keycloak-aplcache
Details
docbook/auth-server-docs/pom.xml 4(+4 -0)
diff --git a/docbook/auth-server-docs/pom.xml b/docbook/auth-server-docs/pom.xml
index a7c2ddd..546b18d 100755
--- a/docbook/auth-server-docs/pom.xml
+++ b/docbook/auth-server-docs/pom.xml
@@ -114,6 +114,10 @@
<name>picketlink.version</name>
<value>${picketlink.version}</value>
</injection>
+ <injection>
+ <name>wildfly.version</name>
+ <value>${wildfly.version}</value>
+ </injection>
</injections>
<options>
<xmlTransformerType>saxon</xmlTransformerType>
diff --git a/docbook/auth-server-docs/reference/en/en-US/modules/server-installation.xml b/docbook/auth-server-docs/reference/en/en-US/modules/server-installation.xml
index 558f943..549bc84 100755
--- a/docbook/auth-server-docs/reference/en/en-US/modules/server-installation.xml
+++ b/docbook/auth-server-docs/reference/en/en-US/modules/server-installation.xml
@@ -43,9 +43,9 @@
<section id="overlay_install">
- <title>Install on existing WildFly 9.0.1.Final</title>
+ <title>Install on existing WildFly &wildfly.version;</title>
<para>
- Keycloak can be installed into an existing WildFly 9.0.0.Final server. To do this download
+ Keycloak can be installed into an existing WildFly &wildfly.version; server. To do this download
<literal>keycloak-overlay-&project.version;.zip</literal> or <literal>keycloak-overlay-&project.version;.tar.gz</literal>.
Once downloaded extract into the root directory of your WildFly installation. To start WildFly with Keycloak
run:
@@ -62,11 +62,15 @@
<para>
To add Keycloak to other sever configurations (standalone.xml, standalone-ha.xml, etc.) start the server with
the desired server-config. If you are running the server in standalone mode run:
- <programlisting>cd <WILDFLY_HOME>/bin
- ./jboss-cli.sh -c --file=keycloak-install.cli</programlisting>
+<programlisting>
+cd <WILDFLY_HOME>/bin
+./jboss-cli.sh -c --file=keycloak-install.cli
+</programlisting>
Or if you are running in clustering (HA) mode (by having used -c standalone-ha.xml) then run:
- <programlisting>cd <WILDFLY_HOME>/bin
- ./jboss-cli.sh -c --file=keycloak-install-ha.cli</programlisting>
+<programlisting>
+cd <WILDFLY_HOME>/bin
+./jboss-cli.sh -c --file=keycloak-install-ha.cli
+</programlisting>
You may see exceptions in the server log, but after restarting the server they should be gone.
You can restart the server with:
<programlisting><WILDFLY_HOME>/bin/jboss-cli.sh -c :reload</programlisting>
@@ -75,7 +79,7 @@
<section>
<title>Install on existing JBoss EAP 6.4.0.GA</title>
<para>
- Same procedure as WildFly 9.0.1.Final, but download <literal>keycloak-overlay-eap6-&project.version;.zip</literal> or <literal>keycloak-overlay-eap6-&project.version;.tar.gz</literal>.
+ Same procedure as WildFly &wildfly.version;, but download <literal>keycloak-overlay-eap6-&project.version;.zip</literal> or <literal>keycloak-overlay-eap6-&project.version;.tar.gz</literal>.
</para>
</section>
<section>
@@ -85,7 +89,7 @@
To install it first download <literal>keycloak-demo-&project.version;.zip</literal> or
<literal>keycloak-demo-&project.version;.tar.gz</literal>. Once downloaded extract it inside
<literal>keycloak-demo-&project.version;</literal> you'll find <literal>keycloak</literal> which contains
- a full WildFly 9.0.0.Final server with Keycloak Server and Adapters included. You'll also find <literal>docs</literal>
+ a full WildFly &wildfly.version; server with Keycloak Server and Adapters included. You'll also find <literal>docs</literal>
and <literal>examples</literal> which contains everything you need to get started developing applications that use Keycloak.
