KEYCLOAK-18466 Configure HTTP client timeouts for adapters - change property names
This commit is contained in:
Martin Bartoš
Hynek Mlnařík
parent
464475caa0
commit
06077dc4ea
21 changed files with 234 additions and 60 deletions
|
|
@ -3,6 +3,6 @@
|
|||
"resource": "customer-portal",
|
||||
"auth-server-url": "https://localhost:8443/auth",
|
||||
"public-client": true,
|
||||
"socket-timeout": 2000,
|
||||
"connection-timeout": 6000
|
||||
"socket-timeout-millis": 2000,
|
||||
"connection-timeout-millis": 6000
|
||||
}
|
||||
|
|
@ -83,20 +83,20 @@ class SharedAttributeDefinitons {
|
|||
.setValidator(new IntRangeValidator(0, true))
|
||||
.build();
|
||||
protected static final SimpleAttributeDefinition SOCKET_TIMEOUT =
|
||||
new SimpleAttributeDefinitionBuilder("socket-timeout", ModelType.LONG, true)
|
||||
.setXmlName("socket-timeout")
|
||||
new SimpleAttributeDefinitionBuilder("socket-timeout-millis", ModelType.LONG, true)
|
||||
.setXmlName("socket-timeout-millis")
|
||||
.setAllowExpression(true)
|
||||
.setValidator(new LongRangeValidator(-1L, true))
|
||||
.build();
|
||||
protected static final SimpleAttributeDefinition CONNECTION_TTL =
|
||||
new SimpleAttributeDefinitionBuilder("connection-ttl", ModelType.LONG, true)
|
||||
.setXmlName("connection-ttl")
|
||||
new SimpleAttributeDefinitionBuilder("connection-ttl-millis", ModelType.LONG, true)
|
||||
.setXmlName("connection-ttl-millis")
|
||||
.setAllowExpression(true)
|
||||
.setValidator(new LongRangeValidator(-1L, true))
|
||||
.build();
|
||||
protected static final SimpleAttributeDefinition CONNECTION_TIMEOUT =
|
||||
new SimpleAttributeDefinitionBuilder("connection-timeout", ModelType.LONG, true)
|
||||
.setXmlName("connection-timeout")
|
||||
new SimpleAttributeDefinitionBuilder("connection-timeout-millis", ModelType.LONG, true)
|
||||
.setXmlName("connection-timeout-millis")
|
||||
.setAllowExpression(true)
|
||||
.setValidator(new LongRangeValidator(-1L, true))
|
||||
.build();
|
||||
|
|
|
|||
135
adapters/oidc/as7-eap6/as7-subsystem/src/main/resources/schema/keycloak_1_2.xsd
Executable file
135
adapters/oidc/as7-eap6/as7-subsystem/src/main/resources/schema/keycloak_1_2.xsd
Executable file
|
|
@ -0,0 +1,135 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"
|
||||
targetNamespace="urn:jboss:domain:keycloak:1.2"
|
||||
xmlns="urn:jboss:domain:keycloak:1.2"
|
||||
elementFormDefault="qualified"
|
||||
attributeFormDefault="unqualified"
|
||||
version="1.0">
|
||||
|
||||
<!-- The subsystem root element -->
|
||||
<xs:element name="subsystem" type="subsystem-type"/>
|
||||
|
||||
<xs:complexType name="subsystem-type">
|
||||
<xs:annotation>
|
||||
<xs:documentation>
|
||||
<![CDATA[
|
||||
The Keycloak adapter subsystem, used to register deployments managed by Keycloak
|
||||
]]>
|
||||
</xs:documentation>
|
||||
</xs:annotation>
|
||||
<xs:choice minOccurs="0" maxOccurs="unbounded">
|
||||
<xs:element name="realm" maxOccurs="unbounded" minOccurs="0" type="realm-type"/>
|
||||
<xs:element name="secure-deployment" maxOccurs="unbounded" minOccurs="0" type="secure-deployment-type"/>
|
||||
</xs:choice>
|
||||
</xs:complexType>
|
||||
|
||||
<xs:complexType name="realm-type">
|
||||
<xs:all>
|
||||
<xs:element name="cors-allowed-headers" type="xs:string" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="client-keystore-password" type="xs:string" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="client-keystore" type="xs:string" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="truststore" type="xs:string" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="truststore-password" type="xs:string" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="enable-cors" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="allow-any-hostname" type="xs:boolean" minOccurs="0" maxOccurs="1" />
