KEYCLOAK-17502 Galleon based server build
This commit is contained in:
parent
6bb7a8894d
commit
1c8087baaf
124 changed files with 10439 additions and 600 deletions
|
@ -29,16 +29,6 @@
|
|||
<name>Keycloak Adapter Overlay Distribution</name>
|
||||
<description/>
|
||||
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>jboss</id>
|
||||
<url>https://repository.jboss.org/nexus/content/groups/public/</url>
|
||||
<snapshots>
|
||||
<enabled>false</enabled>
|
||||
</snapshots>
|
||||
</repository>
|
||||
</repositories>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
|
|
|
@ -32,6 +32,7 @@
|
|||
|
||||
<modules>
|
||||
<module>adapter-feature-pack</module>
|
||||
<module>server-feature-pack-dependencies</module>
|
||||
<module>server-feature-pack</module>
|
||||
</modules>
|
||||
</project>
|
||||
|
|
|
@ -0,0 +1,417 @@
|
|||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
|
||||
<parent>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>feature-packs-parent</artifactId>
|
||||
<version>14.0.0-SNAPSHOT</version>
|
||||
<relativePath>../pom.xml</relativePath>
|
||||
</parent>
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
|
||||
<artifactId>keycloak-server-feature-pack-dependencies</artifactId>
|
||||
|
||||
<name>Keycloak Feature Pack: Server Dependencies</name>
|
||||
<packaging>pom</packaging>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>com.github.ua-parser</groupId>
|
||||
<artifactId>uap-java</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.google.zxing</groupId>
|
||||
<artifactId>core</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.google.zxing</groupId>
|
||||
<artifactId>javase</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.googlecode.owasp-java-html-sanitizer</groupId>
|
||||
<artifactId>owasp-java-html-sanitizer</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.freemarker</groupId>
|
||||
<artifactId>freemarker</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.infinispan</groupId>
|
||||
<artifactId>infinispan-jboss-marshalling</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.jboss.marshalling</groupId>
|
||||
<artifactId>jboss-marshalling</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.jboss.marshalling</groupId>
|
||||
<artifactId>jboss-marshalling-river</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-authz-policy-common</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-common</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-core</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-js-adapter</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-kerberos-federation</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-ldap-federation</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-model-infinispan</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-model-jpa</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-model-map</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-saml-core</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-saml-core-public</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-server-spi</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-server-spi-private</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-services</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-sssd-federation</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-wildfly-adduser</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-wildfly-extensions</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-themes</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-wildfly-server-subsystem</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-client-cli-dist</artifactId>
|
||||
<type>zip</type>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.liquibase</groupId>
|
||||
<artifactId>liquibase-core</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.twitter4j</groupId>
|
||||
<artifactId>twitter4j-core</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.aesh</groupId>
|
||||
<artifactId>aesh</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.openshift</groupId>
|
||||
<artifactId>openshift-restclient-java</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.webauthn4j</groupId>
|
||||
<artifactId>webauthn4j-core</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.webauthn4j</groupId>
|
||||
<artifactId>webauthn4j-util</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.fasterxml.jackson.dataformat</groupId>
|
||||
<artifactId>jackson-dataformat-cbor</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.kerby</groupId>
|
||||
<artifactId>kerby-asn1</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>commons-lang</groupId>
|
||||
<artifactId>commons-lang</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.commons</groupId>
|
||||
<artifactId>commons-lang3</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
</project>
|
||||
|
|
@ -30,374 +30,11 @@
|
|||
<packaging>pom</packaging>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>com.github.ua-parser</groupId>
|
||||
<artifactId>uap-java</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.google.zxing</groupId>
|
||||
<artifactId>core</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.google.zxing</groupId>
|
||||
<artifactId>javase</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.googlecode.owasp-java-html-sanitizer</groupId>
|
||||
<artifactId>owasp-java-html-sanitizer</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.freemarker</groupId>
|
||||
<artifactId>freemarker</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.infinispan</groupId>
|
||||
<artifactId>infinispan-jboss-marshalling</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<!--
|
||||
~ KEYCLOAK-18267: org.jboss.marshalling.jboss-marshalling and org.jboss.marshalling.jboss-marshalling-river
|
||||
~ are needed for proper work of org.infinispan.infinispan-jboss-marshalling with JDK 11
|
||||
-->
|
||||
<dependency>
|
||||
<groupId>org.jboss.marshalling</groupId>
|
||||
<artifactId>jboss-marshalling</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.jboss.marshalling</groupId>
|
||||
<artifactId>jboss-marshalling-river</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-authz-policy-common</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-common</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-core</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-js-adapter</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-kerberos-federation</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-ldap-federation</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-model-infinispan</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-model-jpa</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-saml-core</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-saml-core-public</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-server-spi</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-server-spi-private</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-services</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-sssd-federation</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-wildfly-adduser</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-wildfly-extensions</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-themes</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-wildfly-server-subsystem</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-client-cli-dist</artifactId>
|
||||
<type>zip</type>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.liquibase</groupId>
|
||||
<artifactId>liquibase-core</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.twitter4j</groupId>
|
||||
<artifactId>twitter4j-core</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.aesh</groupId>
|
||||
<artifactId>aesh</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.openshift</groupId>
|
||||
<artifactId>openshift-restclient-java</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.webauthn4j</groupId>
|
||||
<artifactId>webauthn4j-core</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.webauthn4j</groupId>
|
||||
<artifactId>webauthn4j-util</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.fasterxml.jackson.dataformat</groupId>
|
||||
<artifactId>jackson-dataformat-cbor</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.kerby</groupId>
|
||||
<artifactId>kerby-asn1</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>commons-lang</groupId>
|
||||
<artifactId>commons-lang</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.commons</groupId>
|
||||
<artifactId>commons-lang3</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
<artifactId>keycloak-server-feature-pack-dependencies</artifactId>
|
||||
<version>${project.version}</version>
|
||||
<type>pom</type>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
|
|
|
@ -258,15 +258,6 @@
|
|||
<properties>
|
||||
<galleon-adapter-group-id>org.keycloak</galleon-adapter-group-id>
|
||||
</properties>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>jboss</id>
|
||||
<url>https://repository.jboss.org/nexus/content/groups/public/</url>
|
||||
<snapshots>
|
||||
<enabled>false</enabled>
|
||||
</snapshots>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.wildfly</groupId>
|
||||
|
|
|
@ -23,7 +23,7 @@
|
|||
<version>14.0.0-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<name>Feature Pack Builds</name>
|
||||
<name>Galleon Feature Pack Builds</name>
|
||||
<description/>
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
|
||||
|
@ -32,5 +32,6 @@
|
|||
|
||||
<modules>
|
||||
<module>adapter-galleon-pack</module>
|
||||
<module>server-galleon-pack</module>
|
||||
</modules>
|
||||
</project>
|
||||
|
|
|
@ -0,0 +1,39 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<assembly xmlns="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.2 http://maven.apache.org/xsd/assembly-1.1.2.xsd">
|
||||
<id>galleon-pack-src</id>
|
||||
<formats>
|
||||
<format>zip</format>
|
||||
</formats>
|
||||
<includeBaseDirectory>false</includeBaseDirectory>
|
||||
<fileSets>
|
||||
<fileSet>
|
||||
<directory>src/main/resources</directory>
|
||||
<outputDirectory/>
|
||||
</fileSet>
|
||||
</fileSets>
|
||||
<fileSet>
|
||||
<directory>target/unpacked-themes/theme</directory>
|
||||
<outputDirectory>content/themes</outputDirectory>
|
||||
</fileSet>
|
||||
<fileSet>
|
||||
<directory>target/keycloak-client-tools/bin</directory>
|
||||
<outputDirectory>content/bin</outputDirectory>
|
||||
</fileSet>
|
||||
<fileSet>
|
||||
<directory>src/main/resources/identity/module</directory>
|
||||
<includes>
|
||||
<include>**/**</include>
|
||||
</includes>
|
||||
<outputDirectory>modules/system/layers/keycloak/org/jboss/as/product/${product.slot}</outputDirectory>
|
||||
<filtered>true</filtered>
|
||||
</fileSet>
|
||||
<fileSet>
|
||||
<directory>src/main/resources/identity</directory>
|
||||
<includes>
|
||||
<include>product.conf</include>
|
||||
</includes>
|
||||
<outputDirectory>content/bin</outputDirectory>
|
||||
<filtered>true</filtered>
|
||||
</fileSet>
|
||||
</assembly>
|
|
@ -0,0 +1,78 @@
|
|||
<!--
|
||||
~ JBoss, Home of Professional Open Source.
|
||||
~ Copyright 2021, Red Hat, Inc., and individual contributors
|
||||
~ as indicated by the @author tags. See the copyright.txt file in the
|
||||
~ distribution for a full listing of individual contributors.
|
||||
~
|
||||
~ This is free software; you can redistribute it and/or modify it
|
||||
~ under the terms of the GNU Lesser General Public License as
|
||||
~ published by the Free Software Foundation; either version 2.1 of
|
||||
~ the License, or (at your option) any later version.
|
||||
~
|
||||
~ This software is distributed in the hope that it will be useful,
|
||||
~ but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
~ Lesser General Public License for more details.
|
||||
~
|
||||
~ You should have received a copy of the GNU Lesser General Public
|
||||
~ License along with this software; if not, write to the Free
|
||||
~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
|
||||
~ 02110-1301 USA, or see the FSF site: http://www.fsf.org.
|
||||
-->
|
||||
|
||||
<build xmlns="urn:wildfly:feature-pack-build:3.1" producer="org.keycloak:keycloak-server-galleon-pack">
|
||||
<transitive>
|
||||
<dependency group-id="org.wildfly" artifact-id="wildfly-ee-galleon-pack">
|
||||
<name>org.wildfly:wildfly-ee-galleon-pack</name>
|
||||
<packages inherit="false">
|
||||
<exclude name="product.conf"/>
|
||||
<exclude name="welcome-content"/>
|
||||
</packages>
|
||||
<default-configs inherit="false"/>
|
||||
</dependency>
|
||||
</transitive>
|
||||
<dependencies>
|
||||
<dependency group-id="org.wildfly" artifact-id="wildfly-galleon-pack">
|
||||
<name>org.wildfly:wildfly-galleon-pack</name>
|
||||
<packages inherit="false">
|
||||
<include name="docs.examples"/>
|
||||
<exclude name="product.conf"/>
|
||||
<exclude name="welcome-content"/>
|
||||
</packages>
|
||||
<default-configs inherit="false"/>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
<default-packages>
|
||||
<package name="modules.all"/>
|
||||
<package name="docs.licenses"/>
|
||||
<package name="docs-examples"/>
|
||||
<package name="root"/>
|
||||
<package name="welcome-content-keycloak"/>
|
||||
</default-packages>
|
||||
<package-schemas>
|
||||
<group name="org.keycloak"/>
|
||||
</package-schemas>
|
||||
|
||||
<config name="standalone.xml" model="standalone"/>
|
||||
<config name="standalone-ha.xml" model="standalone"/>
|
||||
<config name="domain.xml" model="domain"/>
|
||||
<config name="host.xml" model="host"/>
|
||||
<config name="host-master.xml" model="host"/>
|
||||
<config name="host-slave.xml" model="host"/>
|
||||
|
||||
<plugins>
|
||||
<plugin artifact="org.wildfly.galleon-plugins:wildfly-galleon-plugins"/>
|
||||
</plugins>
|
||||
|
||||
<generate-feature-specs>
|
||||
<extensions>
|
||||
<standalone>
|
||||
<extension>org.keycloak.keycloak-server-subsystem</extension>
|
||||
</standalone>
|
||||
<domain>
|
||||
<extension>org.keycloak.keycloak-server-subsystem</extension>
|
||||
</domain>
|
||||
</extensions>
|
||||
</generate-feature-specs>
|
||||
|
||||
</build>
|
434
distribution/galleon-feature-packs/server-galleon-pack/pom.xml
Normal file
434
distribution/galleon-feature-packs/server-galleon-pack/pom.xml
Normal file
|
@ -0,0 +1,434 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ /*
|
||||
~ * JBoss, Home of Professional Open Source.
|
||||
~ * Copyright $tody.year Red Hat, Inc., and individual contributors
|
||||
~ * as indicated by the @author tags.
|
||||
~ *
|
||||
~ * Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ * you may not use this file except in compliance with the License.
|
||||
~ * You may obtain a copy of the License at
|
||||
~ *
|
||||
~ * http://www.apache.org/licenses/LICENSE-2.0
|
||||
~ *
|
||||
~ * Unless required by applicable law or agreed to in writing, software
|
||||
~ * distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ * See the License for the specific language governing permissions and
|
||||
~ * limitations under the License.