</para>
<para>
@@ -437,12 +441,12 @@ All configuration options are optional. Default value for directory is <literal>
settings you can specify before boot time. This is configured in the
<literal>standalone/configuration/keycloak-server.json</literal>.
By default the setting is like this:
- <programlisting><![CDATA[
- "connectionsHttpClient": {
- "default": {
- "disable-trust-manager": true
- }
- },
+<programlisting><![CDATA[
+"connectionsHttpClient": {
+ "default": {
+ "disable-trust-manager": true
+ }
+},
]]></programlisting>
Possible configuration options are:
<variablelist>
@@ -659,25 +663,25 @@ All configuration options are optional. Default value for directory is <literal>
to do with the <literal>keytool</literal> utility that comes with the Java jdk.
</para>
<para>
- <programlisting>
- $ keytool -genkey -alias localhost -keyalg RSA -keystore keycloak.jks -validity 10950
- Enter keystore password: secret
- Re-enter new password: secret
- What is your first and last name?
- [Unknown]: localhost
- What is the name of your organizational unit?
- [Unknown]: Keycloak
- What is the name of your organization?
- [Unknown]: Red Hat
- What is the name of your City or Locality?
- [Unknown]: Westford
- What is the name of your State or Province?
- [Unknown]: MA
- What is the two-letter country code for this unit?
- [Unknown]: US
- Is CN=localhost, OU=Keycloak, O=Test, L=Westford, ST=MA, C=US correct?
- [no]: yes
- </programlisting>
+<programlisting>
+$ keytool -genkey -alias localhost -keyalg RSA -keystore keycloak.jks -validity 10950
+ Enter keystore password: secret
+ Re-enter new password: secret
+ What is your first and last name?
+ [Unknown]: localhost
+ What is the name of your organizational unit?
+ [Unknown]: Keycloak
+ What is the name of your organization?
+ [Unknown]: Red Hat
+ What is the name of your City or Locality?
+ [Unknown]: Westford
+ What is the name of your State or Province?
+ [Unknown]: MA
+ What is the two-letter country code for this unit?
+ [Unknown]: US
+ Is CN=localhost, OU=Keycloak, O=Test, L=Westford, ST=MA, C=US correct?
+ [no]: yes
+</programlisting>
</para>
<para>
You should answer <literal>What is your first and last name ?</literal> question with
@@ -693,44 +697,44 @@ All configuration options are optional. Default value for directory is <literal>
</para>
<para>
The first thing to do is generate a Certificate Request:
- <programlisting>
- $ keytool -certreq -alias yourdomain -keystore keycloak.jks > keycloak.careq
- </programlisting>
+<programlisting>
+$ keytool -certreq -alias yourdomain -keystore keycloak.jks > keycloak.careq
+</programlisting>
</para>
<para>
Where <literal>yourdomain</literal> is a DNS name for which this certificate is generated for.