|
||||
<xs:element name="client-key-password" type="xs:string" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="connection-pool-size" type="xs:integer" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="socket-timeout-millis" type="xs:long" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="connection-ttl-millis" type="xs:long" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="connection-timeout-millis" type="xs:long" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="cors-max-age" type="xs:integer" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="auth-server-url" type="xs:string" minOccurs="1" maxOccurs="1"/>
|
||||
<xs:element name="expose-token" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="disable-trust-manager" type="xs:boolean" minOccurs="0" maxOccurs="1" />
|
||||
<xs:element name="ssl-required" type="xs:string" minOccurs="0" maxOccurs="1" />
|
||||
<xs:element name="cors-allowed-methods" type="xs:string" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="realm-public-key" type="xs:string" minOccurs="1" maxOccurs="1"/>
|
||||
<xs:element name="auth-server-url-for-backend-requests" type="xs:string" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="always-refresh-token" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="register-node-at-startup" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="register-node-period" type="xs:integer" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="token-store" type="xs:string" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="principal-attribute" type="xs:string" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="proxy-url" type="xs:string" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="verify-token-audience" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
|
||||
</xs:all>
|
||||
<xs:attribute name="name" type="xs:string" use="required">
|
||||
<xs:annotation>
|
||||
<xs:documentation>The name of the realm.</xs:documentation>
|
||||
</xs:annotation>
|
||||
</xs:attribute>
|
||||
</xs:complexType>
|
||||
|
||||
<xs:complexType name="secure-deployment-type">
|
||||
<xs:all>
|
||||
<xs:element name="client-keystore-password" type="xs:string" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="client-keystore" type="xs:string" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="enable-cors" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="allow-any-hostname" type="xs:boolean" minOccurs="0" maxOccurs="1" />
|
||||
<xs:element name="use-resource-role-mappings" type="xs:boolean" minOccurs="0" maxOccurs="1" />
|
||||
<xs:element name="cors-max-age" type="xs:integer" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="auth-server-url" type="xs:string" minOccurs="1" maxOccurs="1"/>
|
||||
<xs:element name="realm" type="xs:string" minOccurs="1" maxOccurs="1"/>
|
||||
<xs:element name="disable-trust-manager" type="xs:boolean" minOccurs="0" maxOccurs="1" />
|
||||
<xs:element name="cors-allowed-methods" type="xs:string" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="bearer-only" type="xs:boolean" minOccurs="0" maxOccurs="1" />
|
||||
<xs:element name="cors-allowed-headers" type="xs:string" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="resource" type="xs:string" minOccurs="0" maxOccurs="1" />
|
||||