|
||||
~ */
|
||||
-->
|
||||
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
|
||||
<parent>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>galleon-feature-packs-parent</artifactId>
|
||||
<version>14.0.0-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-server-galleon-pack</artifactId>
|
||||
|
||||
<name>Keycloak Galleon Feature Pack: Server</name>
|
||||
<packaging>pom</packaging>
|
||||
|
||||
<properties>
|
||||
<license.directory>${project.build.directory}/resources/content/docs/licenses</license.directory>
|
||||
</properties>
|
||||
|
||||
<dependencies>
|
||||
|
||||
<!-- WildFly Core feature pack content -->
|
||||
<dependency>
|
||||
<groupId>org.wildfly.core</groupId>
|
||||
<artifactId>wildfly-core-feature-pack-common</artifactId>
|
||||
<type>pom</type>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.wildfly.core</groupId>
|
||||
<artifactId>wildfly-core-feature-pack-ee-8-api</artifactId>
|
||||
<type>pom</type>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.wildfly.core</groupId>
|
||||
<artifactId>wildfly-core-feature-pack-galleon-common</artifactId>
|
||||
<type>pom</type>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.wildfly.core</groupId>
|
||||
<artifactId>wildfly-core-feature-pack-galleon-pruned</artifactId>
|
||||
<type>pom</type>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.wildfly.core</groupId>
|
||||
<artifactId>wildfly-core-galleon-pack</artifactId>
|
||||
<type>pom</type>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.wildfly</groupId>
|
||||
<artifactId>wildfly-ee-galleon-pack</artifactId>
|
||||
<type>zip</type>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.wildfly</groupId>
|
||||
<artifactId>wildfly-servlet-galleon-pack</artifactId>
|
||||
<type>zip</type>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.wildfly.galleon-plugins</groupId>
|
||||
<artifactId>wildfly-galleon-plugins</artifactId>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.wildfly.galleon-plugins</groupId>
|
||||
<artifactId>wildfly-config-gen</artifactId>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
|
||||
<!-- module and copy artifact dependencies -->
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-server-feature-pack-dependencies</artifactId>
|
||||
<version>${project.version}</version>
|
||||
<type>pom</type>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-client-registration-cli</artifactId>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-admin-cli</artifactId>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
|
||||
</dependencies>
|
||||
|
||||
<build>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<!-- Feature pack generation is vulnerable to leftover files in the target
|
||||
folder from previous builds, so always clean even if the clean lifecycle is not invoked -->
|
||||
<artifactId>maven-clean-plugin</artifactId>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>auto-clean</id>
|
||||
<phase>initialize</phase>
|
||||
<goals>
|
||||
<goal>clean</goal>
|
||||
</goals>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-resources-plugin</artifactId>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>copy-resources</id>
|
||||
<phase>process-resources</phase>
|
||||
<goals>
|
||||
<goal>copy-resources</goal>
|
||||
</goals>
|
||||
<configuration>
|
||||
<outputDirectory>${basedir}/target/resources</outputDirectory>
|
||||
<resources>
|
||||
<resource>
|
||||
<directory>${basedir}/src/main/resources</directory>
|
||||
</resource>
|
||||
</resources>
|
||||
</configuration>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-dependency-plugin</artifactId>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>unpack-theme</id>
|
||||
<phase>process-resources</phase>
|
||||
<goals>
|
||||
<goal>unpack</goal>
|
||||
</goals>
|
||||
<configuration>
|
||||
<artifactItems>
|
||||
<artifactItem>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-themes</artifactId>
|
||||
<outputDirectory>target/resources/packages/themes/content/themes</outputDirectory>
|
||||
<includes>theme/*/**</includes>
|
||||
<fileMappers>
|
||||
<org.codehaus.plexus.components.io.filemappers.RegExpFileMapper>
|
||||
<pattern>^\Qtheme/\E</pattern>
|
||||
<replacement>./</replacement>
|
||||
</org.codehaus.plexus.components.io.filemappers.RegExpFileMapper>
|
||||
</fileMappers>
|
||||
</artifactItem>
|
||||
</artifactItems>
|
||||
</configuration>
|
||||
</execution>
|
||||
<execution>
|
||||
<id>unpack-cli</id>
|
||||
<phase>process-resources</phase>
|
||||
<goals>
|
||||
<goal>unpack</goal>
|
||||
</goals>
|
||||
<configuration>
|
||||
<artifactItems>
|
||||
<artifactItem>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-client-cli-dist</artifactId>
|
||||
<type>zip</type>
|
||||
<includes>*/**</includes>
|
||||
<fileMappers>
|
||||
<org.codehaus.plexus.components.io.filemappers.RegExpFileMapper>
|
||||
<pattern>^\Qkeycloak-client-tools/\E</pattern>
|
||||
<replacement>./</replacement>
|
||||
</org.codehaus.plexus.components.io.filemappers.RegExpFileMapper>
|
||||
</fileMappers>
|
||||
<outputDirectory>target/resources/packages/client-cli/content</outputDirectory>
|
||||
</artifactItem>
|
||||
</artifactItems>
|
||||
</configuration>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
<!-- plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-assembly-plugin</artifactId>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>assemble</id>
|
||||
<phase>package</phase>
|
||||
<goals>
|
||||
<goal>single</goal>
|
||||
</goals>
|
||||
<configuration>
|
||||
<descriptors>
|
||||
<descriptor>assembly.xml</descriptor>
|
||||
</descriptors>
|
||||
<recompressZippedFiles>true</recompressZippedFiles>
|
||||
<finalName>${project.build.finalName}</finalName>
|
||||
<appendAssemblyId>false</appendAssemblyId>
|
||||
<outputDirectory>${project.build.directory}</outputDirectory>
|
||||
<workDirectory>${project.build.directory}/assembly/work</workDirectory>
|
||||
<tarLongFileMode>gnu</tarLongFileMode>
|
||||
</configuration>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin -->
|
||||
<!-- TODO: do proper Galleon Style Licenses Distribution
|
||||
plugin>
|
||||
<groupId>org.wildfly.maven.plugins</groupId>
|
||||
<artifactId>licenses-plugin</artifactId>
|
||||
<inherited>false</inherited>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>update-licenses-xml-package</id>
|
||||
<goals>
|
||||
<goal>insert-versions</goal>
|
||||
</goals>
|
||||
<phase>process-resources</phase>
|
||||
<configuration>
|
||||
<sortByGroupIdAndArtifactId>true</sortByGroupIdAndArtifactId>
|
||||
<licensesConfigFiles>
|
||||
<licensesConfigFile>${basedir}/target/resources/license/${product.slot}-server-galleon-pack-licenses.xml</licensesConfigFile>
|
||||
</licensesConfigFiles>
|
||||
<licensesOutputFile>${license.directory}/keycloak-server-galleon-pack-licenses.xml</licensesOutputFile>
|
||||
<excludedGroups>org.wildfly.galleon-plugins</excludedGroups>
|
||||
<excludedArtifacts>wildfly-core-model-test-framework|wildfly-jar-boot|wildfly-core-feature-pack-common|wildfly-core-feature-pack-ee-8-api|wildfly-elytron\z</excludedArtifacts>
|
||||
<excludedScopes>system</excludedScopes>
|
||||
</configuration>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin -->
|
||||
<plugin>
|
||||
<groupId>org.wildfly.galleon-plugins</groupId>
|
||||
<artifactId>wildfly-galleon-maven-plugin</artifactId>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>keycloak-server-galleon-pack-build</id>
|
||||
<goals>
|
||||
<goal>build-feature-pack</goal>
|
||||
</goals>
|
||||
<phase>prepare-package</phase>
|
||||
<configuration>
|
||||
<release-name>Keycloak</release-name>
|
||||
<fork-embedded>${galleon.fork.embedded}</fork-embedded>
|
||||
<config-file>keycloak-server-galleon-pack-build.xml</config-file>
|
||||
<task-properties>
|
||||
<product.name>${product.name}</product.name>
|
||||
<product.name.full>${product.name.full}</product.name.full>
|
||||
<product.slot>${product.slot}</product.slot>
|
||||
<product.wildfly.console.slot>${product.wildfly.console.slot}</product.wildfly.console.slot>
|
||||
<product.version>${project.version}</product.version>
|
||||
<client-cli.src.dir>${project.basedir}</client-cli.src.dir>
|
||||
</task-properties>
|
||||
</configuration>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
|
||||
<profiles>
|
||||
<profile>
|
||||
<id>community</id>
|
||||
<activation>
|
||||
<property>
|
||||
<name>!product</name>
|
||||
</property>
|
||||
</activation>
|
||||
|
||||
<properties>
|
||||
<feature.parent>org.wildfly:wildfly-galleon-pack</feature.parent>
|
||||
</properties>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.wildfly</groupId>
|
||||
<artifactId>wildfly-galleon-pack</artifactId>
|
||||
<type>zip</type>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
</profile>
|
||||
|
||||
<profile>
|
||||
<id>product</id>
|
||||
<activation>
|
||||
<property>
|
||||
<name>product</name>
|
||||
</property>
|
||||
</activation>
|
||||
|
||||
<properties>
|
||||
<feature.parent>org.jboss.eap:wildfly-galleon-pack</feature.parent>
|
||||
</properties>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.jboss.eap</groupId>
|
||||
<artifactId>wildfly-galleon-pack</artifactId>
|
||||
<version>${eap.version}</version>
|
||||
<type>zip</type>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
</profile>
|
||||
|
||||
<profile>
|
||||
<id>enforce</id>
|
||||
<activation>
|
||||
<property>
|
||||
<name>!skip-enforce</name>
|
||||
</property>
|
||||
</activation>
|
||||
<build>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-enforcer-plugin</artifactId>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>ban-transitive-deps</id>
|
||||
<goals>
|
||||
<goal>enforce</goal>
|
||||
</goals>
|
||||
<configuration>
|
||||
<rules>
|
||||
<banTransitiveDependencies>
|
||||
<excludes>
|
||||
<!-- Ignore jdk jars because they are system scope -->
|
||||
<exclude>com.sun:tools</exclude>
|
||||
<exclude>sun.jdk:jconsole</exclude>
|
||||
<!-- Ignore the shared resource poms as those we want their
|
||||
transitives. Those poms ban transitives at their level -->
|
||||
<exclude>org.keycloak:keycloak-server-feature-pack-dependencies</exclude>
|
||||
<exclude>org.wildfly.core:wildfly-core-feature-pack-common</exclude>
|
||||
<exclude>org.wildfly.core:wildfly-core-feature-pack-ee-8-api</exclude>
|
||||
<exclude>org.keycloak:keycloak-client-registration-cli</exclude>
|
||||
<exclude>org.keycloak:keycloak-admin-cli</exclude>
|
||||
</excludes>
|
||||
</banTransitiveDependencies>
|
||||
</rules>
|
||||
</configuration>
|
||||
</execution>
|
||||
</executions>
|
||||
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
</profile>
|
||||
<profile>
|
||||
<id>enforce-product</id>
|
||||
<activation>
|
||||
<property>
|
||||
<name>enforce-product</name>
|
||||
</property>
|
||||
</activation>
|
||||
<build>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-enforcer-plugin</artifactId>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.jboss.maven.plugins.enforcer.rules</groupId>
|
||||
<artifactId>version-enforcer-rule</artifactId>
|
||||
<version>1.0.0</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>ban-non-product-deps</id>
|
||||
<goals>
|
||||
<goal>enforce</goal>
|
||||
</goals>
|
||||
<configuration>
|
||||
<rules>
|
||||
<rule implementation="org.jboss.maven.plugins.enforcer.rules.version.BanVersionDependenciesRule">
|
||||
<versionPattern>^((?!redhat).)*$</versionPattern>
|
||||
</rule>
|
||||
</rules>
|
||||
</configuration>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
</profile>
|
||||
</profiles>
|
||||
</project>
|
File diff suppressed because it is too large
Load diff
File diff suppressed because it is too large
Load diff
|
@ -0,0 +1,24 @@
|
|||
<?xml version="1.0" ?>
|
||||
|
||||
<config xmlns="urn:jboss:galleon:config:1.0" name="domain.xml" model="domain">
|
||||
<!-- domain.server-group features are excluded from every domain group below
|
||||
simply to preserve the order of the profiles specified here.
|
||||
Not excluding the server groups will work but profiles full and full-ha
|
||||
will appear in the resulting config before ha because the server groups that are
|
||||
introduced into the config by the first domain group and overriden to reference
|
||||
full and full-ha below will make those profiles installed before ha.
|
||||
-->
|
||||
<feature-group name="domain-keycloak-standalone">
|
||||
<exclude spec="domain.server-group"/>
|
||||
</feature-group>
|
||||
<feature-group name="domain-keycloak-clustered">
|
||||
<exclude spec="domain.server-group"/>
|
||||
</feature-group>
|
||||
<feature-group name="domain-load-balancer">
|
||||
<exclude spec="domain.server-group"/>
|
||||
<exclude feature-id="domain.interface:interface=unsecure"/>
|
||||
</feature-group>
|
||||
|
||||
<feature-group name="domain-server-groups-keycloak"/>
|
||||
|
||||
</config>
|
|
@ -0,0 +1,5 @@
|
|||
<?xml version="1.0" ?>
|
||||
|
||||
<config xmlns="urn:jboss:galleon:config:1.0" name="host-master.xml" model="host">
|
||||
<feature-group name="host-master"/>
|
||||
</config>
|
|
@ -0,0 +1,5 @@
|
|||
<?xml version="1.0" ?>
|
||||
|
||||
<config xmlns="urn:jboss:galleon:config:1.0" name="host-slave.xml" model="host">
|
||||
<feature-group name="host-slave"/>
|
||||
</config>
|
|
@ -0,0 +1,5 @@
|
|||
<?xml version="1.0" ?>
|
||||
|
||||
<config xmlns="urn:jboss:galleon:config:1.0" name="host.xml" model="host">
|
||||
<feature-group name="host"/>
|
||||
</config>
|
|
@ -0,0 +1,7 @@
|
|||
<?xml version="1.0" ?>
|
||||
|
||||
<config xmlns="urn:jboss:galleon:config:1.0" model="standalone">
|
||||
<packages>
|
||||
<package name="misc.standalone"/>
|
||||
</packages>
|
||||
</config>
|
|
@ -0,0 +1,5 @@
|
|||
<?xml version="1.0" ?>
|
||||
|
||||
<config xmlns="urn:jboss:galleon:config:1.0" name="standalone-ha.xml" model="standalone">
|
||||
<feature-group name="standalone-ha"/>
|
||||
</config>
|
|
@ -0,0 +1,5 @@
|
|||
<?xml version="1.0" ?>
|
||||
|
||||
<config xmlns="urn:jboss:galleon:config:1.0" name="standalone.xml" model="standalone">
|
||||
<feature-group name="standalone"/>
|
||||
</config>
|
|
@ -0,0 +1,79 @@
|
|||
@echo off
|
||||
rem -------------------------------------------------------------------------
|
||||
rem Add User script for Windows
|
||||
rem -------------------------------------------------------------------------
|
||||
rem
|
||||
rem A simple utility for adding new users to the properties file used
|
||||
rem for domain management authentication out of the box.
|
||||
|
||||
rem $Id$
|
||||
|
||||
@if not "%ECHO%" == "" echo %ECHO%
|
||||
@if "%OS%" == "Windows_NT" setlocal
|
||||
|
||||
if "%OS%" == "Windows_NT" (
|
||||
set "DIRNAME=%~dp0%"
|
||||
) else (
|
||||
set DIRNAME=.\
|
||||
)
|
||||
|
||||
pushd "%DIRNAME%.."
|
||||
set "RESOLVED_JBOSS_HOME=%CD%"
|
||||
popd
|
||||
|
||||
if "x%JBOSS_HOME%" == "x" (
|
||||
set "JBOSS_HOME=%RESOLVED_JBOSS_HOME%"
|
||||
)
|
||||
|
||||
pushd "%JBOSS_HOME%"
|
||||
set "SANITIZED_JBOSS_HOME=%CD%"
|
||||
popd
|
||||
|
||||
if /i "%RESOLVED_JBOSS_HOME%" NEQ "%SANITIZED_JBOSS_HOME%" (
|
||||
echo.
|
||||
echo WARNING: The JBOSS_HOME ^("%SANITIZED_JBOSS_HOME%"^) that this script uses points to a different installation than the one that this script resides in ^("%RESOLVED_JBOSS_HOME%"^). Unpredictable results may occur.
|
||||
echo.
|
||||
echo JBOSS_HOME: "%JBOSS_HOME%"
|
||||
echo.
|
||||
)
|
||||
|
||||
rem Setup JBoss specific properties
|
||||
if "x%JAVA_HOME%" == "x" (
|
||||
set JAVA=java
|
||||
echo JAVA_HOME is not set. Unexpected results may occur.
|
||||
echo Set JAVA_HOME to the directory of your local JDK to avoid this message.
|
||||
) else (
|
||||
set "JAVA=%JAVA_HOME%\bin\java"
|
||||
)
|
||||
|
||||
rem set default modular jvm parameters
|
||||
setlocal EnableDelayedExpansion
|
||||
call "!DIRNAME!common.bat" :setDefaultModularJvmOptions "!JAVA_OPTS!"
|
||||
set "JAVA_OPTS=!JAVA_OPTS! !DEFAULT_MODULAR_JVM_OPTIONS!"
|
||||
setlocal DisableDelayedExpansion
|
||||
|
||||
rem Find jboss-modules.jar, or we can't continue
|
||||
if exist "%JBOSS_HOME%\jboss-modules.jar" (
|
||||
set "RUNJAR=%JBOSS_HOME%\jboss-modules.jar"
|
||||
) else (
|
||||
echo Could not locate "%JBOSS_HOME%\jboss-modules.jar".
|
||||
echo Please check that you are in the bin directory when running this script.
|
||||
goto END
|
||||
)
|
||||
|
||||
rem Set default module root paths
|
||||
if "x%JBOSS_MODULEPATH%" == "x" (
|
||||
set "JBOSS_MODULEPATH=%JBOSS_HOME%\modules"
|
||||
)
|
||||
|
||||
rem Uncomment to override standalone and domain user location
|
||||
rem set "JAVA_OPTS=%JAVA_OPTS% -Djboss.server.config.user.dir=..\standalone\configuration -Djboss.domain.config.user.dir=..\domain\configuration"
|
||||
|
||||
"%JAVA%" %JAVA_OPTS% ^
|
||||
-jar "%JBOSS_HOME%\jboss-modules.jar" ^
|
||||
-mp "%JBOSS_MODULEPATH%" ^
|
||||
org.keycloak.keycloak-wildfly-adduser ^
|
||||
%*
|
||||
|
||||
:END
|
||||
if "x%NOPAUSE%" == "x" pause
|
|
@ -0,0 +1,79 @@
|
|||
#!/bin/sh
|
||||
|
||||
# Add User Utility
|
||||
#
|
||||
# A simple utility for adding new users to the properties file used
|
||||
# for domain management authentication out of the box.
|
||||
#
|
||||
|
||||
DIRNAME=`dirname "$0"`
|
||||
GREP="grep"
|
||||
|
||||
. "$DIRNAME/common.sh"
|
||||
|
||||
# OS specific support (must be 'true' or 'false').
|
||||
cygwin=false;
|
||||
if [ `uname|grep -i CYGWIN` ]; then
|
||||
cygwin=true;
|
||||
fi
|
||||
|
||||
# For Cygwin, ensure paths are in UNIX format before anything is touched
|
||||
if $cygwin ; then
|
||||
[ -n "$JBOSS_HOME" ] &&
|
||||
JBOSS_HOME=`cygpath --unix "$JBOSS_HOME"`
|
||||
[ -n "$JAVA_HOME" ] &&
|
||||
JAVA_HOME=`cygpath --unix "$JAVA_HOME"`
|
||||
[ -n "$JAVAC_JAR" ] &&
|
||||
JAVAC_JAR=`cygpath --unix "$JAVAC_JAR"`
|
||||
fi
|
||||
|
||||
# Setup JBOSS_HOME
|
||||
RESOLVED_JBOSS_HOME=`cd "$DIRNAME/.."; pwd`
|
||||
if [ "x$JBOSS_HOME" = "x" ]; then
|
||||
# get the full path (without any relative bits)
|
||||
JBOSS_HOME=$RESOLVED_JBOSS_HOME
|
||||
else
|
||||
SANITIZED_JBOSS_HOME=`cd "$JBOSS_HOME"; pwd`
|
||||
if [ "$RESOLVED_JBOSS_HOME" != "$SANITIZED_JBOSS_HOME" ]; then
|
||||
echo "WARNING: The JBOSS_HOME ($SANITIZED_JBOSS_HOME) that this script uses points to a different installation than the one that this script resides in ($RESOLVED_JBOSS_HOME). Unpredictable results may occur."