Keytool generates the request:
- <programlisting>
- -----BEGIN NEW CERTIFICATE REQUEST-----
- MIIC2jCCAcICAQAwZTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1BMREwDwYDVQQHEwhXZXN0Zm9y
- ZDEQMA4GA1UEChMHUmVkIEhhdDEQMA4GA1UECxMHUmVkIEhhdDESMBAGA1UEAxMJbG9jYWxob3N0
- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7kck2TaavlEOGbcpi9c0rncY4HhdzmY
- Ax2nZfq1eZEaIPqI5aTxwQZzzLDK9qbeAd8Ji79HzSqnRDxNYaZu7mAYhFKHgixsolE3o5Yfzbw1
- 29Rvy+eUVe+WZxv5oo9wolVVpdSINIMEL2LaFhtX/c1dqiqYVpfnvFshZQaIg2nL8juzZcBjj4as
- H98gIS7khql/dkZKsw9NLvyxgJvp7PaXurX29fNf3ihG+oFrL22oFyV54BWWxXCKU/GPn61EGZGw
- Ft2qSIGLdctpMD1aJR2bcnlhEjZKDksjQZoQ5YMXaAGkcYkG6QkgrocDE2YXDbi7GIdf9MegVJ35
- 2DQMpwIDAQABoDAwLgYJKoZIhvcNAQkOMSEwHzAdBgNVHQ4EFgQUQwlZJBA+fjiDdiVzaO9vrE/i
- n2swDQYJKoZIhvcNAQELBQADggEBAC5FRvMkhal3q86tHPBYWBuTtmcSjs4qUm6V6f63frhveWHf
- PzRrI1xH272XUIeBk0gtzWo0nNZnf0mMCtUBbHhhDcG82xolikfqibZijoQZCiGiedVjHJFtniDQ
- 9bMDUOXEMQ7gHZg5q6mJfNG9MbMpQaUVEEFvfGEQQxbiFK7hRWU8S23/d80e8nExgQxdJWJ6vd0X
- MzzFK6j4Dj55bJVuM7GFmfdNC52pNOD5vYe47Aqh8oajHX9XTycVtPXl45rrWAH33ftbrS8SrZ2S
- vqIFQeuLL3BaHwpl3t7j2lMWcK1p80laAxEASib/fAwrRHpLHBXRcq6uALUOZl4Alt8=
- -----END NEW CERTIFICATE REQUEST-----
- </programlisting>
+<programlisting>
+-----BEGIN NEW CERTIFICATE REQUEST-----
+MIIC2jCCAcICAQAwZTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1BMREwDwYDVQQHEwhXZXN0Zm9y
+ZDEQMA4GA1UEChMHUmVkIEhhdDEQMA4GA1UECxMHUmVkIEhhdDESMBAGA1UEAxMJbG9jYWxob3N0
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7kck2TaavlEOGbcpi9c0rncY4HhdzmY
+Ax2nZfq1eZEaIPqI5aTxwQZzzLDK9qbeAd8Ji79HzSqnRDxNYaZu7mAYhFKHgixsolE3o5Yfzbw1
+29Rvy+eUVe+WZxv5oo9wolVVpdSINIMEL2LaFhtX/c1dqiqYVpfnvFshZQaIg2nL8juzZcBjj4as
+H98gIS7khql/dkZKsw9NLvyxgJvp7PaXurX29fNf3ihG+oFrL22oFyV54BWWxXCKU/GPn61EGZGw
+Ft2qSIGLdctpMD1aJR2bcnlhEjZKDksjQZoQ5YMXaAGkcYkG6QkgrocDE2YXDbi7GIdf9MegVJ35
+2DQMpwIDAQABoDAwLgYJKoZIhvcNAQkOMSEwHzAdBgNVHQ4EFgQUQwlZJBA+fjiDdiVzaO9vrE/i
+n2swDQYJKoZIhvcNAQELBQADggEBAC5FRvMkhal3q86tHPBYWBuTtmcSjs4qUm6V6f63frhveWHf
+PzRrI1xH272XUIeBk0gtzWo0nNZnf0mMCtUBbHhhDcG82xolikfqibZijoQZCiGiedVjHJFtniDQ
+9bMDUOXEMQ7gHZg5q6mJfNG9MbMpQaUVEEFvfGEQQxbiFK7hRWU8S23/d80e8nExgQxdJWJ6vd0X
+MzzFK6j4Dj55bJVuM7GFmfdNC52pNOD5vYe47Aqh8oajHX9XTycVtPXl45rrWAH33ftbrS8SrZ2S
+vqIFQeuLL3BaHwpl3t7j2lMWcK1p80laAxEASib/fAwrRHpLHBXRcq6uALUOZl4Alt8=
+-----END NEW CERTIFICATE REQUEST-----
+</programlisting>
</para>
<para>
Send this ca request to your CA. The CA will issue you a signed certificate and send it to you.