<xs:element name="truststore" type="xs:string" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="truststore-password" type="xs:string" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="client-key-password" type="xs:string" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="public-client" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="connection-pool-size" type="xs:integer" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="socket-timeout-millis" type="xs:long" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="connection-ttl-millis" type="xs:long" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="connection-timeout-millis" type="xs:long" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="expose-token" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="ssl-required" type="xs:string" minOccurs="0" maxOccurs="1" />
|
||||
<xs:element name="realm-public-key" type="xs:string" minOccurs="1" maxOccurs="1"/>
|
||||
<xs:element name="credential" type="credential-type" minOccurs="1" maxOccurs="1"/>
|
||||
<xs:element name="auth-server-url-for-backend-requests" type="xs:string" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="always-refresh-token" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="register-node-at-startup" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="register-node-period" type="xs:integer" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="token-store" type="xs:string" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="principal-attribute" type="xs:string" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="enable-basic-auth" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="turn-off-change-session-id-on-login" type="xs:boolean" minOccurs="0" maxOccurs="1" />
|
||||
<xs:element name="token-minimum-time-to-live" type="xs:integer" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="min-time-between-jwks-requests" type="xs:integer" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="public-key-cache-ttl" type="xs:integer" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="proxy-url" type="xs:string" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="verify-token-audience" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
|
||||
</xs:all>
|
||||
<xs:attribute name="name" type="xs:string" use="required">
|
||||
<xs:annotation>
|
||||
<xs:documentation>The name of the realm.</xs:documentation>
|
||||
</xs:annotation>
|
||||
</xs:attribute>
|
||||
</xs:complexType>
|
||||
|
||||
<xs:complexType name="credential-type" mixed="true">
|
||||
<xs:sequence maxOccurs="unbounded" minOccurs="0">
|
||||
<xs:any processContents="lax"></xs:any>
|
||||
</xs:sequence>
|
||||
<xs:attribute name="name" type="xs:string" use="required" />
|
||||
</xs:complexType>
|
||||
</xs:schema>
|
||||
|
|
@ -83,20 +83,20 @@ public class SharedAttributeDefinitons {
|
|||
.setValidator(new IntRangeValidator(0, true))
|
||||
.build();
|
||||
protected static final SimpleAttributeDefinition SOCKET_TIMEOUT =
|
||||
new SimpleAttributeDefinitionBuilder("socket-timeout", ModelType.LONG, true)
|
||||
.setXmlName("socket-timeout")
|
||||
new SimpleAttributeDefinitionBuilder("socket-timeout-millis", ModelType.LONG, true)
|
||||
.setXmlName("socket-timeout-millis")
|
||||
.setAllowExpression(true)
|
||||
.setValidator(new LongRangeValidator(-1L, true))
|
||||
.build();
|
||||
protected static final SimpleAttributeDefinition CONNECTION_TTL =
|
||||
new SimpleAttributeDefinitionBuilder("connection-ttl", ModelType.LONG, true)
|
||||
.setXmlName("connection-ttl")
|
||||
new SimpleAttributeDefinitionBuilder("connection-ttl-millis", ModelType.LONG, true)
|
||||
.setXmlName("connection-ttl-millis")
|
||||
.setAllowExpression(true)
|
||||
.setValidator(new LongRangeValidator(-1L, true))
|
||||
.build();
|
||||
protected static final SimpleAttributeDefinition CONNECTION_TIMEOUT =
|
||||
new SimpleAttributeDefinitionBuilder("connection-timeout", ModelType.LONG, true)
|
||||
.setXmlName("connection-timeout")