|
||||
echo ""
|
||||
fi
|
||||
fi
|
||||
export JBOSS_HOME
|
||||
|
||||
# Setup the JVM
|
||||
if [ "x$JAVA" = "x" ]; then
|
||||
if [ "x$JAVA_HOME" != "x" ]; then
|
||||
JAVA="$JAVA_HOME/bin/java"
|
||||
else
|
||||
JAVA="java"
|
||||
fi
|
||||
fi
|
||||
|
||||
# Set default modular JVM options
|
||||
setDefaultModularJvmOptions $JAVA_OPTS
|
||||
JAVA_OPTS="$JAVA_OPTS $DEFAULT_MODULAR_JVM_OPTIONS"
|
||||
|
||||
if [ "x$JBOSS_MODULEPATH" = "x" ]; then
|
||||
JBOSS_MODULEPATH="$JBOSS_HOME/modules"
|
||||
fi
|
||||
|
||||
# For Cygwin, switch paths to Windows format before running java
|
||||
if $cygwin; then
|
||||
JBOSS_HOME=`cygpath --path --windows "$JBOSS_HOME"`
|
||||
JAVA_HOME=`cygpath --path --windows "$JAVA_HOME"`
|
||||
JBOSS_MODULEPATH=`cygpath --path --windows "$JBOSS_MODULEPATH"`
|
||||
fi
|
||||
|
||||
# Sample JPDA settings for remote socket debugging
|
||||
#JAVA_OPTS="$JAVA_OPTS -agentlib:jdwp=transport=dt_socket,address=8787,server=y,suspend=y"
|
||||
# Uncomment to override standalone and domain user location
|
||||
#JAVA_OPTS="$JAVA_OPTS -Djboss.server.config.user.dir=../standalone/configuration -Djboss.domain.config.user.dir=../domain/configuration"
|
||||
|
||||
JAVA_OPTS="$JAVA_OPTS"
|
||||
|
||||
eval \"$JAVA\" $JAVA_OPTS \
|
||||
-jar \""$JBOSS_HOME"/jboss-modules.jar\" \
|
||||
-mp \""${JBOSS_MODULEPATH}"\" \
|
||||
org.keycloak.keycloak-wildfly-adduser \
|
||||
'"$@"'
|
|
@ -0,0 +1,44 @@
|
|||
#!/bin/sh
|
||||
|
||||
# Setup for SSSD
|
||||
SSSD_FILE="/etc/sssd/sssd.conf"
|
||||
|
||||
if [ -f "$SSSD_FILE" ];
|
||||
then
|
||||
|
||||
if ! grep -q ^ldap_user_extra_attrs $SSSD_FILE; then
|
||||
sed -i '/ldap_tls_cacert/a ldap_user_extra_attrs = mail:mail, sn:sn, givenname:givenname, telephoneNumber:telephoneNumber' $SSSD_FILE
|
||||
fi
|
||||
|
||||
if ! grep -q ^services.*ifp.* /etc/sssd/sssd.conf; then
|
||||
sed -i '/^services/ s/$/, ifp/' $SSSD_FILE
|
||||
fi
|
||||
|
||||
if ! grep -q ^allowed_uids $SSSD_FILE; then
|
||||
sed -i '/\[ifp\]/a allowed_uids = root' $SSSD_FILE
|
||||
fi
|
||||
|
||||
if ! grep -q ^user_attributes $SSSD_FILE; then
|
||||
sed -i '/allowed_uids/a user_attributes = +mail, +telephoneNumber, +givenname, +sn' $SSSD_FILE
|
||||
fi
|
||||
|
||||
systemctl restart sssd
|
||||
|
||||
else
|
||||
echo "Please make sure you have $SSSD_FILE into your system! Aborting."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Setup for PAM
|
||||
PAM_FILE="/etc/pam.d/keycloak"
|
||||
|
||||
if [ ! -f "$PAM_FILE" ];
|
||||
then
|
||||
cat <<EOF > $PAM_FILE
|
||||
auth required pam_sss.so
|
||||
account required pam_sss.so
|
||||
EOF
|
||||
else
|
||||
echo "$PAM_FILE already exists. Skipping it..."
|
||||
exit 0
|
||||
fi
|
|
@ -0,0 +1,753 @@
|
|||
embed-host-controller --domain-config=domain.xml
|
||||
|
||||
# Early versions of keycloak used "ha" for the clustered profile name.
|
||||
# Yours maybe be something completely different.
|
||||
set clusteredProfile=auth-server-clustered
|
||||
|
||||
# keycloak-server.json is not normally on this path.
|
||||
set pathToJson=../domain/configuration/keycloak-server.json
|
||||
|
||||
|
||||
echo
|
||||
echo *** Begin Migration of /profile=$clusteredProfile ***
|
||||
echo
|
||||
|
||||
# Migrate from 1.8.1 to 1.9.1
|
||||
if (outcome == failed) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/replicated-cache=work/:read-resource
|
||||
echo Adding replicated-cache=work to keycloak cache container...
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/replicated-cache=work/:add(mode=SYNC)
|
||||
echo
|
||||
end-if
|
||||
# realmVersions cache deprecated in 2.1.0
|
||||
#if (outcome == failed) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=realmVersions/:read-resource
|
||||
# echo Adding local-cache=realmVersions to keycloak cache container...
|
||||
# /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=realmVersions/:add(indexing=NONE,start=LAZY)
|
||||
# /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=realmVersions/component=transaction/:write-attribute(name=mode,value=BATCH)
|
||||
# echo
|
||||
#end-if
|
||||
|
||||
# Migrate from 1.9.1 to 1.9.2
|
||||
if (result == NONE) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/invalidation-cache=users/component=eviction/:read-attribute(name=strategy)
|
||||
echo Adding eviction strategy to keycloak users cache container...
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/invalidation-cache=users/component=eviction/:write-attribute(name=strategy,value=LRU)
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/invalidation-cache=users/component=eviction/:write-attribute(name=max-entries,value=10000)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 1.9.2 to 2.0.0
|
||||
# NO CHANGES
|
||||
|
||||
# Migrate from 2.0.0 to 2.1.0
|
||||
if (outcome == success) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=realmVersions/:read-resource
|
||||
echo Removing deprecated cache 'realmVersions'
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=realmVersions/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate kecloak-server.json (deprecated in 2.2.0)
|
||||
if (result == []) of /profile=$clusteredProfile/subsystem=keycloak-server/:read-children-names(child-type=spi)
|
||||
echo Migrating keycloak-server.json to keycloak-server subsystem...
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/:migrate-json(file=$pathToJson)
|
||||
echo
|
||||
end-if
|
||||
if (result == [expression "classpath:${jboss.server.config.dir}/providers/*"]) of /profile=$clusteredProfile/subsystem=keycloak-server/:read-attribute(name=providers)
|
||||
echo Updating provider to default value
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/:write-attribute(name=providers,value=[classpath:${jboss.home.dir}/providers/*])
|
||||
echo
|
||||
end-if
|
||||
if (result == keycloak) of /profile=$clusteredProfile/subsystem=keycloak-server/theme=defaults:read-attribute(name=default)
|
||||
echo Undefining default theme...
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/theme=defaults:undefine-attribute(name=default)
|
||||
echo
|
||||
end-if
|
||||
if (result == expression "${jboss.server.config.dir}/themes") of /profile=$clusteredProfile/subsystem=keycloak-server/theme=defaults:read-attribute(name=dir)
|
||||
echo Updating theme dir to default value
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/theme=defaults/:write-attribute(name=dir,value=${jboss.home.dir}/themes)
|
||||
echo
|
||||
end-if
|
||||
|
||||
set persistenceProvider=jpa
|
||||
|
||||
# Migrate from 2.1.0 to 2.2.0
|
||||
if (outcome == failed) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/distributed-cache=authorization/:read-resource
|
||||
# In migration from 3.0.0 to 3.2.0 there is authorization distributed-cache replaced with local-cache
|
||||
try
|
||||
echo
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/distributed-cache=authorization/:add(mode=SYNC,owners=1)
|
||||
echo Added distributed-cache=authorization
|
||||
catch
|
||||
end-try
|
||||
end-if
|
||||
|
||||
if (result == update) of /profile=$clusteredProfile/subsystem=keycloak-server/spi=connectionsJpa/provider=default/:map-get(name=properties,key=databaseSchema)
|
||||
echo Updating connectionsJpa default properties...
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/spi=connectionsJpa/provider=default/:map-remove(name=properties,key=databaseSchema)
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/spi=connectionsJpa/provider=default/:map-put(name=properties,key=initializeEmpty,value=true)
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/spi=connectionsJpa/provider=default/:map-put(name=properties,key=migrationStrategy,value=update)
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/spi=connectionsJpa/provider=default/:map-put(name=properties,key=migrationExport,value=${jboss.home.dir}/keycloak-database-update.sql)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == failed) of /profile=$clusteredProfile/subsystem=keycloak-server/spi=userFederatedStorage/:read-resource
|
||||
echo Adding spi=userFederatedStorage...
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/spi=userFederatedStorage/:add(default-provider=$persistenceProvider)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == failed) of /profile=$clusteredProfile/subsystem=keycloak-server/spi=jta-lookup/:read-resource
|
||||
echo Adding spi=jta-lookup...
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/spi=jta-lookup/:add(default-provider=${keycloak.jta.lookup.provider:jboss})
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/spi=jta-lookup/provider=jboss/:add(enabled=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 2.2.0 to 2.2.1
|
||||
# NO CHANGES
|
||||
|
||||
# Migrate from 2.2.1 to 2.3.0
|
||||
if (outcome == failed) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=keys/:read-resource
|
||||
echo Adding local-cache=keys to keycloak cache container...
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=keys/:add(indexing=NONE,start=LAZY)
|
||||
echo
|
||||
end-if
|
||||
if (result == undefined) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=keys/component=eviction/:read-attribute(name=strategy,include-defaults=false)
|
||||
echo Updating eviction and expiration in local-cache=keys...
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=keys/component=eviction/:write-attribute(name=strategy,value=LRU)
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=keys/component=eviction/:write-attribute(name=max-entries,value=1000)
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=keys/component=expiration/:write-attribute(name=max-idle,value=3600000)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == failed) of /profile=$clusteredProfile/subsystem=keycloak-server/spi=publicKeyStorage/:read-resource
|
||||
echo Adding spi=publicKeyStorage...
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/spi=publicKeyStorage/:add
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/spi=publicKeyStorage/provider=infinispan/:add(properties={minTimeBetweenRequests => "10"},enabled=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 2.3.0 to 2.4.0
|
||||
if (outcome == success) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/invalidation-cache=users/:read-resource
|
||||
echo Replacing invalidation-cache=users with local-cache=users
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/invalidation-cache=users/:remove
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=users/:add
|
||||
echo
|
||||
end-if
|
||||
if (result == undefined) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=users/component=eviction/:read-attribute(name=strategy,include-defaults=false)
|
||||
echo Updating eviction in local-cache=users
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=users/component=eviction/:write-attribute(name=strategy,value=LRU)
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=users/component=eviction/:write-attribute(name=max-entries,value=10000)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == success) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/invalidation-cache=realms/:read-resource
|
||||
echo Replacing invalidation-cache=realms with local-cache=realms
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/invalidation-cache=realms/:remove
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=realms/:add
|
||||
echo
|
||||
end-if
|
||||
|
||||
|
||||
# Migrate from 2.4.0 to 2.5.0
|
||||
if (result == NONE) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=realms/component=eviction/:read-attribute(name=strategy)
|
||||
echo Adding eviction strategy to keycloak realms cache...
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=realms/component=eviction/:write-attribute(name=strategy,value=LRU)
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=realms/component=eviction/:write-attribute(name=max-entries,value=10000)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 2.5.0 to 2.5.1
|
||||
# NO CHANGES
|
||||
|
||||
# Migrate 2.5.1 to 2.5.4
|
||||
if (result != REPEATABLE_READ) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=ejb/local-cache=persistent/component=locking/:read-attribute(name=isolation)
|
||||
echo Changing ejb cache locking to REPEATABLE_READ
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=ejb/local-cache=persistent/component=locking/:write-attribute(name=isolation,value=REPEATABLE_READ)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=hibernate/local-cache=immutable-entity/:read-resource
|
||||
echo Removing Hibernate immutable-entity cache
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=hibernate/local-cache=immutable-entity/:remove
|
||||
end-if
|
||||
|
||||
|
||||
# Migrate from 2.5.4 to 3.0.0
|
||||
if (result == jpa) of /profile=$clusteredProfile/subsystem=keycloak-server/spi=eventsStore/:read-attribute(name=default-provider,include-defaults=false)
|
||||
echo Removing default provider for eventsStore
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/spi=eventsStore/:undefine-attribute(name=default-provider)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if ((outcome == success) && (result.default-provider == jpa) && (result.provider == undefined)) of /profile=$clusteredProfile/subsystem=keycloak-server/spi=realm/:read-resource(recursive=false,include-defaults=false)
|
||||
echo Removing declaration for user SPI
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/spi=realm/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if ((outcome == success) && (result.default-provider == jpa) && (result.provider == undefined)) of /profile=$clusteredProfile/subsystem=keycloak-server/spi=user/:read-resource(recursive=false,include-defaults=false)
|
||||
echo Removing declaration for user SPI
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/spi=user/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if ((outcome == success) && (result.default-provider == jpa) && (result.provider == undefined)) of /profile=$clusteredProfile/subsystem=keycloak-server/spi=userFederatedStorage/:read-resource(recursive=false,include-defaults=false)
|
||||
echo Removing declaration for userFederatedStorage SPI
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/spi=userFederatedStorage/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if ((outcome == success) && (result.default-provider == jpa) && (result.provider == undefined)) of /profile=$clusteredProfile/subsystem=keycloak-server/spi=authorizationPersister/:read-resource(recursive=false,include-defaults=false)
|
||||
echo Removing declaration for authorizationPersister SPI
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/spi=authorizationPersister/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$clusteredProfile/subsystem=keycloak-server/spi=userCache/:read-resource
|
||||
echo Adding userCache SPI
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/spi=userCache/:add
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/spi=userCache/provider=default/:add(enabled=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$clusteredProfile/subsystem=keycloak-server/spi=realmCache/:read-resource
|
||||
echo Adding realmCache SPI
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/spi=realmCache/:add
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/spi=realmCache/provider=default/:add(enabled=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if ((result.default-provider == undefined) && (result.provider.default.enabled == true)) of /profile=$clusteredProfile/subsystem=keycloak-server/spi=connectionsInfinispan/:read-resource(recursive=true,include-defaults=false)
|
||||
echo Adding 'default' as default provider for connectionsInfinispan
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/spi=connectionsInfinispan/:write-attribute(name=default-provider,value=default)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 3.0.0 to 3.1.0
|
||||
# NO CHANGES
|
||||
|
||||
# Migrate from 3.1.0 to 3.2.0
|
||||
if (outcome == failed) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/distributed-cache=authenticationSessions/:read-resource
|
||||
echo Adding distributed-cache=authenticationSessions to keycloak cache container...
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/distributed-cache=authenticationSessions/:add(mode=SYNC,owners=1)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/distributed-cache=actionTokens/:read-resource
|
||||
echo Adding distributed-cache=actionTokens to keycloak cache container...
