST-MD5,mechanism-realm-configurations=[{realm-name=ApplicationRealm}]}])
+    /subsystem=elytron/:write-attribute(name=final-providers,value=combined-providers)
+    /subsystem=elytron/:write-attribute(name=disallowed-providers,value=[OracleUcrypto])
+    echo
+end-if
+
+if (outcome == failed) of /subsystem=ejb3/service=remote/channel-creation-options=READ_TIMEOUT/:read-resource
+    echo Adding channel-creation-options READ_TIMEOUT and MAX_OUTBOUND_MESSAGES to ejb3 remote
+    /subsystem=ejb3/service=remote/channel-creation-options=READ_TIMEOUT/:add(value="${prop.remoting-connector.read.timeout:20}",type=xnio)
+    /subsystem=ejb3/service=remote/channel-creation-options=MAX_OUTBOUND_MESSAGES/:add(value=1234,type=remoting)
+    echo
+end-if
+
+if (outcome == success) of /subsystem=infinispan/cache-container=web/local-cache=persistent:read-resource
+    echo Removing local-cache persistent from web cache-container
+    /subsystem=infinispan/cache-container=web/local-cache=persistent:remove
+    echo
+end-if
+
+if (outcome == success) of /subsystem=infinispan/cache-container=ejb/local-cache=persistent:read-resource
+    echo Removing local-cache persistent from ejb cache-container
+    /subsystem=infinispan/cache-container=ejb/local-cache=persistent:remove
+    echo
+end-if
+
+if (result == local-query) of /subsystem=infinispan/cache-container=hibernate/:read-attribute(name=default-cache)
+    echo Removing default-cache from hibernate cache-container
+    /subsystem=infinispan/cache-container=hibernate/:undefine-attribute(name=default-cache)
+    echo
+end-if
+    
+if (outcome == failed) of /subsystem=undertow/server=default-server/host=default-host/setting=http-invoker/:read-resource
+    echo Adding http-invoker to default-host
+    /subsystem=undertow/server=default-server/host=default-host/setting=http-invoker/:add(security-realm=ApplicationRealm)
+    echo
+end-if
+
+if (result == false) of /subsystem=undertow/server=default-server/http-listener=default/:read-attribute(name=enable-http2)
+    echo Enabling http2 for default http-listener
+    /subsystem=undertow/server=default-server/http-listener=default/:write-attribute(name=enable-http2,value=true)
+    echo
+end-if
+
+if (outcome == failed) of /subsystem=undertow/server=default-server/https-listener=https/:read-resource
+    echo Adding https-listener
+    /subsystem=undertow/server=default-server/https-listener=https/:add(socket-binding=https,security-realm=ApplicationRealm,enable-http2=true)
+    echo
+end-if
+
+echo *** End Migration ***

distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-standalone-ha.cli 158(+154 -4) 

diff --git a/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-standalone-ha.cli b/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-standalone-ha.cli
index 4f4e3e0..904db42 100644
--- a/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-standalone-ha.cli
+++ b/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-standalone-ha.cli
@@ -43,6 +43,21 @@ if (result == []) of /subsystem=keycloak-server/:read-children-names(child-type=
 end-if
 
 set persistenceProvider=jpa
+if (result == [expression "classpath:${jboss.server.config.dir}/providers/*"]) of /subsystem=keycloak-server/:read-attribute(name=providers)
+    echo Updating provider to default value
+    /subsystem=keycloak-server/:write-attribute(name=providers,value=[classpath:${jboss.home.dir}/providers/*])
+    echo
+end-if
+if (result == keycloak) of /subsystem=keycloak-server/theme=defaults:read-attribute(name=default)
+    echo Undefining default theme...