|
||||
new SimpleAttributeDefinitionBuilder("connection-timeout-millis", ModelType.LONG, true)
|
||||
.setXmlName("connection-timeout-millis")
|
||||
.setAllowExpression(true)
|
||||
.setValidator(new LongRangeValidator(-1L, true))
|
||||
.build();
|
||||
|
|
|
|||
|
|
@ -35,9 +35,9 @@ keycloak.realm.allow-any-hostname=SSL Setting
|
|||
keycloak.realm.truststore=Truststore used for adapter client HTTPS requests
|
||||
keycloak.realm.truststore-password=Password of the Truststore
|
||||
keycloak.realm.connection-pool-size=Connection pool size for the client used by the adapter
|
||||
keycloak.realm.socket-timeout=Timeout for socket waiting for data in milliseconds
|
||||
keycloak.realm.connection-ttl=Connection time to live in milliseconds
|
||||
keycloak.realm.connection-timeout=Timeout for establishing the connection with the remote host in milliseconds
|
||||
keycloak.realm.socket-timeout-millis=Timeout for socket waiting for data in milliseconds
|
||||
keycloak.realm.connection-ttl-millis=Connection time to live in milliseconds
|
||||
keycloak.realm.connection-timeout-millis=Timeout for establishing the connection with the remote host in milliseconds
|
||||
keycloak.realm.enable-cors=Enable Keycloak CORS support
|
||||
keycloak.realm.client-keystore=n/a
|
||||
keycloak.realm.client-keystore-password=n/a
|
||||
|
|
@ -71,9 +71,9 @@ keycloak.secure-deployment.allow-any-hostname=SSL Setting
|
|||
keycloak.secure-deployment.truststore=Truststore used for adapter client HTTPS requests
|
||||
keycloak.secure-deployment.truststore-password=Password of the Truststore
|
||||
keycloak.secure-deployment.connection-pool-size=Connection pool size for the client used by the adapter
|
||||
keycloak.secure-deployment.socket-timeout=Timeout for socket waiting for data in milliseconds
|
||||
keycloak.secure-deployment.connection-ttl=Connection time to live in milliseconds
|
||||
keycloak.secure-deployment.connection-timeout=Timeout for establishing the connection with the remote host in milliseconds
|
||||
keycloak.secure-deployment.socket-timeout-millis=Timeout for socket waiting for data in milliseconds
|
||||
keycloak.secure-deployment.connection-ttl-millis=Connection time to live in milliseconds
|
||||
keycloak.secure-deployment.connection-timeout-millis=Timeout for establishing the connection with the remote host in milliseconds
|
||||
keycloak.secure-deployment.resource=Application name
|
||||
keycloak.secure-deployment.use-resource-role-mappings=Use resource level permissions from token
|
||||
keycloak.secure-deployment.credentials=Adapter credentials
|
||||
|
|
@ -119,9 +119,9 @@ keycloak.secure-server.allow-any-hostname=SSL Setting
|
|||
keycloak.secure-server.truststore=Truststore used for adapter client HTTPS requests
|
||||
keycloak.secure-server.truststore-password=Password of the Truststore
|
||||
keycloak.secure-server.connection-pool-size=Connection pool size for the client used by the adapter
|
||||
keycloak.secure-server.socket-timeout=Timeout for socket waiting for data in milliseconds
|
||||
keycloak.secure-server.connection-ttl=Connection time to live in milliseconds
|
||||
keycloak.secure-server.connection-timeout=Timeout for establishing the connection with the remote host in milliseconds
|
||||
keycloak.secure-server.socket-timeout-millis=Timeout for socket waiting for data in milliseconds
|
||||
keycloak.secure-server.connection-ttl-millis=Connection time to live in milliseconds
|
||||
keycloak.secure-server.connection-timeout-millis=Timeout for establishing the connection with the remote host in milliseconds
|
||||
keycloak.secure-server.resource=Application name
|
||||