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/distributed-cache=actionTokens/:add(indexing=NONE,mode=SYNC,owners=2)
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/distributed-cache=actionTokens/component=eviction/:write-attribute(name=strategy,value=NONE)
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/distributed-cache=actionTokens/component=eviction/:write-attribute(name=max-entries,value=-1)
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/distributed-cache=actionTokens/component=expiration/:write-attribute(name=interval,value=300000)
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/distributed-cache=actionTokens/component=expiration/:write-attribute(name=max-idle,value=-1)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/distributed-cache=authorization/:read-resource
|
||||
echo Replacing distributed-cache=authorization with local-cache=authorization
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/distributed-cache=authorization/:remove
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/:add
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/component=eviction/:write-attribute(name=strategy,value=LRU)
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/component=eviction/:write-attribute(name=max-entries,value=10000)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 3.2.0 to 3.2.1
|
||||
# NO CHANGES
|
||||
|
||||
# Migrate from 3.2.1 to 3.3.0
|
||||
if (outcome == failed) of /profile=$clusteredProfile/subsystem=core-management/:read-resource
|
||||
try
|
||||
echo Trying to add core-management extension
|
||||
/extension=org.wildfly.extension.core-management/:add
|
||||
echo
|
||||
catch
|
||||
echo Wasn't able to add core-management extension, it should be already added by migrate-domain-standalone.cli
|
||||
echo
|
||||
end-try
|
||||
echo Adding subsystem core-management
|
||||
/profile=$clusteredProfile/subsystem=core-management/:add
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$clusteredProfile/subsystem=elytron/:read-resource
|
||||
try
|
||||
echo Trying to add elytron extension
|
||||
/extension=org.wildfly.extension.elytron/:add
|
||||
echo
|
||||
catch
|
||||
echo Wasn't able to add elytron extension, it should be already added by migrate-domain-standalone.cli
|
||||
echo
|
||||
end-try
|
||||
echo Adding subsystem elytron
|
||||
/profile=$clusteredProfile/subsystem=elytron/:add
|
||||
/profile=$clusteredProfile/subsystem=elytron/provider-loader=elytron/:add(module=org.wildfly.security.elytron)
|
||||
/profile=$clusteredProfile/subsystem=elytron/provider-loader=openssl/:add(module=org.wildfly.openssl)
|
||||
/profile=$clusteredProfile/subsystem=elytron/aggregate-providers=combined-providers/:add(providers=[elytron,openssl])
|
||||
/profile=$clusteredProfile/subsystem=elytron/file-audit-log=local-audit/:add(path=audit.log,relative-to=jboss.server.log.dir,format=JSON)
|
||||
/profile=$clusteredProfile/subsystem=elytron/identity-realm=local/:add(identity="$local")
|
||||
/profile=$clusteredProfile/subsystem=elytron/properties-realm=ApplicationRealm/:add(users-properties={path=application-users.properties,relative-to=jboss.domain.config.dir,digest-realm-name=ApplicationRealm},groups-properties={path=application-roles.properties,relative-to=jboss.domain.config.dir})
|
||||
/profile=$clusteredProfile/subsystem=elytron/simple-permission-mapper=default-permission-mapper/:add(mapping-mode=first,permission-mappings=[{principals=[anonymous],permissions=[{class-name=org.wildfly.extension.batch.jberet.deployment.BatchPermission,module=org.wildfly.extension.batch.jberet,target-name=*},{class-name=org.wildfly.transaction.client.RemoteTransactionPermission,module=org.wildfly.transaction.client},{class-name=org.jboss.ejb.client.RemoteEJBPermission,module=org.jboss.ejb-client}]},{match-all=true,permissions=[{class-name=org.wildfly.security.auth.permission.LoginPermission},{class-name=org.wildfly.extension.batch.jberet.deployment.BatchPermission,module=org.wildfly.extension.batch.jberet,target-name=*},{class-name=org.wildfly.transaction.client.RemoteTransactionPermission,module=org.wildfly.transaction.client},{class-name=org.jboss.ejb.client.RemoteEJBPermission,module=org.jboss.ejb-client}]}])
|
||||
/profile=$clusteredProfile/subsystem=elytron/constant-realm-mapper=local/:add(realm-name=local)
|
||||
/profile=$clusteredProfile/subsystem=elytron/simple-role-decoder=groups-to-roles/:add(attribute=groups)
|
||||
/profile=$clusteredProfile/subsystem=elytron/constant-role-mapper=super-user-mapper/:add(roles=[SuperUser])
|
||||
/profile=$clusteredProfile/subsystem=elytron/security-domain=ApplicationDomain/:add(default-realm=ApplicationRealm,permission-mapper=default-permission-mapper,realms=[{realm=ApplicationRealm,role-decoder=groups-to-roles},{realm=local}])
|
||||
/profile=$clusteredProfile/subsystem=elytron/provider-http-server-mechanism-factory=global/:add
|
||||
/profile=$clusteredProfile/subsystem=elytron/http-authentication-factory=application-http-authentication/:add(http-server-mechanism-factory=global,security-domain=ApplicationDomain,mechanism-configurations=[{mechanism-name=BASIC,mechanism-realm-configurations=[{realm-name=Application Realm}]},{mechanism-name=FORM}])
|
||||
/profile=$clusteredProfile/subsystem=elytron/provider-sasl-server-factory=global/:add
|
||||
/profile=$clusteredProfile/subsystem=elytron/mechanism-provider-filtering-sasl-server-factory=elytron/:add(sasl-server-factory=global,filters=[{provider-name=WildFlyElytron}])
|
||||
/profile=$clusteredProfile/subsystem=elytron/configurable-sasl-server-factory=configured/:add(sasl-server-factory=elytron,properties={wildfly.sasl.local-user.default-user => "$local"})
|
||||
/profile=$clusteredProfile/subsystem=elytron/sasl-authentication-factory=application-sasl-authentication/:add(sasl-server-factory=configured,security-domain=ApplicationDomain,mechanism-configurations=[{mechanism-name=JBOSS-LOCAL-USER,realm-mapper=local},{mechanism-name=DIGEST-MD5,mechanism-realm-configurations=[{realm-name=ApplicationRealm}]}])
|
||||
/profile=$clusteredProfile/subsystem=elytron/:write-attribute(name=final-providers,value=combined-providers)
|
||||
/profile=$clusteredProfile/subsystem=elytron/:write-attribute(name=disallowed-providers,value=[OracleUcrypto])
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$clusteredProfile/subsystem=ejb3/service=remote/channel-creation-options=READ_TIMEOUT/:read-resource
|
||||
echo Adding channel-creation-options READ_TIMEOUT to ejb3 remote
|
||||
/profile=$clusteredProfile/subsystem=ejb3/service=remote/channel-creation-options=READ_TIMEOUT/:add(value="${prop.remoting-connector.read.timeout:20}",type=xnio)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$clusteredProfile/subsystem=ejb3/service=remote/channel-creation-options=MAX_OUTBOUND_MESSAGES/:read-resource
|
||||
echo Adding channel-creation-options MAX_OUTBOUND_MESSAGES to ejb3 remote
|
||||
/profile=$clusteredProfile/subsystem=ejb3/service=remote/channel-creation-options=MAX_OUTBOUND_MESSAGES/:add(value=1234,type=remoting)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == ASYNC) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=web/distributed-cache=dist:read-attribute(name=mode)
|
||||
echo Setting SYNC mode for web cache-container
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=web/distributed-cache=dist:write-attribute(name=mode,value=SYNC)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == ASYNC) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=ejb/distributed-cache=dist:read-attribute(name=mode)
|
||||
echo Setting SYNC mode for ejb cache-container
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=ejb/distributed-cache=dist:write-attribute(name=mode,value=SYNC)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == undefined) of /profile=$clusteredProfile/subsystem=jgroups/channel=ee/:read-attribute(name=cluster)
|
||||
echo Setting cluster attribute to ejb in jgroups subsystem
|
||||
/profile=$clusteredProfile/subsystem=jgroups/channel=ee/:write-attribute(name=cluster,value=ejb)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result != undefined) of /profile=$clusteredProfile/subsystem=jgroups/stack=udp/protocol=FD_SOCK/:read-attribute(name=socket-binding)
|
||||
echo Unsetting socket-binding from udp FD_SOCK protocol
|
||||
# it has to be done via remove and add, because socket-binding is not writable attribute
|
||||
/profile=$clusteredProfile/subsystem=jgroups/stack=udp/protocol=FD_SOCK/:remove
|
||||
/profile=$clusteredProfile/subsystem=jgroups/stack=udp/protocol=FD_SOCK/:add
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /profile=$clusteredProfile/subsystem=jgroups/stack=tcp/protocol=FD/:read-resource
|
||||
echo Replacing tcp FD protocol with FD_ALL
|
||||
/profile=$clusteredProfile/subsystem=jgroups/stack=tcp/protocol=FD/:remove
|
||||
/profile=$clusteredProfile/subsystem=jgroups/stack=tcp/protocol=FD_ALL/:add
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result != undefined) of /profile=$clusteredProfile/subsystem=jgroups/stack=tcp/protocol=FD_SOCK/:read-attribute(name=socket-binding)
|
||||
echo Unsetting socket-binding from tcp FD_SOCK protocol
|
||||
# it has to be done via remove and add, because socket-binding is not writable attribute
|
||||
/profile=$clusteredProfile/subsystem=jgroups/stack=tcp/protocol=FD_SOCK/:remove
|
||||
/profile=$clusteredProfile/subsystem=jgroups/stack=tcp/protocol=FD_SOCK/:add
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$clusteredProfile/subsystem=undertow/server=default-server/host=default-host/setting=http-invoker/:read-resource
|
||||
echo Adding http-invoker to default-host
|
||||
/profile=$clusteredProfile/subsystem=undertow/server=default-server/host=default-host/setting=http-invoker/:add(security-realm=ApplicationRealm)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == false) of /profile=$clusteredProfile/subsystem=undertow/server=default-server/http-listener=default/:read-attribute(name=enable-http2)
|
||||
echo Enabling http2 for default http-listener
|
||||
/profile=$clusteredProfile/subsystem=undertow/server=default-server/http-listener=default/:write-attribute(name=enable-http2,value=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$clusteredProfile/subsystem=undertow/server=default-server/https-listener=https/:read-resource
|
||||
echo Adding https-listener
|
||||
/profile=$clusteredProfile/subsystem=undertow/server=default-server/https-listener=https/:add(socket-binding=https,security-realm=ApplicationRealm,enable-http2=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == 224.0.1.105) of /socket-binding-group=ha-sockets/socket-binding=modcluster/:read-attribute(name=multicast-address)
|
||||
echo Adding jboss.modcluster.multicast.address property to modcluster multicast-address
|
||||
/socket-binding-group=ha-sockets/socket-binding=modcluster/:write-attribute(name=multicast-address,value=${jboss.modcluster.multicast.address:224.0.1.105})
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 3.3.0 to 3.4.0
|
||||
if (outcome == success) of /profile=$clusteredProfile/subsystem=undertow/server=default-server/host=default-host/filter-ref=server-header/:read-resource
|
||||
echo Removing X-Powered-By and Server headers from Keycloak responses...
|
||||
/profile=$clusteredProfile/subsystem=undertow/server=default-server/host=default-host/filter-ref=server-header/:remove
|
||||
/profile=$clusteredProfile/subsystem=undertow/server=default-server/host=default-host/filter-ref=x-powered-by-header/:remove
|
||||
/profile=$clusteredProfile/subsystem=undertow/configuration=filter/response-header=x-powered-by-header/:remove
|
||||
/profile=$clusteredProfile/subsystem=undertow/configuration=filter/response-header=server-header/:remove
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /profile=$clusteredProfile/subsystem=jdr/:read-resource
|
||||
echo Removing jdr subsystem and extension
|
||||
/profile=$clusteredProfile/subsystem=jdr/:remove
|
||||
echo
|
||||
try
|
||||
echo Trying to remove jdr extension
|
||||
/extension=org.jboss.as.jdr/:remove
|
||||
echo
|
||||
catch
|
||||
echo Wasn't able to remove jdr extension, Should be removed by migrate-domain-standalone.cli
|
||||
echo
|
||||
end-try
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /profile=$clusteredProfile/subsystem=jsf/:read-resource
|
||||
echo Removing jsf subsystem and extension
|
||||
/profile=$clusteredProfile/subsystem=jsf/:remove
|
||||
echo
|
||||
try
|
||||
echo Trying to remove jsf extension
|
||||
/extension=org.jboss.as.jsf/:remove
|
||||
echo
|
||||
catch
|
||||
echo Wasn't able to remove jsf extension, Should be removed by migrate-domain-standalone.cli
|
||||
echo
|
||||
end-try
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/distributed-cache=offlineClientSessions/:read-resource
|
||||
echo Adding distributed-cache=offlineClientSessions to keycloak cache container...
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/distributed-cache=offlineClientSessions/:add(mode=SYNC,owners=1)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/distributed-cache=clientSessions/:read-resource
|
||||
echo Adding distributed-cache=clientSessions to keycloak cache container...
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/distributed-cache=clientSessions/:add(mode=SYNC,owners=1)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$clusteredProfile/subsystem=keycloak-server/spi=x509cert-lookup/:read-resource
|
||||
echo Adding spi=x509cert-lookup...
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/spi=x509cert-lookup/:add(default-provider=${keycloak.x509cert.lookup.provider:default})
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/spi=x509cert-lookup/provider=default/:add(enabled=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 4.2.0 to 4.3.0
|
||||
if (outcome == failed) of /profile=$clusteredProfile/subsystem=keycloak-server/spi=hostname/:read-resource
|
||||
echo Adding spi=hostname...
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/spi=hostname/:add(default-provider=request)
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/spi=hostname/provider=fixed/:add(properties={hostname => "localhost",httpPort => "-1",httpsPort => "-1"},enabled=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 4.3.0 to 4.4.0
|
||||
if (outcome == failed) of /profile=$clusteredProfile/subsystem=elytron/permission-set=login-permission/:read-resource
|
||||
echo Adding permission-set=login-permission to elytron
|
||||
/profile=$clusteredProfile/subsystem=elytron/permission-set=login-permission:add(permissions=[{class-name=org.wildfly.security.auth.permission.LoginPermission}])
|
||||
/profile=$clusteredProfile/subsystem=elytron/permission-set=default-permissions/:add(permissions=[{class-name=org.wildfly.extension.batch.jberet.deployment.BatchPermission,module=org.wildfly.extension.batch.jberet,target-name=*},{class-name=org.wildfly.transaction.client.RemoteTransactionPermission,module=org.wildfly.transaction.client},{class-name=org.jboss.ejb.client.RemoteEJBPermission,module=org.jboss.ejb-client}])
|
||||
/profile=$clusteredProfile/subsystem=elytron/simple-permission-mapper=default-permission-mapper/:undefine-attribute(name=permission-mappings)
|
||||
/profile=$clusteredProfile/subsystem=elytron/simple-permission-mapper=default-permission-mapper:write-attribute(name=permission-mappings,value=[{permission-sets=[{permission-set=login-permission},{permission-set=default-permissions}],match-all=true},{permission-sets=[{permission-set=default-permissions}],principals=[anonymous]}])
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == org.hibernate.infinispan) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=hibernate:read-attribute(name=module)
|
||||
echo Update hibernate cache module
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=hibernate:write-attribute(name=module, value=org.infinispan.hibernate-cache)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == success) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=hibernate:read-attribute(name=default-cache)
|
||||
echo Remove default cache from hibernate cache
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=hibernate:undefine-attribute(name=default-cache)
|
||||
echo
|
||||
end-if
|
||||
if (result == ASYNC) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=hibernate/replicated-cache=timestamps:read-attribute(name=mode)
|
||||
echo Switching mode for timestamps cache from ASYNC to SYNC
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=hibernate/replicated-cache=timestamps:write-attribute(name=mode, value=SYNC)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=hibernate/local-cache=entity/eviction=EVICTION:read-resource
|
||||
echo Removing eviction from hibernate entity cache and replacing with object-memory
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=hibernate/local-cache=entity/eviction=EVICTION:remove
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=hibernate/local-cache=entity/memory=object:add(size=10000)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == success) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=hibernate/distributed-cache=local-query/eviction=EVICTION:read-resource
|
||||
echo Removing eviction from hibernate local-query cache and replacing with object-memory
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=hibernate/local-cache=local-query/eviction=EVICTION:remove
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=hibernate/local-cache=local-query/memory=object:add(size=10000)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == success) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=realms/eviction=EVICTION:read-resource
|
||||
echo Removing eviction from keycloak realms cache and replacing with object-memory
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=realms/eviction=EVICTION:remove
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=realms/memory=object:add(size=10000)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == success) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=users/eviction=EVICTION:read-resource
|
||||
echo Removing eviction from keycloak users cache and replacing with object-memory
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=users/eviction=EVICTION:remove
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=users/memory=object:add(size=10000)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == success) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/eviction=EVICTION:read-resource
|
||||
echo Removing eviction from keycloak authorization cache and replacing with object-memory
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/eviction=EVICTION:remove
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/memory=object:add(size=10000)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == success) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=keys/eviction=EVICTION:read-resource
|
||||
echo Removing eviction from keycloak keys cache and replacing with object-memory
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=keys/eviction=EVICTION:remove
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=keys/memory=object:add(size=1000)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /profile=$clusteredProfile/subsystem=keycloak-server/spi=connectionsInfinispan/provider=default:read-resource
|
||||
echo Changing JNDI reference in connectionsInfinispan SPI
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/spi=connectionsInfinispan/provider=default:undefine-attribute(name=properties)