+    /subsystem=keycloak-server/theme=defaults:undefine-attribute(name=default)
+    echo
+end-if
+if (result == expression "${jboss.server.config.dir}/themes") of /subsystem=keycloak-server/theme=defaults:read-attribute(name=dir)
+    echo Updating theme dir to default value
+    /subsystem=keycloak-server/theme=defaults/:write-attribute(name=dir,value=${jboss.home.dir}/themes)
+    echo
+end-if
 
 # Migrate from 2.1.0 to 2.2.0
 if (outcome == failed) of /extension=org.jboss.as.deployment-scanner/:read-resource
@@ -60,11 +75,17 @@ if (outcome == failed) of /subsystem=deployment-scanner/scanner=default/:read-re
   /subsystem=deployment-scanner/scanner=default/:add(path=deployments,relative-to=jboss.server.base.dir,runtime-failure-causes-rollback=${jboss.deployment.scanner.rollback.on.failure:false},scan-interval=5000)
   echo
 end-if
+
 if (outcome == failed) of /subsystem=infinispan/cache-container=keycloak/distributed-cache=authorization/:read-resource
-  echo Additing distributed-cache=authorization
-  /subsystem=infinispan/cache-container=keycloak/distributed-cache=authorization/:add(mode=SYNC,owners=1)
-  echo
+    # In migration from 3.0.0 to 3.2.0 there is authorization distributed-cache replaced with local-cache
+    try
+        echo 
+        /subsystem=infinispan/cache-container=keycloak/distributed-cache=authorization/:add(mode=SYNC,owners=1)
+        echo Added distributed-cache=authorization
+    catch
+    end-try
 end-if
+
 if (result == update) of /subsystem=keycloak-server/spi=connectionsJpa/provider=default/:map-get(name=properties,key=databaseSchema)
   echo Updating connectionsJpa default properties...
   /subsystem=keycloak-server/spi=connectionsJpa/provider=default/:map-remove(name=properties,key=databaseSchema)
@@ -230,4 +251,133 @@ if (outcome == success) of /subsystem=infinispan/cache-container=keycloak/distri
   echo
 end-if
 
-echo *** End Migration ***
\ No newline at end of file
+# Migrate from 3.2.0 to 3.2.1
+# NO CHANGES
+
+# Migrate from 3.2.1 to 3.3.0
+if (outcome == failed) of /core-service=management/security-realm=ApplicationRealm/server-identity=ssl:read-resource
+    echo Adding keystore to ApplicationRealm...
+    /core-service=management/security-realm=ApplicationRealm/server-identity=ssl:add(keystore-path=application.keystore,keystore-relative-to=jboss.server.config.dir,keystore-password=password,alias=server,key-password=password,generate-self-signed-certificate-host=localhost)
+    echo
+end-if 
+
+if (outcome == failed) of /extension=org.wildfly.extension.elytron/:read-resource
+    echo Adding elytron extension...
+    /extension=org.wildfly.extension.elytron/:add(module=org.wildfly.extension.elytron)
+    echo
+end-if
+
+if (outcome == failed) of /subsystem=elytron/:read-resource
+    echo Adding elytron subsystem
+    /subsystem=elytron:add
+    /subsystem=elytron/provider-loader=elytron/:add(module=org.wildfly.security.elytron)
+    /subsystem=elytron/provider-loader=openssl/:add(module=org.wildfly.openssl)
+    /subsystem=elytron/aggregate-providers=combined-providers/:add(providers=[elytron,openssl])
+    /subsystem=elytron/file-audit-log=local-audit/:add(path=audit.log,relative-to=jboss.server.log.dir,format=JSON)
+    /subsystem=elytron/identity-realm=local/:add(identity="$local")
+    /subsystem=elytron/properties-realm=ApplicationRealm/:add(users-properties={path=application-users.properties,relative-to=jboss.server.config.dir,digest-realm-name=ApplicationRealm},groups-properties={path=application-roles.properties,relative-to=jboss.server.config.dir})
+    /subsystem=elytron/properties-realm=ManagementRealm/:add(users-properties={path=mgmt-users.properties,relative-to=jboss.server.config.dir,digest-realm-name=ManagementRealm},groups-properties={path=mgmt-groups.properties,relative-to=jboss.server.config.dir})