keycloak.secure-server.use-resource-role-mappings=Use resource level permissions from token
|
||||
keycloak.secure-server.credentials=Adapter credentials
|
||||
|
|
|
|||
|
|
@ -53,9 +53,9 @@
|
|||
<xs:element name="allow-any-hostname" type="xs:boolean" minOccurs="0" maxOccurs="1" />
|
||||
<xs:element name="client-key-password" type="xs:string" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="connection-pool-size" type="xs:integer" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="socket-timeout" type="xs:long" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="connection-ttl" type="xs:long" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="connection-timeout" type="xs:long" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="socket-timeout-millis" type="xs:long" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="connection-ttl-millis" type="xs:long" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="connection-timeout-millis" type="xs:long" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="cors-max-age" type="xs:integer" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="auth-server-url" type="xs:string" minOccurs="1" maxOccurs="1"/>
|
||||
<xs:element name="expose-token" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
|
||||
|
|
@ -104,9 +104,9 @@
|
|||
<xs:element name="client-key-password" type="xs:string" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="public-client" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="connection-pool-size" type="xs:integer" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="socket-timeout" type="xs:long" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="connection-ttl" type="xs:long" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="connection-timeout" type="xs:long" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="socket-timeout-millis" type="xs:long" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="connection-ttl-millis" type="xs:long" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="connection-timeout-millis" type="xs:long" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="expose-token" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
|
||||
<xs:element name="ssl-required" type="xs:string" minOccurs="0" maxOccurs="1" />
|
||||
<xs:element name="confidential-port" type="xs:integer" minOccurs="0" maxOccurs="1" />
|
||||
|
|
|
|||
|
|
@ -16,6 +16,7 @@
|
|||
*/
|
||||
package org.keycloak.subsystem.adapter.extension;
|
||||
|
||||
import org.hamcrest.CoreMatchers;
|
||||
import org.jboss.as.controller.PathAddress;
|
||||
import org.jboss.as.controller.PathElement;
|
||||
import org.jboss.as.controller.descriptions.ModelDescriptionConstants;
|
||||
|
|
@ -30,6 +31,8 @@ import java.io.ByteArrayInputStream;
|
|||
import java.io.IOException;
|
||||
import java.util.Map;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
|
||||
|
||||
/**
|
||||
* Tests all management expects for subsystem, parsing, marshaling, model definition and other
|
||||
|
|
@ -147,6 +150,42 @@ public class SubsystemParsingTestCase extends AbstractSubsystemBaseTest {
|
|||
Assert.assertEquals("api/$1", entry.getValue());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testJsonHttpClientAttributes() {
|
||||
KeycloakAdapterConfigService service = KeycloakAdapterConfigService.getInstance();
|
||||
|
||||
// add a secure deployment
|
||||
PathAddress addr = PathAddress.pathAddress(PathElement.pathElement("subsystem", "keycloak"), PathElement.pathElement("secure-deployment", "foo"));
|
||||
ModelNode deploymentOp = new ModelNode();
|
||||
deploymentOp.get(ModelDescriptionConstants.OP_ADDR).set(addr.toModelNode());
|
||||
|
||||
ModelNode deployment = new ModelNode();
|
||||