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/spi=connectionsInfinispan/provider=default:write-attribute(name=properties,value={cacheContainer=java:jboss/infinispan/container/keycloak})
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /profile=$clusteredProfile/subsystem=jgroups/stack=tcp/protocol=FRAG2:read-resource
|
||||
echo Upgrade jgroups protocol from FRAG2 to FRAG3 for tcp stack
|
||||
/profile=$clusteredProfile/subsystem=jgroups/stack=tcp/protocol=FRAG2:remove
|
||||
/profile=$clusteredProfile/subsystem=jgroups/stack=tcp/protocol=FRAG3:add()
|
||||
echo
|
||||
end-if
|
||||
if (outcome == success) of /profile=$clusteredProfile/subsystem=jgroups/stack=udp/protocol=FRAG2:read-resource
|
||||
echo Upgrade jgroups protocol from FRAG2 to FRAG3 for udp stack
|
||||
/profile=$clusteredProfile/subsystem=jgroups/stack=udp/protocol=FRAG2:remove
|
||||
/profile=$clusteredProfile/subsystem=jgroups/stack=udp/protocol=FRAG3:add()
|
||||
echo
|
||||
end-if
|
||||
if (outcome == success) of /profile=$clusteredProfile/subsystem=remoting/configuration=endpoint:read-resource
|
||||
echo Remove endpoint from remoting configuration
|
||||
/profile=$clusteredProfile/subsystem=remoting/configuration=endpoint:remove
|
||||
echo
|
||||
end-if
|
||||
if (outcome == success) of /profile=$clusteredProfile/socket-binding-group=$clusteredProfile-sockets/socket-binding=jgroups-mping:read-attribute(name=port)
|
||||
/profile=$clusteredProfile/socket-binding-group=$clusteredProfile-sockets/socket-binding=jgroups-mping:undefine-attribute(name=port)
|
||||
end-if
|
||||
if (outcome == success) of /socket-binding-group=$clusteredProfile-sockets/socket-binding=modcluster:read-attribute(name=port)
|
||||
/profile=$clusteredProfile/socket-binding-group=$clusteredProfile-sockets/socket-binding=modcluster:undefine-attribute(name=port)
|
||||
end-if
|
||||
|
||||
# Migrate from 4.5.0 to 4.6.0
|
||||
if (outcome == success) of /profile=$clusteredProfile/subsystem=elytron/http-authentication-factory=application-http-authentication/:read-resource
|
||||
echo Removing application-http-authentication from elytron subsystem
|
||||
/profile=$clusteredProfile/subsystem=elytron/http-authentication-factory=application-http-authentication:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == undefined) of /profile=$clusteredProfile/subsystem=transactions/:read-attribute(name=node-identifier,include-defaults=false)
|
||||
echo Setting node-identifier attribute of core-environment element in transactions subsystem
|
||||
/profile=$clusteredProfile/subsystem=transactions/:write-attribute(name=node-identifier,value=expression "${jboss.tx.node.id:1}")
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /profile=$clusteredProfile/subsystem=jgroups/stack=udp/transport=UDP/property=port_range:read-attribute(name=value)
|
||||
try
|
||||
/profile=$clusteredProfile/subsystem=jgroups/stack=udp/transport=UDP/property=port_range:remove
|
||||
echo Remove port_range property from UDP transport type of udp stack
|
||||
catch
|
||||
echo
|
||||
end-try
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /profile=$clusteredProfile/subsystem=jgroups/stack=tcp/transport=TCP/property=port_range:read-attribute(name=value)
|
||||
try
|
||||
/profile=$clusteredProfile/subsystem=jgroups/stack=tcp/transport=TCP/property=port_range:remove
|
||||
echo Remove port_range property from TCP transport type of tcp stack
|
||||
catch
|
||||
echo
|
||||
end-try
|
||||
end-if
|
||||
|
||||
# Migrate from 4.8.3 to 5.0.0
|
||||
if (outcome == failed) of /profile=$clusteredProfile/subsystem=logging/logger=io.jaegertracing.Configuration/:read-resource
|
||||
echo Adding io.jaegertracing.Configuration logger
|
||||
/profile=$clusteredProfile/subsystem=logging/logger=io.jaegertracing.Configuration/:add(category=io.jaegertracing.Configuration,level=WARN)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 5.0.0 to 6.0.0
|
||||
if (result == NON_XA) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=hibernate/local-cache=entity/component=transaction/:read-attribute(name=mode)
|
||||
echo Removing NON_XA transaction mode from infinispan/hibernate/entity
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=hibernate/local-cache=entity/component=transaction/:undefine-attribute(name=mode)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == false) of /profile=$clusteredProfile/subsystem=datasources/data-source=ExampleDS/:read-attribute(name=statistics-enabled)
|
||||
echo Adding statistics-enabled expression to ExampleDS datasource
|
||||
/profile=$clusteredProfile/subsystem=datasources/data-source=ExampleDS/:write-attribute(name=statistics-enabled,value=${wildfly.datasources.statistics-enabled:${wildfly.statistics-enabled:false}})
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == false) of /profile=$clusteredProfile/subsystem=datasources/data-source=KeycloakDS/:read-attribute(name=statistics-enabled)
|
||||
echo Adding statistics-enabled expression to KeycloakDS datasource
|
||||
/profile=$clusteredProfile/subsystem=datasources/data-source=KeycloakDS/:write-attribute(name=statistics-enabled,value=${wildfly.datasources.statistics-enabled:${wildfly.statistics-enabled:false}})
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == false) of /profile=$clusteredProfile/subsystem=ejb3/:read-attribute(name=statistics-enabled)
|
||||
echo Adding statistics-enabled expression to ejb3 subsystem
|
||||
/profile=$clusteredProfile/subsystem=ejb3/:write-attribute(name=statistics-enabled,value=${wildfly.ejb3.statistics-enabled:${wildfly.statistics-enabled:false}})
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == false) of /profile=$clusteredProfile/subsystem=transactions/:read-attribute(name=statistics-enabled)
|
||||
echo Adding statistics-enabled expression to transactions subsystem
|
||||
/profile=$clusteredProfile/subsystem=transactions/:write-attribute(name=statistics-enabled,value=${wildfly.transactions.statistics-enabled:${wildfly.statistics-enabled:false}})
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == false) of /profile=$clusteredProfile/subsystem=undertow/:read-attribute(name=statistics-enabled)
|
||||
echo Adding statistics-enabled expression to undertow subsystem
|
||||
/profile=$clusteredProfile/subsystem=undertow/:write-attribute(name=statistics-enabled,value=${wildfly.undertow.statistics-enabled:${wildfly.statistics-enabled:false}})
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == false) of /profile=$clusteredProfile/subsystem=webservices/:read-attribute(name=statistics-enabled)
|
||||
echo Adding statistics-enabled expression to webservices subsystem
|
||||
/profile=$clusteredProfile/subsystem=webservices/:write-attribute(name=statistics-enabled,value=${wildfly.webservices.statistics-enabled:${wildfly.statistics-enabled:false}})
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 6.0.1 to 7.0.0
|
||||
if (outcome == success) of /profile=$clusteredProfile/subsystem=ejb3/service=remote/channel-creation-options=READ_TIMEOUT/:read-resource
|
||||
echo Removing READ_TIMEOUT option from remote service from ejb3 subsystem
|
||||
/profile=$clusteredProfile/subsystem=ejb3/service=remote/channel-creation-options=READ_TIMEOUT/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=web/distributed-cache=routing:read-resource
|
||||
echo Adding distributed cache routing to web cache container to infinispan subsystem
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=web/distributed-cache=routing/:add
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=web/replicated-cache=sso:read-resource
|
||||
echo Adding replicated cache sso to web cache container to infinispan subsystem
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=web/replicated-cache=sso/:add
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=web/replicated-cache=sso/component=locking/:add(isolation=REPEATABLE_READ)
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=web/replicated-cache=sso/component=transaction/:add(mode=BATCH)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /socket-binding-group=ha-sockets/socket-binding=jgroups-tcp-fd/:read-resource
|
||||
echo Adding jgroups-tcp-fd socket binding to ha-sockets binding group
|
||||
/socket-binding-group=ha-sockets/socket-binding=jgroups-tcp-fd/:add(interface=private,port=57600)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /socket-binding-group=ha-sockets/socket-binding=jgroups-udp-fd/:read-resource
|
||||
echo Adding jgroups-udp-fd socket binding to ha-sockets binding group
|
||||
/socket-binding-group=ha-sockets/socket-binding=jgroups-udp-fd/:add(interface=private,port=54200)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == undefined) of /profile=$clusteredProfile/subsystem=jgroups/stack=tcp/protocol=FD_SOCK/:read-attribute(name=socket-binding)
|
||||
echo Adding socket-binding for FD_SOCK protocol for tcp stack in jgroups subsystem
|
||||
/profile=$clusteredProfile/subsystem=jgroups/stack=tcp/protocol=FD_SOCK/:write-attribute(name=socket-binding,value=jgroups-tcp-fd)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == undefined) of /profile=$clusteredProfile/subsystem=jgroups/stack=udp/protocol=FD_SOCK/:read-attribute(name=socket-binding)
|
||||
echo Adding socket-binding for FD_SOCK protocol for udp stack in jgroups subsystem
|
||||
/profile=$clusteredProfile/subsystem=jgroups/stack=udp/protocol=FD_SOCK/:write-attribute(name=socket-binding,value=jgroups-udp-fd)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == "true") of /subsystem=keycloak-server/spi=truststore/provider=file:map-get(name=properties, key=disabled)
|
||||
echo Disabling Truststore Provider
|
||||
/subsystem=keycloak-server/spi=truststore/provider=file:write-attribute(name=enabled, value=false)
|
||||
echo Removing deprecated option
|
||||
/subsystem=keycloak-server/spi=truststore/provider=file:map-remove(name=properties, key=disabled)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 7.0.0 to 8.0.0
|
||||
|
||||
if ((result.time == 100L) && (result.unit == MILLISECONDS)) of /profile=$clusteredProfile/subsystem=ejb3/thread-pool=default:read-attribute(name=keepalive-time)
|
||||
echo Changing thread pool keepalive of ejb3 subsystem
|
||||
/profile=$clusteredProfile/subsystem=ejb3/thread-pool=default:write-attribute(name=keepalive-time.time, value=60)
|
||||
/profile=$clusteredProfile/subsystem=ejb3/thread-pool=default:write-attribute(name=keepalive-time.unit,value=SECONDS)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$clusteredProfile/subsystem=keycloak-server/spi=hostname/provider=default/:read-resource
|
||||
echo Adding default hostname provider
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/spi=hostname/provider=default/:add(properties={frontendUrl => "${keycloak.frontendUrl:}",forceBackendUrlToFrontendUrl => "false"},enabled=true)
|
||||
end-if
|
||||
|
||||
if (result == request) of /profile=$clusteredProfile/subsystem=keycloak-server/spi=hostname/:read-attribute(name=default-provider)
|
||||
echo Switching from request to default hostname provider
|
||||
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/spi=hostname/:write-attribute(name=default-provider,value=default)
|
||||
end-if
|
||||
|
||||
if (result != fixed) of /profile=$clusteredProfile/subsystem=keycloak-server/spi=hostname/:read-attribute(name=default-provider)
|
||||
try
|
||||
/profile=$clusteredProfile/subsystem=keycloak-server/spi=hostname/provider=fixed:remove
|
||||
echo Removed config for unused fixed hostname provider
|
||||
catch
|
||||
end-try
|
||||
end-if
|
||||
|
||||
# Migrate from 10.0.2 to 11.0.0 (migration changes for infinispan update from 9.4.18.Final to 10.1.8.Final)
|
||||
|
||||
if (result != org.keycloak.keycloak-model-infinispan) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak:read-attribute(name=module)
|
||||
echo Setting class loader for keycloak cache-container in auth-server-clustered profile so JBoss Marshalling works properly with Infinispan 10.x
|
||||
/profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak:write-attribute(name=module,value=org.keycloak.keycloak-model-infinispan)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 12.0.0 to 13.0.0
|
||||
|
||||
## Add ability to make use of automatically generated self-signed certificate with Elytron,
|
||||
## introduced by WFCORE-5095 in Wildfly Core 14.0.0.Final
|
||||
|
||||
if (outcome == failed) of /profile=$clusteredProfile/subsystem=elytron/key-store=applicationKS:read-resource
|
||||
echo Adding key store for the feature of auto-generation of self-signed certificate to Elytron subsystem...
|
||||
/profile=$clusteredProfile/subsystem=elytron/key-store=applicationKS:add(credential-reference={clear-text=password},type=JKS)
|
||||
/profile=$clusteredProfile/subsystem=elytron/key-store=applicationKS:write-attribute(name=path,value=application.keystore)
|
||||
/profile=$clusteredProfile/subsystem=elytron/key-store=applicationKS:write-attribute(name=relative-to,value=jboss.domain.config.dir)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$clusteredProfile/subsystem=elytron/key-manager=applicationKM:read-resource
|
||||
echo Adding key manager for the feature of auto-generation of self-signed certificate to Elytron subsystem...
|
||||
/profile=$clusteredProfile/subsystem=elytron/key-manager=applicationKM:add(key-store=applicationKS, credential-reference={clear-text=password})
|
||||
/profile=$clusteredProfile/subsystem=elytron/key-manager=applicationKM:write-attribute(name=generate-self-signed-certificate-host,value=localhost)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$clusteredProfile/subsystem=elytron/server-ssl-context=applicationSSC:read-resource
|
||||
echo Adding SSL context for the feature of auto-generation of self-signed certificate to Elytron subsystem...
|
||||
/profile=$clusteredProfile/subsystem=elytron/server-ssl-context=applicationSSC:add(key-manager=applicationKM)
|
||||
echo
|
||||
end-if
|
||||
|
||||
## Convert type of 'hung-task-termination-period' attribute for 'managed-executor-service' from INT to LONG
|
||||
if (result == 0) of /profile=$clusteredProfile/subsystem=ee/managed-executor-service=default:read-attribute(name=hung-task-termination-period)
|
||||
echo Setting period for automatic termination of hung tasks for managed executor service to default value (0 miliseconds)
|
||||
/profile=$clusteredProfile/subsystem=ee/managed-executor-service=default:write-attribute(name=hung-task-termination-period,value=0L)
|
||||
echo
|
||||
end-if
|
||||
|
||||
## Convert type of 'hung-task-termination-period' attribute for 'managed-scheduled-executor-service' from INT to LONG
|
||||
if (result == 0) of /profile=$clusteredProfile/subsystem=ee/managed-scheduled-executor-service=default:read-attribute(name=hung-task-termination-period)
|
||||
echo Setting period for automatic termination of hung tasks for managed scheduled executor service to default value (0 miliseconds)
|
||||
/profile=$clusteredProfile/subsystem=ee/managed-scheduled-executor-service=default:write-attribute(name=hung-task-termination-period,value=0L)
|
||||
echo
|
||||
end-if
|
||||
|
||||
## Set value of JPA default-datasource from empty string to 'undefined'
|
||||
if (outcome == success) && (result == "") of /profile=$clusteredProfile/subsystem=jpa:read-attribute(name=default-datasource)
|
||||
echo Setting value of to default-datasource attribute in JPA subsystem to 'undefined'
|
||||
/profile=$clusteredProfile/subsystem=jpa:undefine-attribute(name=default-datasource)
|
||||
echo
|
||||
end-if
|
||||
|
||||
echo *** End Migration of /profile=$clusteredProfile ***
|
|
@ -0,0 +1,654 @@
|
|||
embed-host-controller --domain-config=domain.xml
|
||||
|
||||
# Early versions of keycloak used "default" for the standalone profile name.
|
||||
# Yours maybe be something completely different.
|
||||
set standaloneProfile=auth-server-standalone
|
||||
|
||||
# keycloak-server.json is not normally on this path.
|
||||
set pathToJson=../domain/configuration/keycloak-server.json
|
||||
|
||||
|
||||
echo *** Begin Migration of /profile=$standaloneProfile ***
|
||||
echo
|
||||
|
||||
# Migrate from 1.8.1 to 1.9.1
|
||||
if (outcome == failed) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=work/:read-resource
|
||||
echo Adding local-cache=work to keycloak cache container...
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=work/:add(indexing=NONE,start=LAZY)
|
||||
echo
|
||||
end-if
|
||||
# realmVersions cache deprecated in 2.1.0
|
||||
#if (outcome == failed) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=realmVersions/:read-resource
|
||||
# echo Adding local-cache=realmVersions to keycloak cache container...
|
||||
# /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=realmVersions/:add(indexing=NONE,start=LAZY)
|
||||
# /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=realmVersions/component=transaction/:write-attribute(name=mode,value=BATCH)
|
||||
# echo
|
||||
#end-if
|
||||
|
||||
|
||||
# Migrate from 1.9.1 to 1.9.2
|
||||
if (result == NONE) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=users/component=eviction/:read-attribute(name=strategy)
|
||||
echo Adding eviction strategy to keycloak users cache container...
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=users/component=eviction/:write-attribute(name=strategy,value=LRU)
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=users/component=eviction/:write-attribute(name=max-entries,value=10000)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 1.9.2 to 1.9.8
|
||||
# NO CHANGES
|
||||
|
||||
# Migrate from 1.9.8 to 2.0.0
|
||||
if (outcome == failed) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/:read-resource
|
||||
echo Adding local-cache=authorization to keycloak cache container...
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/:add(indexing=NONE,start=LAZY)
|
||||
echo
|
||||
end-if
|
||||
if (result == undefined) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/component=eviction/:read-attribute(name=strategy,include-defaults=false)
|
||||
echo Updating authorization cache container..
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/component=eviction/:write-attribute(name=strategy,value=LRU)
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/component=eviction/:write-attribute(name=max-entries,value=100)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 2.0.0 to 2.1.0
|
||||
if (outcome == success) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=realmVersions/:read-resource
|
||||
echo Removing deprecated cache 'realmVersions'
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=realmVersions/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate kecloak-server.json (deprecated in 2.2.0)
|
||||
if (result == []) of /profile=$standaloneProfile/subsystem=keycloak-server/:read-children-names(child-type=spi)
|
||||
echo Migrating keycloak-server.json to keycloak-server subsystem...
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/:migrate-json(file=$pathToJson)
|
||||
echo
|
||||
end-if
|
||||
if (result == [expression "classpath:${jboss.server.config.dir}/providers/*"]) of /profile=$standaloneProfile/subsystem=keycloak-server/:read-attribute(name=providers)
|
||||
echo Updating provider to default value
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/:write-attribute(name=providers,value=[classpath:${jboss.home.dir}/providers/*])
|
||||
echo
|
||||
end-if
|
||||
if (result == keycloak) of /profile=$standaloneProfile/subsystem=keycloak-server/theme=defaults:read-attribute(name=default)
|
||||
echo Undefining default theme...