+    /subsystem=elytron/simple-permission-mapper=default-permission-mapper/:add(mapping-mode=first,permission-mappings=[{principals=[anonymous],permissions=[{class-name=org.wildfly.extension.batch.jberet.deployment.BatchPermission,module=org.wildfly.extension.batch.jberet,target-name=*},{class-name=org.wildfly.transaction.client.RemoteTransactionPermission,module=org.wildfly.transaction.client},{class-name=org.jboss.ejb.client.RemoteEJBPermission,module=org.jboss.ejb-client}]},{match-all=true,permissions=[{class-name=org.wildfly.security.auth.permission.LoginPermission},{class-name=org.wildfly.extension.batch.jberet.deployment.BatchPermission,module=org.wildfly.extension.batch.jberet,target-name=*},{class-name=org.wildfly.transaction.client.RemoteTransactionPermission,module=org.wildfly.transaction.client},{class-name=org.jboss.ejb.client.RemoteEJBPermission,module=org.jboss.ejb-client}]}])
+    /subsystem=elytron/constant-realm-mapper=local/:add(realm-name=local)
+    /subsystem=elytron/simple-role-decoder=groups-to-roles/:add(attribute=groups)
+    /subsystem=elytron/constant-role-mapper=super-user-mapper/:add(roles=[SuperUser])
+    /subsystem=elytron/security-domain=ApplicationDomain/:add(default-realm=ApplicationRealm,permission-mapper=default-permission-mapper,realms=[{realm=ApplicationRealm,role-decoder=groups-to-roles},{realm=local}])
+    /subsystem=elytron/security-domain=ManagementDomain/:add(default-realm=ManagementRealm,permission-mapper=default-permission-mapper,realms=[{realm=ManagementRealm,role-decoder=groups-to-roles},{realm=local,role-mapper=super-user-mapper}])
+    /subsystem=elytron/provider-http-server-mechanism-factory=global/:add
+    /subsystem=elytron/http-authentication-factory=management-http-authentication/:add(http-server-mechanism-factory=global,security-domain=ManagementDomain,mechanism-configurations=[{mechanism-name=DIGEST,mechanism-realm-configurations=[{realm-name=ManagementRealm}]}])
+    /subsystem=elytron/http-authentication-factory=application-http-authentication/:add(http-server-mechanism-factory=global,security-domain=ApplicationDomain,mechanism-configurations=[{mechanism-name=BASIC,mechanism-realm-configurations=[{realm-name=Application Realm}]},{mechanism-name=FORM}])
+    /subsystem=elytron/provider-sasl-server-factory=global/:add
+    /subsystem=elytron/mechanism-provider-filtering-sasl-server-factory=elytron/:add(sasl-server-factory=global,filters=[{provider-name=WildFlyElytron}])
+    /subsystem=elytron/configurable-sasl-server-factory=configured/:add(sasl-server-factory=elytron,properties={wildfly.sasl.local-user.default-user => "$local"})
+    /subsystem=elytron/sasl-authentication-factory=management-sasl-authentication/:add(sasl-server-factory=configured,security-domain=ManagementDomain,mechanism-configurations=[{mechanism-name=JBOSS-LOCAL-USER,realm-mapper=local},{mechanism-name=DIGEST-MD5,mechanism-realm-configurations=[{realm-name=ManagementRealm}]}])
+    /subsystem=elytron/sasl-authentication-factory=application-sasl-authentication/:add(sasl-server-factory=configured,security-domain=ApplicationDomain,mechanism-configurations=[{mechanism-name=JBOSS-LOCAL-USER,realm-mapper=local},{mechanism-name=DIGEST-MD5,mechanism-realm-configurations=[{realm-name=ApplicationRealm}]}])
+    /subsystem=elytron/:write-attribute(name=final-providers,value=combined-providers)
+    /subsystem=elytron/:write-attribute(name=disallowed-providers,value=[OracleUcrypto])
+    echo
+end-if
+
+if (outcome == failed) of /subsystem=ejb3/service=remote/channel-creation-options=READ_TIMEOUT/:read-resource
+    echo Adding channel-creation-options READ_TIMEOUT and MAX_OUTBOUND_MESSAGES to ejb3 remote
+    /subsystem=ejb3/service=remote/channel-creation-options=READ_TIMEOUT/:add(value="${prop.remoting-connector.read.timeout:20}",type=xnio)
+    /subsystem=ejb3/service=remote/channel-creation-options=MAX_OUTBOUND_MESSAGES/:add(value=1234,type=remoting)
+    echo