deployment.get("realm").set("demo");
|
||||
deployment.get("resource").set("customer-portal");
|
||||
|
||||
deployment.get(SharedAttributeDefinitons.SOCKET_TIMEOUT.getName()).set(3000L);
|
||||
deployment.get(SharedAttributeDefinitons.CONNECTION_TIMEOUT.getName()).set(5000L);
|
||||
deployment.get(SharedAttributeDefinitons.CONNECTION_TTL.getName()).set(1000L);
|
||||
|
||||
service.addSecureDeployment(deploymentOp, deployment, false);
|
||||
|
||||
// get the subsystem config as JSON
|
||||
String jsonConfig = service.getJSON("foo");
|
||||
|
||||
// attempt to create an adapter config instance from the subsystem JSON config
|
||||
AdapterConfig config = KeycloakDeploymentBuilder.loadAdapterConfig(new ByteArrayInputStream(jsonConfig.getBytes()));
|
||||
assertThat(config, CoreMatchers.notNullValue());
|
||||
|
||||
assertThat(config.getSocketTimeout(), CoreMatchers.notNullValue());
|
||||
assertThat(config.getSocketTimeout(), CoreMatchers.is(3000L));
|
||||
|
||||
assertThat(config.getConnectionTimeout(), CoreMatchers.notNullValue());
|
||||
assertThat(config.getConnectionTimeout(), CoreMatchers.is(5000L));
|
||||
|
||||
assertThat(config.getConnectionTTL(), CoreMatchers.notNullValue());
|
||||
assertThat(config.getConnectionTTL(), CoreMatchers.is(1000L));
|
||||
}
|
||||
|
||||
private void addRedirectRewriteRule(PathAddress parent, KeycloakAdapterConfigService service, String key, String value) {
|
||||
PathAddress redirectRewriteAddr = PathAddress.pathAddress(parent, PathElement.pathElement("redirect-rewrite-rule", key));
|
||||
ModelNode redirectRewriteOp = new ModelNode();
|
||||
|
|
|
|||
|
|
@ -26,9 +26,9 @@
|
|||
<allow-any-hostname>false</allow-any-hostname>
|
||||
<disable-trust-manager>true</disable-trust-manager>
|
||||
<connection-pool-size>20</connection-pool-size>
|
||||
<socket-timeout>2000</socket-timeout>
|
||||
<connection-ttl>5000</connection-ttl>
|
||||
<connection-timeout>3000</connection-timeout>
|
||||
<socket-timeout-millis>2000</socket-timeout-millis>
|
||||
<connection-ttl-millis>5000</connection-ttl-millis>
|
||||
<connection-timeout-millis>3000</connection-timeout-millis>
|
||||
<enable-cors>true</enable-cors>
|
||||
<client-keystore>keys.jks</client-keystore>
|
||||
<client-keystore-password>secret</client-keystore-password>
|
||||
|
|
@ -88,9 +88,9 @@
|
|||
<resource>wildfly-management</resource>
|
||||
<bearer-only>true</bearer-only>
|
||||
<ssl-required>EXTERNAL</ssl-required>
|
||||
<socket-timeout>10000</socket-timeout>
|
||||
<connection-ttl>40000</connection-ttl>
|
||||
<connection-timeout>50000</connection-timeout>
|
||||
<socket-timeout-millis>10000</socket-timeout-millis>
|
||||
<connection-ttl-millis>40000</connection-ttl-millis>
|
||||
<connection-timeout-millis>50000</connection-timeout-millis>
|
||||
<principal-attribute>preferred_username</principal-attribute>
|
||||
</secure-deployment>
|
||||
<secure-server name="wildfly-console">
|
||||
|
|
|
|||
|
|
@ -93,7 +93,7 @@ public class Constants {
|
|||
static final String TRUSTSTORE_PASSWORD = "truststorePassword";
|
||||
static final String SOCKET_TIMEOUT = "socketTimeout";
|
||||
static final String CONNECTION_TIMEOUT = "connectionTimeout";
|
||||
static final String CONNECTION_TTL = "connectionTTL";
|
||||
static final String CONNECTION_TTL = "connectionTtl";
|
||||
}
|
||||
|
||||
static class XML {
|
||||
|
|
@ -175,6 +175,6 @@ public class Constants {
|
|||
static final String TRUSTSTORE_PASSWORD = "truststorePassword";
|
||||
static final String SOCKET_TIMEOUT = "socketTimeout";
|
||||
static final String CONNECTION_TIMEOUT = "connectionTimeout";
|
||||
static final String CONNECTION_TTL = "connectionTTL";
|
||||
static final String CONNECTION_TTL = "connectionTtl";