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/theme=defaults:undefine-attribute(name=default)
|
||||
echo
|
||||
end-if
|
||||
if (result == expression "${jboss.server.config.dir}/themes") of /profile=$standaloneProfile/subsystem=keycloak-server/theme=defaults:read-attribute(name=dir)
|
||||
echo Updating theme dir to default value
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/theme=defaults/:write-attribute(name=dir,value=${jboss.home.dir}/themes)
|
||||
echo
|
||||
end-if
|
||||
|
||||
set persistenceProvider=jpa
|
||||
|
||||
# Migrate from 2.1.0 to 2.2.0
|
||||
if (result == update) of /profile=$standaloneProfile/subsystem=keycloak-server/spi=connectionsJpa/provider=default/:map-get(name=properties,key=databaseSchema)
|
||||
echo Updating connectionsJpa default properties...
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/spi=connectionsJpa/provider=default/:map-remove(name=properties,key=databaseSchema)
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/spi=connectionsJpa/provider=default/:map-put(name=properties,key=initializeEmpty,value=true)
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/spi=connectionsJpa/provider=default/:map-put(name=properties,key=migrationStrategy,value=update)
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/spi=connectionsJpa/provider=default/:map-put(name=properties,key=migrationExport,value=${jboss.home.dir}/keycloak-database-update.sql)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == failed) of /profile=$standaloneProfile/subsystem=keycloak-server/spi=userFederatedStorage/:read-resource
|
||||
echo Adding spi=userFederatedStorage...
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/spi=userFederatedStorage/:add(default-provider=$persistenceProvider)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == failed) of /profile=$standaloneProfile/subsystem=keycloak-server/spi=jta-lookup/:read-resource
|
||||
echo Adding spi=jta-lookup...
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/spi=jta-lookup/:add(default-provider=${keycloak.jta.lookup.provider:jboss})
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/spi=jta-lookup/provider=jboss/:add(enabled=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 2.2.0 to 2.2.1
|
||||
# NO CHANGES
|
||||
|
||||
# Migrate from 2.2.1 to 2.3.0
|
||||
if (outcome == failed) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=keys/:read-resource
|
||||
echo Adding local-cache=keys to keycloak cache container...
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=keys/:add(indexing=NONE,start=LAZY)
|
||||
echo
|
||||
end-if
|
||||
if (result == undefined) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=keys/component=eviction/:read-attribute(name=strategy,include-defaults=false)
|
||||
echo Updating eviction and expiration in local-cache=keys...
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=keys/component=eviction/:write-attribute(name=strategy,value=LRU)
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=keys/component=eviction/:write-attribute(name=max-entries,value=1000)
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=keys/component=expiration/:write-attribute(name=max-idle,value=3600000)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == failed) of /profile=$standaloneProfile/subsystem=keycloak-server/spi=publicKeyStorage/:read-resource
|
||||
echo Adding spi=publicKeyStorage...
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/spi=publicKeyStorage/:add
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/spi=publicKeyStorage/provider=infinispan/:add(properties={minTimeBetweenRequests => "10"},enabled=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 2.3.0 to 2.4.0
|
||||
# NO CHANGES
|
||||
|
||||
# Migrate from 2.4.0 to 2.5.0
|
||||
if (result == NONE) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=realms/component=eviction/:read-attribute(name=strategy)
|
||||
echo Adding eviction strategy to keycloak realms cache...
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=realms/component=eviction/:write-attribute(name=strategy,value=LRU)
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=realms/component=eviction/:write-attribute(name=max-entries,value=10000)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 2.5.0 to 2.5.1
|
||||
# NO CHANGES
|
||||
|
||||
# Migrate 2.5.1 to 2.5.4
|
||||
if (result != REPEATABLE_READ) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=ejb/local-cache=persistent/component=locking/:read-attribute(name=isolation)
|
||||
echo Changing ejb cache locking to REPEATABLE_READ
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=ejb/local-cache=persistent/component=locking/:write-attribute(name=isolation,value=REPEATABLE_READ)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=hibernate/local-cache=immutable-entity/:read-resource
|
||||
echo Removing Hibernate immutable-entity cache
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=hibernate/local-cache=immutable-entity/:remove
|
||||
end-if
|
||||
|
||||
|
||||
# Migrate from 2.5.4 to 3.0.0
|
||||
if (result == jpa) of /profile=$standaloneProfile/subsystem=keycloak-server/spi=eventsStore/:read-attribute(name=default-provider,include-defaults=false)
|
||||
echo Removing default provider for eventsStore
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/spi=eventsStore/:undefine-attribute(name=default-provider)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if ((outcome == success) && (result.default-provider == jpa) && (result.provider == undefined)) of /profile=$standaloneProfile/subsystem=keycloak-server/spi=realm/:read-resource(recursive=false,include-defaults=false)
|
||||
echo Removing declaration for user SPI
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/spi=realm/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if ((outcome == success) && (result.default-provider == jpa) && (result.provider == undefined)) of /profile=$standaloneProfile/subsystem=keycloak-server/spi=user/:read-resource(recursive=false,include-defaults=false)
|
||||
echo Removing declaration for user SPI
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/spi=user/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if ((outcome == success) && (result.default-provider == jpa) && (result.provider == undefined)) of /profile=$standaloneProfile/subsystem=keycloak-server/spi=userFederatedStorage/:read-resource(recursive=false,include-defaults=false)
|
||||
echo Removing declaration for userFederatedStorage SPI
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/spi=userFederatedStorage/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if ((outcome == success) && (result.default-provider == jpa) && (result.provider == undefined)) of /profile=$standaloneProfile/subsystem=keycloak-server/spi=authorizationPersister/:read-resource(recursive=false,include-defaults=false)
|
||||
echo Removing declaration for authorizationPersister SPI
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/spi=authorizationPersister/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$standaloneProfile/subsystem=keycloak-server/spi=userCache/:read-resource
|
||||
echo Adding userCache SPI
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/spi=userCache/:add
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/spi=userCache/provider=default/:add(enabled=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$standaloneProfile/subsystem=keycloak-server/spi=realmCache/:read-resource
|
||||
echo Adding realmCache SPI
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/spi=realmCache/:add
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/spi=realmCache/provider=default/:add(enabled=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if ((result.default-provider == undefined) && (result.provider.default.enabled == true)) of /profile=$standaloneProfile/subsystem=keycloak-server/spi=connectionsInfinispan/:read-resource(recursive=true,include-defaults=false)
|
||||
echo Adding 'default' as default provider for connectionsInfinispan
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/spi=connectionsInfinispan/:write-attribute(name=default-provider,value=default)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 3.0.0 to 3.1.0
|
||||
# NO CHANGES
|
||||
|
||||
# Migrate from 3.1.0 to 3.2.0
|
||||
if (outcome == failed) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=authenticationSessions/:read-resource
|
||||
echo Adding local-cache=authenticationSessions to keycloak cache container...
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=authenticationSessions/:add(indexing=NONE,start=LAZY)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/:read-resource
|
||||
echo Adding local-cache=actionTokens to keycloak cache container...
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/:add(indexing=NONE,start=LAZY)
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/component=eviction/:write-attribute(name=strategy,value=NONE)
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/component=eviction/:write-attribute(name=max-entries,value=-1)
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/component=expiration/:write-attribute(name=interval,value=300000)
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/component=expiration/:write-attribute(name=max-idle,value=-1)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == 100L) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/component=eviction/:read-attribute(name=max-entries)
|
||||
echo Updating eviction in local-cache=authorization...
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/component=eviction/:write-attribute(name=max-entries,value=10000)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 3.2.0 to 3.2.1
|
||||
# NO CHANGES
|
||||
|
||||
# Migrate from 3.2.1 to 3.3.0
|
||||
if (outcome == failed) of /profile=$standaloneProfile/subsystem=core-management/:read-resource
|
||||
try
|
||||
echo Trying to add core-management extension
|
||||
/extension=org.wildfly.extension.core-management/:add
|
||||
echo
|
||||
catch
|
||||
echo Wasn't able to add core-management extension, it should be already added by migrate-domain-standalone.cli
|
||||
echo
|
||||
end-try
|
||||
echo Adding subsystem core-management
|
||||
/profile=$standaloneProfile/subsystem=core-management/:add
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$standaloneProfile/subsystem=elytron/:read-resource
|
||||
try
|
||||
echo Trying to add elytron extension
|
||||
/extension=org.wildfly.extension.elytron/:add
|
||||
echo
|
||||
catch
|
||||
echo Wasn't able to add elytron extension, it should be already added by migrate-domain-standalone.cli
|
||||
echo
|
||||
end-try
|
||||
echo Adding subsystem elytron
|
||||
/profile=$standaloneProfile/subsystem=elytron/:add
|
||||
/profile=$standaloneProfile/subsystem=elytron/provider-loader=elytron/:add(module=org.wildfly.security.elytron)
|
||||
/profile=$standaloneProfile/subsystem=elytron/provider-loader=openssl/:add(module=org.wildfly.openssl)
|
||||
/profile=$standaloneProfile/subsystem=elytron/aggregate-providers=combined-providers/:add(providers=[elytron,openssl])
|
||||
/profile=$standaloneProfile/subsystem=elytron/file-audit-log=local-audit/:add(path=audit.log,relative-to=jboss.server.log.dir,format=JSON)
|
||||
/profile=$standaloneProfile/subsystem=elytron/identity-realm=local/:add(identity="$local")
|
||||
/profile=$standaloneProfile/subsystem=elytron/properties-realm=ApplicationRealm/:add(users-properties={path=application-users.properties,relative-to=jboss.domain.config.dir,digest-realm-name=ApplicationRealm},groups-properties={path=application-roles.properties,relative-to=jboss.domain.config.dir})
|
||||
/profile=$standaloneProfile/subsystem=elytron/simple-permission-mapper=default-permission-mapper/:add(mapping-mode=first,permission-mappings=[{principals=[anonymous],permissions=[{class-name=org.wildfly.extension.batch.jberet.deployment.BatchPermission,module=org.wildfly.extension.batch.jberet,target-name=*},{class-name=org.wildfly.transaction.client.RemoteTransactionPermission,module=org.wildfly.transaction.client},{class-name=org.jboss.ejb.client.RemoteEJBPermission,module=org.jboss.ejb-client}]},{match-all=true,permissions=[{class-name=org.wildfly.security.auth.permission.LoginPermission},{class-name=org.wildfly.extension.batch.jberet.deployment.BatchPermission,module=org.wildfly.extension.batch.jberet,target-name=*},{class-name=org.wildfly.transaction.client.RemoteTransactionPermission,module=org.wildfly.transaction.client},{class-name=org.jboss.ejb.client.RemoteEJBPermission,module=org.jboss.ejb-client}]}])
|
||||
/profile=$standaloneProfile/subsystem=elytron/constant-realm-mapper=local/:add(realm-name=local)
|
||||
/profile=$standaloneProfile/subsystem=elytron/simple-role-decoder=groups-to-roles/:add(attribute=groups)
|
||||
/profile=$standaloneProfile/subsystem=elytron/constant-role-mapper=super-user-mapper/:add(roles=[SuperUser])
|
||||
/profile=$standaloneProfile/subsystem=elytron/security-domain=ApplicationDomain/:add(default-realm=ApplicationRealm,permission-mapper=default-permission-mapper,realms=[{realm=ApplicationRealm,role-decoder=groups-to-roles},{realm=local}])
|
||||
/profile=$standaloneProfile/subsystem=elytron/provider-http-server-mechanism-factory=global/:add
|
||||
/profile=$standaloneProfile/subsystem=elytron/http-authentication-factory=application-http-authentication/:add(http-server-mechanism-factory=global,security-domain=ApplicationDomain,mechanism-configurations=[{mechanism-name=BASIC,mechanism-realm-configurations=[{realm-name=Application Realm}]},{mechanism-name=FORM}])
|
||||
/profile=$standaloneProfile/subsystem=elytron/provider-sasl-server-factory=global/:add
|
||||
/profile=$standaloneProfile/subsystem=elytron/mechanism-provider-filtering-sasl-server-factory=elytron/:add(sasl-server-factory=global,filters=[{provider-name=WildFlyElytron}])
|
||||
/profile=$standaloneProfile/subsystem=elytron/configurable-sasl-server-factory=configured/:add(sasl-server-factory=elytron,properties={wildfly.sasl.local-user.default-user => "$local"})
|
||||
/profile=$standaloneProfile/subsystem=elytron/sasl-authentication-factory=application-sasl-authentication/:add(sasl-server-factory=configured,security-domain=ApplicationDomain,mechanism-configurations=[{mechanism-name=JBOSS-LOCAL-USER,realm-mapper=local},{mechanism-name=DIGEST-MD5,mechanism-realm-configurations=[{realm-name=ApplicationRealm}]}])
|
||||
/profile=$standaloneProfile/subsystem=elytron/:write-attribute(name=final-providers,value=combined-providers)
|
||||
/profile=$standaloneProfile/subsystem=elytron/:write-attribute(name=disallowed-providers,value=[OracleUcrypto])
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$standaloneProfile/subsystem=ejb3/service=remote/channel-creation-options=READ_TIMEOUT/:read-resource
|
||||
echo Adding channel-creation-options READ_TIMEOUT to ejb3 remote
|
||||
/profile=$standaloneProfile/subsystem=ejb3/service=remote/channel-creation-options=READ_TIMEOUT/:add(value="${prop.remoting-connector.read.timeout:20}",type=xnio)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$standaloneProfile/subsystem=ejb3/service=remote/channel-creation-options=MAX_OUTBOUND_MESSAGES/:read-resource
|
||||
echo Adding channel-creation-options MAX_OUTBOUND_MESSAGES to ejb3 remote
|
||||
/profile=$standaloneProfile/subsystem=ejb3/service=remote/channel-creation-options=MAX_OUTBOUND_MESSAGES/:add(value=1234,type=remoting)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=web/local-cache=persistent:read-resource
|
||||
echo Removing local-cache persistent from web cache-container
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=web/local-cache=persistent:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=ejb/local-cache=persistent:read-resource
|
||||
echo Removing local-cache persistent from ejb cache-container
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=ejb/local-cache=persistent:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == local-query) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=hibernate/:read-attribute(name=default-cache)
|
||||
echo Removing default-cache from hibernate cache-container
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=hibernate/:undefine-attribute(name=default-cache)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$standaloneProfile/subsystem=undertow/server=default-server/host=default-host/setting=http-invoker/:read-resource
|
||||
echo Adding http-invoker to default-host
|
||||
/profile=$standaloneProfile/subsystem=undertow/server=default-server/host=default-host/setting=http-invoker/:add(security-realm=ApplicationRealm)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == false) of /profile=$standaloneProfile/subsystem=undertow/server=default-server/http-listener=default/:read-attribute(name=enable-http2)
|
||||
echo Enabling http2 for default http-listener
|
||||
/profile=$standaloneProfile/subsystem=undertow/server=default-server/http-listener=default/:write-attribute(name=enable-http2,value=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$standaloneProfile/subsystem=undertow/server=default-server/https-listener=https/:read-resource
|
||||
echo Adding https-listener
|
||||
/profile=$standaloneProfile/subsystem=undertow/server=default-server/https-listener=https/:add(socket-binding=https,security-realm=ApplicationRealm,enable-http2=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == 224.0.1.105) of /socket-binding-group=ha-sockets/socket-binding=modcluster/:read-attribute(name=multicast-address)
|
||||
echo Adding jboss.modcluster.multicast.address property to modcluster multicast-address
|
||||
/socket-binding-group=ha-sockets/socket-binding=modcluster/:write-attribute(name=multicast-address,value=${jboss.modcluster.multicast.address:224.0.1.105})
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 3.3.0 to 3.4.0
|
||||
if (outcome == success) of /profile=$standaloneProfile/subsystem=undertow/server=default-server/host=default-host/filter-ref=server-header/:read-resource
|
||||
echo Removing X-Powered-By and Server headers from Keycloak responses...
|
||||
/profile=$standaloneProfile/subsystem=undertow/server=default-server/host=default-host/filter-ref=server-header/:remove
|
||||
/profile=$standaloneProfile/subsystem=undertow/server=default-server/host=default-host/filter-ref=x-powered-by-header/:remove
|
||||
/profile=$standaloneProfile/subsystem=undertow/configuration=filter/response-header=x-powered-by-header/:remove
|
||||
/profile=$standaloneProfile/subsystem=undertow/configuration=filter/response-header=server-header/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /profile=$standaloneProfile/subsystem=jdr/:read-resource
|
||||
echo Removing jdr subsystem and extension
|
||||
/profile=$standaloneProfile/subsystem=jdr/:remove
|
||||
echo
|
||||
try
|
||||
echo Trying to remove jdr extension
|
||||
/extension=org.jboss.as.jdr/:remove
|
||||
echo
|
||||
catch
|
||||
echo Wasn't able to remove jdr extension, it should be removed by migrate-domain-standalone.cli
|
||||
echo
|
||||
end-try
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /profile=$standaloneProfile/subsystem=jsf/:read-resource
|
||||
echo Removing jsf subsystem and extension
|
||||
/profile=$standaloneProfile/subsystem=jsf/:remove
|
||||
echo
|
||||
try
|
||||
echo Trying to remove jsf extension
|
||||
/extension=org.jboss.as.jsf/:remove
|
||||
echo
|
||||
catch
|
||||
echo Wasn't able to remove jsf extension, Should be removed by migrate-domain-standalone.cli
|
||||
echo
|
||||
end-try
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=clientSessions/:read-resource
|
||||
echo Adding local-cache=clientSessions to keycloak cache container...