Before you import your new cert, you must obtain and import the root certificate of the CA.
You can download the cert from CA (ie.: root.crt) and import as follows:
- <programlisting>
- $ keytool -import -keystore keycloak.jks -file root.crt -alias root
- </programlisting>
+<programlisting>
+$ keytool -import -keystore keycloak.jks -file root.crt -alias root
+</programlisting>
</para>
<para>
Last step is import your new CA generated certificate to your keystore:
- <programlisting>
- $ keytool -import -alias yourdomain -keystore keycloak.jks -file your-certificate.cer
- </programlisting>
+<programlisting>
+$ keytool -import -alias yourdomain -keystore keycloak.jks -file your-certificate.cer
+</programlisting>
</para>
</section>
</section>
@@ -744,18 +748,19 @@ All configuration options are optional. Default value for directory is <literal>
</para>
<para>
To the <literal>security-realms</literal> element add:
- <programlisting><![CDATA[<security-realm name="UndertowRealm">
- <server-identities>
- <ssl>
- <keystore path="keycloak.jks" relative-to="jboss.server.config.dir" keystore-password="secret" />
- </ssl>
- </server-identities>
- </security-realm>]]></programlisting>
+<programlisting><![CDATA[
+<security-realm name="UndertowRealm">
+ <server-identities>
+ <ssl>
+ <keystore path="keycloak.jks" relative-to="jboss.server.config.dir" keystore-password="secret" />
+ </ssl>
+ </server-identities>
+</security-realm>
+]]></programlisting>
</para>
<para>
Find the element <literal><server name="default-server"></literal> (it's a child element of <literal><subsystem xmlns="urn:jboss:domain:undertow:1.0"></literal>) and add:
- <programlisting><![CDATA[<https-listener name="https" socket-binding="https" security-realm="UndertowRealm"/>
- ]]></programlisting>
+ <programlisting><![CDATA[<https-listener name="https" socket-binding="https" security-realm="UndertowRealm"/>]]></programlisting>
</para>
<para>
Check the <ulink url="https://docs.jboss.org/author/display/WFLY8/Undertow+(web)+subsystem+configuration">Wildfly Undertow</ulink> documentation for more information on fine tuning the socket connections.
@@ -865,12 +870,12 @@ All configuration options are optional. Default value for directory is <literal>
</para>
<para>
To do this, add the <literal>default-web-module</literal> attribute in the Undertow subystem in standalone.xml.
- <programlisting><![CDATA[
+<programlisting><![CDATA[
<subsystem xmlns="urn:jboss:domain:undertow:2.0">
- <server name="default-server">
- <host name="default-host" alias="localhost" default-web-module="keycloak-server.war">
- <location name="/" handler="welcome-content"/>
- </host>
+ <server name="default-server">
+ <host name="default-host" alias="localhost" default-web-module="keycloak-server.war">
+ <location name="/" handler="welcome-content"/>
+ </host>
]]></programlisting>
</para>
<para>
pom.xml 4(+2 -2)
diff --git a/pom.xml b/pom.xml
index 12a346e..85409fe 100755
--- a/pom.xml
+++ b/pom.xml
@@ -48,8 +48,8 @@
<dom4j.version>1.6.1</dom4j.version>
<xml-apis.version>1.4.01</xml-apis.version>
<slf4j.version>1.7.7</slf4j.version>
- <wildfly.version>9.0.1.Final</wildfly.version>
- <wildfly.core.version>1.0.1.Final</wildfly.core.version>
+ <wildfly.version>9.0.2.Final</wildfly.version>
+ <wildfly.core.version>1.0.2.Final</wildfly.core.version>
<wildfly.build-tools.version>1.0.0.Final</wildfly.build-tools.version>
<!-- this is EAP 6.4 alpha, publicly available -->