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -100,6 +100,6 @@ keycloak-saml.IDP.HttpClient.disableTrustManager=Define if SSL certificate valid
|
|||
keycloak-saml.IDP.HttpClient.proxyUrl=URL to the HTTP proxy, if applicable
|
||||
keycloak-saml.IDP.HttpClient.truststore=Path to the truststore used to validate the IDP certificates
|
||||
keycloak-saml.IDP.HttpClient.truststorePassword=The truststore password
|
||||
keycloak-saml.IDP.HttpClient.socketTimeout=Timeout for socket waiting for data
|
||||
keycloak-saml.IDP.HttpClient.connectionTimeout=Timeout for establishing the connection with the remote host
|
||||
keycloak-saml.IDP.HttpClient.connectionTTL=The connection time to live
|
||||
keycloak-saml.IDP.HttpClient.socketTimeout=Timeout for socket waiting for data in milliseconds
|
||||
keycloak-saml.IDP.HttpClient.connectionTimeout=Timeout for establishing the connection with the remote host in milliseconds
|
||||
keycloak-saml.IDP.HttpClient.connectionTtl=The connection time to live in milliseconds
|
||||
|
|
@ -552,9 +552,9 @@
|
|||
<xs:documentation>Defines timeout for establishing the connection with the remote host in milliseconds.</xs:documentation>
|
||||
</xs:annotation>
|
||||
</xs:attribute>
|
||||
<xs:attribute name="connectionTTL" type="xs:long" default="-1">
|
||||
<xs:attribute name="connectionTtl" type="xs:long" default="-1">
|
||||
<xs:annotation>
|
||||
<xs:documentation>Defines the connection time to live.</xs:documentation>
|
||||
<xs:documentation>Defines the connection time to live in milliseconds.</xs:documentation>
|
||||
</xs:annotation>
|
||||
</xs:attribute>
|
||||
</xs:complexType>
|
||||
|
|
|
|||
|
|
@ -84,7 +84,7 @@
|
|||
truststore="/tmp/truststore.jks"
|
||||
truststorePassword="trustpwd#*"
|
||||
socketTimeout="6000"
|
||||
connectionTTL="500"
|
||||
connectionTtl="500"
|
||||
connectionTimeout="1000"
|
||||
/>
|
||||
</IDP>
|
||||
|
|
|
|||
|
|
@ -93,7 +93,7 @@ public enum KeycloakSamlAdapterV1QNames implements HasQName {
|
|||
ATTR_KEEP_DOM_ASSERTION(null, "keepDOMAssertion"),
|
||||
ATTR_SOCKET_TIMEOUT(null, "socketTimeout"),
|
||||
ATTR_CONNECTION_TIMEOUT(null, "connectionTimeout"),
|
||||
ATTR_CONNECTION_TTL(null, "connectionTTL"),
|
||||
ATTR_CONNECTION_TTL(null, "connectionTtl"),
|
||||
|
||||
UNKNOWN_ELEMENT("");
|
||||
|
||||
|
|
|
|||
|
|
@ -524,9 +524,9 @@
|
|||
<xs:documentation>Defines timeout for establishing the connection with the remote host in milliseconds.</xs:documentation>
|
||||
</xs:annotation>
|
||||
</xs:attribute>
|
||||
<xs:attribute name="connectionTTL" type="xs:long" default="-1">
|
||||
<xs:attribute name="connectionTtl" type="xs:long" default="-1">
|
||||
<xs:annotation>
|
||||
<xs:documentation>Defines the connection time to live.</xs:documentation>
|
||||
<xs:documentation>Defines the connection time to live in milliseconds.</xs:documentation>
|
||||
</xs:annotation>
|
||||
</xs:attribute>
|
||||
</xs:complexType>
|
||||
|
|
|
|||
|
|
@ -79,7 +79,7 @@
|
|||
truststore="ts" truststorePassword="tsp"
|
||||
socketTimeout="6000"
|
||||
connectionTimeout="7000"
|
||||
connectionTTL="200"
|
||||
connectionTtl="200"
|
||||
/>
|
||||
</IDP>
|
||||
</SP>
|
||||
|
|
|
|||
|
|
@ -95,7 +95,7 @@ public class Constants {
|
|||
static final String TRUSTSTORE_PASSWORD = "truststorePassword";
|
||||
static final String SOCKET_TIMEOUT = "socketTimeout";
|
||||
static final String CONNECTION_TIMEOUT = "connectionTimeout";
|
||||
static final String CONNECTION_TTL = "connectionTTL";
|
||||
static final String CONNECTION_TTL = "connectionTtl";
|
||||
}
|
||||
|
||||
static class XML {
|
||||
|
|
@ -177,7 +177,7 @@ public class Constants {
|
|||