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=clientSessions/:add(indexing=NONE,start=LAZY)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=offlineClientSessions/:read-resource
|
||||
echo Adding local-cache=offlineClientSessions to keycloak cache container...
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=offlineClientSessions/:add(indexing=NONE,start=LAZY)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$standaloneProfile/subsystem=keycloak-server/spi=x509cert-lookup/:read-resource
|
||||
echo Adding spi=x509cert-lookup...
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/spi=x509cert-lookup/:add(default-provider=${keycloak.x509cert.lookup.provider:default})
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/spi=x509cert-lookup/provider=default/:add(enabled=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 4.2.0 to 4.3.0
|
||||
if (outcome == failed) of /profile=$standaloneProfile/subsystem=keycloak-server/spi=hostname/:read-resource
|
||||
echo Adding spi=hostname...
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/spi=hostname/:add(default-provider=request)
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/spi=hostname/provider=fixed/:add(properties={hostname => "localhost",httpPort => "-1",httpsPort => "-1"},enabled=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 4.3.0 to 4.4.0
|
||||
if (outcome == failed) of /profile=$standaloneProfile/subsystem=elytron/permission-set=login-permission/:read-resource
|
||||
echo Adding permission-set=login-permission to elytron
|
||||
/profile=$standaloneProfile/subsystem=elytron/permission-set=login-permission:add(permissions=[{class-name=org.wildfly.security.auth.permission.LoginPermission}])
|
||||
/profile=$standaloneProfile/subsystem=elytron/permission-set=default-permissions/:add(permissions=[{class-name=org.wildfly.extension.batch.jberet.deployment.BatchPermission,module=org.wildfly.extension.batch.jberet,target-name=*},{class-name=org.wildfly.transaction.client.RemoteTransactionPermission,module=org.wildfly.transaction.client},{class-name=org.jboss.ejb.client.RemoteEJBPermission,module=org.jboss.ejb-client}])
|
||||
/profile=$standaloneProfile/subsystem=elytron/simple-permission-mapper=default-permission-mapper/:undefine-attribute(name=permission-mappings)
|
||||
/profile=$standaloneProfile/subsystem=elytron/simple-permission-mapper=default-permission-mapper:write-attribute(name=permission-mappings,value=[{permission-sets=[{permission-set=login-permission},{permission-set=default-permissions}],match-all=true},{permission-sets=[{permission-set=default-permissions}],principals=[anonymous]}])
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == org.hibernate.infinispan) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=hibernate:read-attribute(name=module)
|
||||
echo Update hibernate cache module
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=hibernate:write-attribute(name=module, value=org.infinispan.hibernate-cache)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == success) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=hibernate/local-cache=entity/eviction=EVICTION:read-resource
|
||||
echo Removing eviction from hibernate entity cache and replacing with object-memory
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=hibernate/local-cache=entity/eviction=EVICTION:remove
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=hibernate/local-cache=entity/memory=object:add(size=10000)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == success) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=hibernate/local-cache=local-query/eviction=EVICTION:read-resource
|
||||
echo Removing eviction from hibernate local-query cache and replacing with object-memory
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=hibernate/local-cache=local-query/eviction=EVICTION:remove
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=hibernate/local-cache=local-query/memory=object:add(size=10000)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == success) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=realms/eviction=EVICTION:read-resource
|
||||
echo Removing eviction from keycloak realms cache and replacing with object-memory
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=realms/eviction=EVICTION:remove
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=realms/memory=object:add(size=10000)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == success) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=users/eviction=EVICTION:read-resource
|
||||
echo Removing eviction from keycloak users cache and replacing with object-memory
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=users/eviction=EVICTION:remove
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=users/memory=object:add(size=10000)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == success) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/eviction=EVICTION:read-resource
|
||||
echo Removing eviction from keycloak authorization cache and replacing with object-memory
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/eviction=EVICTION:remove
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/memory=object:add(size=10000)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == success) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=keys/eviction=EVICTION:read-resource
|
||||
echo Removing eviction from keycloak keys cache and replacing with object-memory
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=keys/eviction=EVICTION:remove
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=keys/memory=object:add(size=1000)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /profile=$standaloneProfile/subsystem=keycloak-server/spi=connectionsInfinispan/provider=default:read-resource
|
||||
echo Changing JNDI reference in connectionsInfinispan SPI
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/spi=connectionsInfinispan/provider=default:undefine-attribute(name=properties)
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/spi=connectionsInfinispan/provider=default:write-attribute(name=properties,value={cacheContainer=java:jboss/infinispan/container/keycloak})
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 4.5.0 to 4.6.0
|
||||
if (outcome == success) of /profile=$standaloneProfile/subsystem=elytron/http-authentication-factory=application-http-authentication/:read-resource
|
||||
echo Removing application-http-authentication from elytron subsystem
|
||||
/profile=$standaloneProfile/subsystem=elytron/http-authentication-factory=application-http-authentication:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == undefined) of /profile=$standaloneProfile/subsystem=transactions/:read-attribute(name=node-identifier,include-defaults=false)
|
||||
echo Setting node-identifier attribute of core-environment element in transactions subsystem
|
||||
/profile=$standaloneProfile/subsystem=transactions/:write-attribute(name=node-identifier,value=expression "${jboss.tx.node.id:1}")
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /profile=$standaloneProfile/subsystem=jgroups/stack=udp/transport=UDP/property=port_range:read-attribute(name=value)
|
||||
try
|
||||
/profile=$standaloneProfile/subsystem=jgroups/stack=udp/transport=UDP/property=port_range:remove
|
||||
echo Remove port_range property from UDP transport type of udp stack
|
||||
catch
|
||||
echo
|
||||
end-try
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /profile=$standaloneProfile/subsystem=jgroups/stack=tcp/transport=TCP/property=port_range:read-attribute(name=value)
|
||||
try
|
||||
/profile=$standaloneProfile/subsystem=jgroups/stack=tcp/transport=TCP/property=port_range:remove
|
||||
echo Remove port_range property from TCP transport type of tcp stack
|
||||
catch
|
||||
echo
|
||||
end-try
|
||||
end-if
|
||||
|
||||
# Migrate from 4.8.3 to 5.0.0
|
||||
if (outcome == failed) of /profile=$standaloneProfile/subsystem=logging/logger=io.jaegertracing.Configuration/:read-resource
|
||||
echo Adding io.jaegertracing.Configuration logger
|
||||
/profile=$standaloneProfile/subsystem=logging/logger=io.jaegertracing.Configuration/:add(category=io.jaegertracing.Configuration,level=WARN)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 5.0.0 to 6.0.0
|
||||
if (result == NON_XA) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=hibernate/local-cache=entity/component=transaction/:read-attribute(name=mode)
|
||||
echo Removing NON_XA transaction mode from infinispan/hibernate/entity
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=hibernate/local-cache=entity/component=transaction/:undefine-attribute(name=mode)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == false) of /profile=$standaloneProfile/subsystem=datasources/data-source=ExampleDS/:read-attribute(name=statistics-enabled)
|
||||
echo Adding statistics-enabled expression to ExampleDS datasource
|
||||
/profile=$standaloneProfile/subsystem=datasources/data-source=ExampleDS/:write-attribute(name=statistics-enabled,value=${wildfly.datasources.statistics-enabled:${wildfly.statistics-enabled:false}})
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == false) of /profile=$standaloneProfile/subsystem=datasources/data-source=KeycloakDS/:read-attribute(name=statistics-enabled)
|
||||
echo Adding statistics-enabled expression to KeycloakDS datasource
|
||||
/profile=$standaloneProfile/subsystem=datasources/data-source=KeycloakDS/:write-attribute(name=statistics-enabled,value=${wildfly.datasources.statistics-enabled:${wildfly.statistics-enabled:false}})
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == false) of /profile=$standaloneProfile/subsystem=ejb3/:read-attribute(name=statistics-enabled)
|
||||
echo Adding statistics-enabled expression to ejb3 subsystem
|
||||
/profile=$standaloneProfile/subsystem=ejb3/:write-attribute(name=statistics-enabled,value=${wildfly.ejb3.statistics-enabled:${wildfly.statistics-enabled:false}})
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == false) of /profile=$standaloneProfile/subsystem=transactions/:read-attribute(name=statistics-enabled)
|
||||
echo Adding statistics-enabled expression to transactions subsystem
|
||||
/profile=$standaloneProfile/subsystem=transactions/:write-attribute(name=statistics-enabled,value=${wildfly.transactions.statistics-enabled:${wildfly.statistics-enabled:false}})
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == false) of /profile=$standaloneProfile/subsystem=undertow/:read-attribute(name=statistics-enabled)
|
||||
echo Adding statistics-enabled expression to undertow subsystem
|
||||
/profile=$standaloneProfile/subsystem=undertow/:write-attribute(name=statistics-enabled,value=${wildfly.undertow.statistics-enabled:${wildfly.statistics-enabled:false}})
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == false) of /profile=$standaloneProfile/subsystem=webservices/:read-attribute(name=statistics-enabled)
|
||||
echo Adding statistics-enabled expression to webservices subsystem
|
||||
/profile=$standaloneProfile/subsystem=webservices/:write-attribute(name=statistics-enabled,value=${wildfly.webservices.statistics-enabled:${wildfly.statistics-enabled:false}})
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 6.0.1 to 7.0.0
|
||||
if (outcome == success) of /profile=$standaloneProfile/subsystem=ejb3/service=remote/channel-creation-options=READ_TIMEOUT/:read-resource
|
||||
echo Removing READ_TIMEOUT option from remote service from ejb3 subsystem
|
||||
/profile=$standaloneProfile/subsystem=ejb3/service=remote/channel-creation-options=READ_TIMEOUT/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=web/local-cache=routing:read-resource
|
||||
echo Adding local cache routing to web cache container to infinispan subsystem
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=web/local-cache=routing/:add
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=web/local-cache=sso:read-resource
|
||||
echo Adding local cache sso to web cache container to infinispan subsystem
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=web/local-cache=sso/:add
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=web/local-cache=sso/component=locking/:add(isolation=REPEATABLE_READ)
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=web/local-cache=sso/component=transaction/:add(mode=BATCH)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == "true") of /subsystem=keycloak-server/spi=truststore/provider=file:map-get(name=properties, key=disabled)
|
||||
echo Disabling Truststore Provider
|
||||
/subsystem=keycloak-server/spi=truststore/provider=file:write-attribute(name=enabled, value=false)
|
||||
echo Removing deprecated option
|
||||
/subsystem=keycloak-server/spi=truststore/provider=file:map-remove(name=properties, key=disabled)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 7.0.0 to 8.0.0
|
||||
|
||||
if ((result.time == 100L) && (result.unit == MILLISECONDS)) of /profile=$standaloneProfile/subsystem=ejb3/thread-pool=default:read-attribute(name=keepalive-time)
|
||||
echo Changing thread pool keepalive of ejb3 subsystem
|
||||
/profile=$standaloneProfile/subsystem=ejb3/thread-pool=default:write-attribute(name=keepalive-time.time, value=60)
|
||||
/profile=$standaloneProfile/subsystem=ejb3/thread-pool=default:write-attribute(name=keepalive-time.unit,value=SECONDS)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$standaloneProfile/subsystem=keycloak-server/spi=hostname/provider=default/:read-resource
|
||||
echo Adding default hostname provider
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/spi=hostname/provider=default/:add(properties={frontendUrl => "${keycloak.frontendUrl:}",forceBackendUrlToFrontendUrl => "false"},enabled=true)
|
||||
end-if
|
||||
|
||||
if (result == request) of /profile=$standaloneProfile/subsystem=keycloak-server/spi=hostname/:read-attribute(name=default-provider)
|
||||
echo Switching from request to default hostname provider
|
||||
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/spi=hostname/:write-attribute(name=default-provider,value=default)
|
||||
end-if
|
||||
|
||||
if (result != fixed) of /profile=$standaloneProfile/subsystem=keycloak-server/spi=hostname/:read-attribute(name=default-provider)
|
||||
try
|
||||
/profile=$standaloneProfile/subsystem=keycloak-server/spi=hostname/provider=fixed:remove
|
||||
echo Removed config for unused fixed hostname provider
|
||||
catch
|
||||
end-try
|
||||
end-if
|
||||
|
||||
# Migrate from 10.0.2 to 11.0.0 (migration changes for infinispan update from 9.4.18.Final to 10.1.8.Final)
|
||||
|
||||
if (result != org.keycloak.keycloak-model-infinispan) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak:read-attribute(name=module)
|
||||
echo Setting class loader for keycloak cache-container so JBoss Marshalling works properly with Infinispan 10.x
|
||||
/profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak:write-attribute(name=module,value=org.keycloak.keycloak-model-infinispan)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 12.0.0 to 13.0.0
|
||||
|
||||
## Add ability to make use of automatically generated self-signed certificate with Elytron,
|
||||
## introduced by WFCORE-5095 in Wildfly Core 14.0.0.Final
|
||||
|
||||
if (outcome == failed) of /profile=$standaloneProfile/subsystem=elytron/key-store=applicationKS:read-resource
|
||||
echo Adding key store for the feature of auto-generation of self-signed certificate to Elytron subsystem...
|
||||
/profile=$standaloneProfile/subsystem=elytron/key-store=applicationKS:add(credential-reference={clear-text=password},type=JKS)
|
||||
/profile=$standaloneProfile/subsystem=elytron/key-store=applicationKS:write-attribute(name=path,value=application.keystore)
|
||||
/profile=$standaloneProfile/subsystem=elytron/key-store=applicationKS:write-attribute(name=relative-to,value=jboss.domain.config.dir)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$standaloneProfile/subsystem=elytron/key-manager=applicationKM:read-resource
|
||||
echo Adding key manager for the feature of auto-generation of self-signed certificate to Elytron subsystem...
|
||||
/profile=$standaloneProfile/subsystem=elytron/key-manager=applicationKM:add(key-store=applicationKS, credential-reference={clear-text=password})
|
||||
/profile=$standaloneProfile/subsystem=elytron/key-manager=applicationKM:write-attribute(name=generate-self-signed-certificate-host,value=localhost)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /profile=$standaloneProfile/subsystem=elytron/server-ssl-context=applicationSSC:read-resource
|
||||
echo Adding SSL context for the feature of auto-generation of self-signed certificate to Elytron subsystem...
|
||||
/profile=$standaloneProfile/subsystem=elytron/server-ssl-context=applicationSSC:add(key-manager=applicationKM)
|
||||
echo
|
||||
end-if
|
||||
|
||||
## Convert type of 'hung-task-termination-period' attribute for 'managed-executor-service' from INT to LONG
|
||||
if (result == 0) of /profile=$standaloneProfile/subsystem=ee/managed-executor-service=default:read-attribute(name=hung-task-termination-period)
|
||||
echo Setting period for automatic termination of hung tasks for managed executor service to default value (0 miliseconds)
|
||||
/profile=$standaloneProfile/subsystem=ee/managed-executor-service=default:write-attribute(name=hung-task-termination-period,value=0L)
|
||||
echo
|
||||
end-if
|
||||
|
||||
## Convert type of 'hung-task-termination-period' attribute for 'managed-scheduled-executor-service' from INT to LONG
|
||||
if (result == 0) of /profile=$standaloneProfile/subsystem=ee/managed-scheduled-executor-service=default:read-attribute(name=hung-task-termination-period)
|
||||
echo Setting period for automatic termination of hung tasks for managed scheduled executor service to default value (0 miliseconds)
|
||||
/profile=$standaloneProfile/subsystem=ee/managed-scheduled-executor-service=default:write-attribute(name=hung-task-termination-period,value=0L)
|
||||
echo
|
||||
end-if
|
||||
|
||||
## Set value of JPA default-datasource from empty string to 'undefined'
|
||||
if (outcome == success) && (result == "") of /profile=$standaloneProfile/subsystem=jpa:read-attribute(name=default-datasource)
|
||||
echo Setting value of to default-datasource attribute in JPA subsystem to 'undefined'
|
||||
/profile=$standaloneProfile/subsystem=jpa:undefine-attribute(name=default-datasource)
|
||||
echo
|
||||
end-if
|
||||
|
||||
echo *** End Migration of /profile=$standaloneProfile ***
|
|
@ -0,0 +1,891 @@
|
|||
echo
|
||||
echo *** WARNING ***
|
||||
echo
|
||||
echo ** If the following embed-server command fails, manual intervention is needed.
|
||||
echo ** In such case, remove any <extension> and <subsystem> declarations referring
|
||||
echo ** to the removed smallrye modules from the standalone-ha.xml file and rerun this script.
|
||||
echo ** For details, see Migration Changes section in the Upgrading guide.
|
||||
echo ** We apologize for this inconvenience.
|
||||
echo
|
||||
|
||||
embed-server --server-config=standalone-ha.xml
|
||||
|
||||
echo *** Begin Migration ***
|
||||
echo
|
||||
|
||||
# Migrate from 1.8.1 to 1.9.1
|
||||
if (outcome == failed) of /subsystem=infinispan/cache-container=keycloak/replicated-cache=work/:read-resource
|
||||
echo Adding replicated-cache=work to keycloak cache container...