+end-if
+
+if (result == ASYNC) of /subsystem=infinispan/cache-container=web/distributed-cache=dist:read-attribute(name=mode)
+    echo Setting SYNC mode for web cache-container
+    /subsystem=infinispan/cache-container=web/distributed-cache=dist:write-attribute(name=mode,value=SYNC)
+    echo
+end-if
+
+if (result == ASYNC) of /subsystem=infinispan/cache-container=ejb/distributed-cache=dist:read-attribute(name=mode)
+    echo Setting SYNC mode for ejb cache-container
+    /subsystem=infinispan/cache-container=ejb/distributed-cache=dist:write-attribute(name=mode,value=SYNC)
+    echo
+end-if
+
+if (result == undefined) of /subsystem=jgroups/channel=ee/:read-attribute(name=cluster)
+    echo Setting cluster attribute to ejb in jgroups subsystem
+    /subsystem=jgroups/channel=ee/:write-attribute(name=cluster,value=ejb)
+    echo
+end-if
+
+if (result != undefined) of /subsystem=jgroups/stack=udp/protocol=FD_SOCK/:read-attribute(name=socket-binding)
+    echo Unsetting socket-binding from udp FD_SOCK protocol
+    # it has to be done via remove and add, because socket-binding is not writable attribute
+    /subsystem=jgroups/stack=udp/protocol=FD_SOCK/:remove
+    /subsystem=jgroups/stack=udp/protocol=FD_SOCK/:add
+    echo
+end-if
+
+if (outcome == success) of /subsystem=jgroups/stack=tcp/protocol=FD/:read-resource
+    echo Replacing tcp FD protocol with FD_ALL
+    /subsystem=jgroups/stack=tcp/protocol=FD/:remove
+    /subsystem=jgroups/stack=tcp/protocol=FD_ALL/:add
+    echo
+end-if   
+
+if (result != undefined) of /subsystem=jgroups/stack=tcp/protocol=FD_SOCK/:read-attribute(name=socket-binding)
+    echo Unsetting socket-binding from tcp FD_SOCK protocol
+    # it has to be done via remove and add, because socket-binding is not writable attribute
+    /subsystem=jgroups/stack=tcp/protocol=FD_SOCK/:remove
+    /subsystem=jgroups/stack=tcp/protocol=FD_SOCK/:add
+    echo
+end-if 
+
+if (outcome == failed) of /subsystem=undertow/server=default-server/host=default-host/setting=http-invoker/:read-resource
+    echo Adding http-invoker to default-host
+    /subsystem=undertow/server=default-server/host=default-host/setting=http-invoker/:add(security-realm=ApplicationRealm)
+    echo
+end-if
+
+if (result == false) of /subsystem=undertow/server=default-server/http-listener=default/:read-attribute(name=enable-http2)
+    echo Enabling http2 for default http-listener
+    /subsystem=undertow/server=default-server/http-listener=default/:write-attribute(name=enable-http2,value=true)
+    echo
+end-if
+
+if (outcome == failed) of /subsystem=undertow/server=default-server/https-listener=https/:read-resource
+    echo Adding https-listener
+    /subsystem=undertow/server=default-server/https-listener=https/:add(socket-binding=https,security-realm=ApplicationRealm,enable-http2=true)
+    echo
+end-if
+
+if (outcome == success) of /socket-binding-group=standard-sockets/socket-binding=jgroups-tcp-fd/:read-resource
+    echo Removing socket-binding jgroups-tcp-fd
+    /socket-binding-group=standard-sockets/socket-binding=jgroups-tcp-fd/:remove
+    echo
+end-if
+
+if (outcome == success) of /socket-binding-group=standard-sockets/socket-binding=jgroups-udp-fd/:read-resource
+    echo Removing socket-binding jgroups-udp-fd
+    /socket-binding-group=standard-sockets/socket-binding=jgroups-udp-fd/:remove
+    echo
+end-if
+
+if (result == 224.0.1.105) of /socket-binding-group=standard-sockets/socket-binding=modcluster/:read-attribute(name=multicast-address)
+    echo Adding jboss.modcluster.multicast.address property to modcluster multicast-address
+    /socket-binding-group=standard-sockets/socket-binding=modcluster/:write-attribute(name=multicast-address,value=${jboss.modcluster.multicast.address:224.0.1.105})
+    echo
+end-if
+
+echo *** End Migration ***

Bonobo Git Server (6.3.0.632) © 2015 Jakub Chodounský · Official Page · Github