static final String TRUSTSTORE_PASSWORD = "truststorePassword";
|
||||
static final String SOCKET_TIMEOUT = "socketTimeout";
|
||||
static final String CONNECTION_TIMEOUT = "connectionTimeout";
|
||||
static final String CONNECTION_TTL = "connectionTTL";
|
||||
static final String CONNECTION_TTL = "connectionTtl";
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -101,4 +101,4 @@ keycloak-saml.IDP.HttpClient.truststore=Path to the truststore used to validate
|
|||
keycloak-saml.IDP.HttpClient.truststorePassword=The truststore password
|
||||
keycloak-saml.IDP.HttpClient.socketTimeout=Timeout for socket waiting for data in milliseconds
|
||||
keycloak-saml.IDP.HttpClient.connectionTimeout=Timeout for establishing the connection with the remote host in milliseconds
|
||||
keycloak-saml.IDP.HttpClient.connectionTTL=The connection time to live
|
||||
keycloak-saml.IDP.HttpClient.connectionTtl=The connection time to live in milliseconds
|
||||
|
|
@ -552,9 +552,9 @@
|
|||
<xs:documentation>Defines timeout for establishing the connection with the remote host in milliseconds.</xs:documentation>
|
||||
</xs:annotation>
|
||||
</xs:attribute>
|
||||
<xs:attribute name="connectionTTL" type="xs:long" default="-1">
|
||||
<xs:attribute name="connectionTtl" type="xs:long" default="-1">
|
||||
<xs:annotation>
|
||||
<xs:documentation>Defines the connection time to live.</xs:documentation>
|
||||
<xs:documentation>Defines the connection time to live in milliseconds.</xs:documentation>
|
||||
</xs:annotation>
|
||||
</xs:attribute>
|
||||
</xs:complexType>
|
||||
|
|
|
|||
|
|
@ -84,7 +84,7 @@
|
|||
truststore="/tmp/truststore.jks"
|
||||
truststorePassword="trustpwd#*"
|
||||
socketTimeout="6000"
|
||||
connectionTTL="130"
|
||||
connectionTtl="130"
|
||||
connectionTimeout="7000"
|
||||
/>
|
||||
</IDP>
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ import com.fasterxml.jackson.annotation.JsonPropertyOrder;
|
|||
"use-resource-role-mappings",
|
||||
"enable-cors", "cors-max-age", "cors-allowed-methods", "cors-exposed-headers",
|
||||
"expose-token", "bearer-only", "autodetect-bearer-only",
|
||||
"connection-pool-size", "socket-timeout", "connection-ttl", "connection-timeout",
|
||||
"connection-pool-size", "socket-timeout-millis", "connection-ttl-millis", "connection-timeout-millis",
|
||||
"allow-any-hostname", "disable-trust-manager", "truststore", "truststore-password",
|
||||
"client-keystore", "client-keystore-password", "client-key-password",
|
||||
"always-refresh-token",
|
||||
|
|
@ -90,11 +90,11 @@ public class AdapterConfig extends BaseAdapterConfig implements AdapterHttpClien
|
|||
@JsonProperty("verify-token-audience")
|
||||
protected boolean verifyTokenAudience = false;
|
||||
|
||||
@JsonProperty("socket-timeout")
|
||||
@JsonProperty("socket-timeout-millis")
|
||||
protected long socketTimeout = -1L;
|
||||
@JsonProperty("connection-timeout")
|
||||
@JsonProperty("connection-timeout-millis")
|
||||
protected long connectionTimeout = -1L;
|
||||
@JsonProperty("connection-ttl")
|
||||
@JsonProperty("connection-ttl-millis")
|
||||
protected long connectionTTL = -1L;
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@
|
|||
"allow-any-hostname": "${allow.any.hostname}",
|
||||
"cors-max-age": 100,
|
||||
"connection-pool-size": "${con.pool.size}",
|
||||
"socket-timeout": "${socket.timeout.millis}",
|
||||
"connection-timeout": "${connection.timeout.millis}",
|
||||
"connection-ttl": "${connection.ttl.millis}"
|
||||
"socket-timeout-millis": "${socket.timeout.millis}",
|
||||
"connection-timeout-millis": "${connection.timeout.millis}",
|
||||
"connection-ttl-millis": "${connection.ttl.millis}"
|
||||
}
|
||||
Loading…
Reference in a new issue