|
||||
/subsystem=infinispan/cache-container=keycloak/replicated-cache=work/:add(mode=SYNC)
|
||||
echo
|
||||
end-if
|
||||
# realmVersions cache deprecated in 2.1.0
|
||||
#if (outcome == failed) of /subsystem=infinispan/cache-container=keycloak/local-cache=realmVersions/:read-resource
|
||||
# echo Adding local-cache=realmVersions to keycloak cache container...
|
||||
# /subsystem=infinispan/cache-container=keycloak/local-cache=realmVersions/:add(indexing=NONE,start=LAZY)
|
||||
# /subsystem=infinispan/cache-container=keycloak/local-cache=realmVersions/component=transaction/:write-attribute(name=mode,value=BATCH)
|
||||
# echo
|
||||
#end-if
|
||||
|
||||
# Migrate from 1.9.1 to 1.9.2
|
||||
if (result == NONE) of /subsystem=infinispan/cache-container=keycloak/invalidation-cache=users/component=eviction/:read-attribute(name=strategy)
|
||||
echo Adding eviction strategy to keycloak users cache container...
|
||||
/subsystem=infinispan/cache-container=keycloak/invalidation-cache=users/component=eviction/:write-attribute(name=strategy,value=LRU)
|
||||
/subsystem=infinispan/cache-container=keycloak/invalidation-cache=users/component=eviction/:write-attribute(name=max-entries,value=10000)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 1.9.2 to 2.0.0
|
||||
# NO CHANGES
|
||||
|
||||
# Migrate from 2.0.0 to 2.1.0
|
||||
if (outcome == success) of /subsystem=infinispan/cache-container=keycloak/local-cache=realmVersions/:read-resource
|
||||
echo Removing deprecated cache 'realmVersions'
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=realmVersions/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate kecloak-server.json (deprecated in 2.2.0)
|
||||
if (result == []) of /subsystem=keycloak-server/:read-children-names(child-type=spi)
|
||||
echo Migrating keycloak-server.json to server cofig xml...
|
||||
/subsystem=keycloak-server/:migrate-json
|
||||
echo
|
||||
end-if
|
||||
|
||||
set persistenceProvider=jpa
|
||||
if (result == [expression "classpath:${jboss.server.config.dir}/providers/*"]) of /subsystem=keycloak-server/:read-attribute(name=providers)
|
||||
echo Updating provider to default value
|
||||
/subsystem=keycloak-server/:write-attribute(name=providers,value=[classpath:${jboss.home.dir}/providers/*])
|
||||
echo
|
||||
end-if
|
||||
if (result == keycloak) of /subsystem=keycloak-server/theme=defaults:read-attribute(name=default)
|
||||
echo Undefining default theme...
|
||||
/subsystem=keycloak-server/theme=defaults:undefine-attribute(name=default)
|
||||
echo
|
||||
end-if
|
||||
if (result == expression "${jboss.server.config.dir}/themes") of /subsystem=keycloak-server/theme=defaults:read-attribute(name=dir)
|
||||
echo Updating theme dir to default value
|
||||
/subsystem=keycloak-server/theme=defaults/:write-attribute(name=dir,value=${jboss.home.dir}/themes)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 2.1.0 to 2.2.0
|
||||
if (outcome == failed) of /extension=org.jboss.as.deployment-scanner/:read-resource
|
||||
echo Adding deployment-scanner extension...
|
||||
/extension=org.jboss.as.deployment-scanner/:add(module=org.jboss.as.deployment-scanner)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == failed) of /subsystem=deployment-scanner/:read-resource
|
||||
echo Adding deployment-scanner...
|
||||
/subsystem=deployment-scanner/:add
|
||||
echo
|
||||
end-if
|
||||
if (outcome == failed) of /subsystem=deployment-scanner/scanner=default/:read-resource
|
||||
echo Adding scanner=default
|
||||
/subsystem=deployment-scanner/scanner=default/:add(path=deployments,relative-to=jboss.server.base.dir,runtime-failure-causes-rollback=${jboss.deployment.scanner.rollback.on.failure:false},scan-interval=5000)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=infinispan/cache-container=keycloak/distributed-cache=authorization/:read-resource
|
||||
# In migration from 3.0.0 to 3.2.0 there is authorization distributed-cache replaced with local-cache
|
||||
try
|
||||
echo
|
||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=authorization/:add(mode=SYNC,owners=1)
|
||||
echo Added distributed-cache=authorization
|
||||
catch
|
||||
end-try
|
||||
end-if
|
||||
|
||||
if (result == update) of /subsystem=keycloak-server/spi=connectionsJpa/provider=default/:map-get(name=properties,key=databaseSchema)
|
||||
echo Updating connectionsJpa default properties...
|
||||
/subsystem=keycloak-server/spi=connectionsJpa/provider=default/:map-remove(name=properties,key=databaseSchema)
|
||||
/subsystem=keycloak-server/spi=connectionsJpa/provider=default/:map-put(name=properties,key=initializeEmpty,value=true)
|
||||
/subsystem=keycloak-server/spi=connectionsJpa/provider=default/:map-put(name=properties,key=migrationStrategy,value=update)
|
||||
/subsystem=keycloak-server/spi=connectionsJpa/provider=default/:map-put(name=properties,key=migrationExport,value=${jboss.home.dir}/keycloak-database-update.sql)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == failed) of /subsystem=keycloak-server/spi=userFederatedStorage/:read-resource
|
||||
echo Adding spi=userFederatedStorage...
|
||||
/subsystem=keycloak-server/spi=userFederatedStorage/:add(default-provider=$persistenceProvider)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == failed) of /subsystem=keycloak-server/spi=jta-lookup/:read-resource
|
||||
echo Adding spi=jta-lookup...
|
||||
/subsystem=keycloak-server/spi=jta-lookup/:add(default-provider=${keycloak.jta.lookup.provider:jboss})
|
||||
/subsystem=keycloak-server/spi=jta-lookup/provider=jboss/:add(enabled=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 2.2.0 to 2.2.1
|
||||
# NO CHANGES
|
||||
|
||||
# Migrate from 2.2.1 to 2.3.0
|
||||
if (outcome == failed) of /subsystem=infinispan/cache-container=keycloak/local-cache=keys/:read-resource
|
||||
echo Adding local-cache=keys to keycloak cache container...
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=keys/:add(indexing=NONE,start=LAZY)
|
||||
echo
|
||||
end-if
|
||||
if (result == undefined) of /subsystem=infinispan/cache-container=keycloak/local-cache=keys/component=eviction/:read-attribute(name=strategy,include-defaults=false)
|
||||
echo Updating eviction and expiration in local-cache=keys...
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=keys/component=eviction/:write-attribute(name=strategy,value=LRU)
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=keys/component=eviction/:write-attribute(name=max-entries,value=1000)
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=keys/component=expiration/:write-attribute(name=max-idle,value=3600000)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == failed) of /subsystem=keycloak-server/spi=publicKeyStorage/:read-resource
|
||||
echo Adding spi=publicKeyStorage...
|
||||
/subsystem=keycloak-server/spi=publicKeyStorage/:add
|
||||
/subsystem=keycloak-server/spi=publicKeyStorage/provider=infinispan/:add(properties={minTimeBetweenRequests => "10"},enabled=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 2.3.0 to 2.4.0
|
||||
if (outcome == success) of /subsystem=infinispan/cache-container=keycloak/invalidation-cache=users/:read-resource
|
||||
echo Replacing invalidation-cache=users with local-cache=users
|
||||
/subsystem=infinispan/cache-container=keycloak/invalidation-cache=users/:remove
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=users/:add
|
||||
echo
|
||||
end-if
|
||||
if (result == undefined) of /subsystem=infinispan/cache-container=keycloak/local-cache=users/component=eviction/:read-attribute(name=strategy,include-defaults=false)
|
||||
echo Updating eviction in local-cache=users
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=users/component=eviction/:write-attribute(name=strategy,value=LRU)
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=users/component=eviction/:write-attribute(name=max-entries,value=10000)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == success) of /subsystem=infinispan/cache-container=keycloak/invalidation-cache=realms/:read-resource
|
||||
echo Replacing invalidation-cache=realms with local-cache=realms
|
||||
/subsystem=infinispan/cache-container=keycloak/invalidation-cache=realms/:remove
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=realms/:add
|
||||
echo
|
||||
end-if
|
||||
|
||||
|
||||
# Migrate from 2.4.0 to 2.5.0
|
||||
if (result == NONE) of /subsystem=infinispan/cache-container=keycloak/local-cache=realms/component=eviction/:read-attribute(name=strategy)
|
||||
echo Adding eviction strategy to keycloak realms cache...
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=realms/component=eviction/:write-attribute(name=strategy,value=LRU)
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=realms/component=eviction/:write-attribute(name=max-entries,value=10000)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 2.5.0 to 2.5.1
|
||||
# NO CHANGES
|
||||
|
||||
# Migrate 2.5.1 to 2.5.4
|
||||
if (result != REPEATABLE_READ) of /subsystem=infinispan/cache-container=ejb/local-cache=persistent/component=locking/:read-attribute(name=isolation)
|
||||
echo Changing ejb cache locking to REPEATABLE_READ
|
||||
/subsystem=infinispan/cache-container=ejb/local-cache=persistent/component=locking/:write-attribute(name=isolation,value=REPEATABLE_READ)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /subsystem=infinispan/cache-container=hibernate/local-cache=immutable-entity/:read-resource
|
||||
echo Removing Hibernate immutable-entity cache
|
||||
/subsystem=infinispan/cache-container=hibernate/local-cache=immutable-entity/:remove
|
||||
end-if
|
||||
|
||||
|
||||
# Migrate from 2.5.4 to 3.0.0
|
||||
if (result == jpa) of /subsystem=keycloak-server/spi=eventsStore/:read-attribute(name=default-provider,include-defaults=false)
|
||||
echo Removing default provider for eventsStore
|
||||
/subsystem=keycloak-server/spi=eventsStore/:undefine-attribute(name=default-provider)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if ((outcome == success) && (result.default-provider == jpa) && (result.provider == undefined)) of /subsystem=keycloak-server/spi=realm/:read-resource(recursive=false,include-defaults=false)
|
||||
echo Removing declaration for user SPI
|
||||
/subsystem=keycloak-server/spi=realm/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if ((outcome == success) && (result.default-provider == jpa) && (result.provider == undefined)) of /subsystem=keycloak-server/spi=user/:read-resource(recursive=false,include-defaults=false)
|
||||
echo Removing declaration for user SPI
|
||||
/subsystem=keycloak-server/spi=user/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if ((outcome == success) && (result.default-provider == jpa) && (result.provider == undefined)) of /subsystem=keycloak-server/spi=userFederatedStorage/:read-resource(recursive=false,include-defaults=false)
|
||||
echo Removing declaration for userFederatedStorage SPI
|
||||
/subsystem=keycloak-server/spi=userFederatedStorage/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if ((outcome == success) && (result.default-provider == jpa) && (result.provider == undefined)) of /subsystem=keycloak-server/spi=authorizationPersister/:read-resource(recursive=false,include-defaults=false)
|
||||
echo Removing declaration for authorizationPersister SPI
|
||||
/subsystem=keycloak-server/spi=authorizationPersister/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=keycloak-server/spi=userCache/:read-resource
|
||||
echo Adding userCache SPI
|
||||
/subsystem=keycloak-server/spi=userCache/:add
|
||||
/subsystem=keycloak-server/spi=userCache/provider=default/:add(enabled=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=keycloak-server/spi=realmCache/:read-resource
|
||||
echo Adding realmCache SPI
|
||||
/subsystem=keycloak-server/spi=realmCache/:add
|
||||
/subsystem=keycloak-server/spi=realmCache/provider=default/:add(enabled=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if ((result.default-provider == undefined) && (result.provider.default.enabled == true)) of /subsystem=keycloak-server/spi=connectionsInfinispan/:read-resource(recursive=true,include-defaults=false)
|
||||
echo Adding 'default' as default provider for connectionsInfinispan
|
||||
/subsystem=keycloak-server/spi=connectionsInfinispan/:write-attribute(name=default-provider,value=default)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 3.0.0 to 3.2.0
|
||||
if (outcome == failed) of /subsystem=infinispan/cache-container=keycloak/distributed-cache=authenticationSessions/:read-resource
|
||||
echo Adding distributed-cache=authenticationSessions to keycloak cache container...
|
||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=authenticationSessions/:add(mode=SYNC,owners=1)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=infinispan/cache-container=keycloak/distributed-cache=actionTokens/:read-resource
|
||||
echo Adding distributed-cache=actionTokens to keycloak cache container...
|
||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=actionTokens/:add(indexing=NONE,mode=SYNC,owners=2)
|
||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=actionTokens/component=eviction/:write-attribute(name=strategy,value=NONE)
|
||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=actionTokens/component=eviction/:write-attribute(name=max-entries,value=-1)
|
||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=actionTokens/component=expiration/:write-attribute(name=interval,value=300000)
|
||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=actionTokens/component=expiration/:write-attribute(name=max-idle,value=-1)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /subsystem=infinispan/cache-container=keycloak/distributed-cache=authorization/:read-resource
|
||||
echo Replacing distributed-cache=authorization with local-cache=authorization
|
||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=authorization/:remove
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/:add
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/component=eviction/:write-attribute(name=strategy,value=LRU)
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/component=eviction/:write-attribute(name=max-entries,value=10000)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 3.2.0 to 3.2.1
|
||||
# NO CHANGES
|
||||
|
||||
# Migrate from 3.2.1 to 3.3.0
|
||||
if (outcome == failed) of /core-service=management/security-realm=ApplicationRealm/server-identity=ssl:read-resource
|
||||
echo Adding keystore to ApplicationRealm...
|
||||
/core-service=management/security-realm=ApplicationRealm/server-identity=ssl:add(keystore-path=application.keystore,keystore-relative-to=jboss.server.config.dir,keystore-password=password,alias=server,key-password=password,generate-self-signed-certificate-host=localhost)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /extension=org.wildfly.extension.elytron/:read-resource
|
||||
echo Adding elytron extension...
|
||||
/extension=org.wildfly.extension.elytron/:add(module=org.wildfly.extension.elytron)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=elytron/:read-resource
|
||||
echo Adding elytron subsystem
|
||||
/subsystem=elytron:add
|
||||
/subsystem=elytron/provider-loader=elytron/:add(module=org.wildfly.security.elytron)
|
||||
/subsystem=elytron/provider-loader=openssl/:add(module=org.wildfly.openssl)
|
||||
/subsystem=elytron/aggregate-providers=combined-providers/:add(providers=[elytron,openssl])
|
||||
/subsystem=elytron/file-audit-log=local-audit/:add(path=audit.log,relative-to=jboss.server.log.dir,format=JSON)
|
||||
/subsystem=elytron/identity-realm=local/:add(identity="$local")
|
||||
/subsystem=elytron/properties-realm=ApplicationRealm/:add(users-properties={path=application-users.properties,relative-to=jboss.server.config.dir,digest-realm-name=ApplicationRealm},groups-properties={path=application-roles.properties,relative-to=jboss.server.config.dir})
|
||||
/subsystem=elytron/properties-realm=ManagementRealm/:add(users-properties={path=mgmt-users.properties,relative-to=jboss.server.config.dir,digest-realm-name=ManagementRealm},groups-properties={path=mgmt-groups.properties,relative-to=jboss.server.config.dir})
|
||||
/subsystem=elytron/simple-permission-mapper=default-permission-mapper/:add(mapping-mode=first,permission-mappings=[{principals=[anonymous],permissions=[{class-name=org.wildfly.extension.batch.jberet.deployment.BatchPermission,module=org.wildfly.extension.batch.jberet,target-name=*},{class-name=org.wildfly.transaction.client.RemoteTransactionPermission,module=org.wildfly.transaction.client},{class-name=org.jboss.ejb.client.RemoteEJBPermission,module=org.jboss.ejb-client}]},{match-all=true,permissions=[{class-name=org.wildfly.security.auth.permission.LoginPermission},{class-name=org.wildfly.extension.batch.jberet.deployment.BatchPermission,module=org.wildfly.extension.batch.jberet,target-name=*},{class-name=org.wildfly.transaction.client.RemoteTransactionPermission,module=org.wildfly.transaction.client},{class-name=org.jboss.ejb.client.RemoteEJBPermission,module=org.jboss.ejb-client}]}])
|
||||
/subsystem=elytron/constant-realm-mapper=local/:add(realm-name=local)
|
||||
/subsystem=elytron/simple-role-decoder=groups-to-roles/:add(attribute=groups)
|
||||
/subsystem=elytron/constant-role-mapper=super-user-mapper/:add(roles=[SuperUser])
|
||||
/subsystem=elytron/security-domain=ApplicationDomain/:add(default-realm=ApplicationRealm,permission-mapper=default-permission-mapper,realms=[{realm=ApplicationRealm,role-decoder=groups-to-roles},{realm=local}])
|
||||
/subsystem=elytron/security-domain=ManagementDomain/:add(default-realm=ManagementRealm,permission-mapper=default-permission-mapper,realms=[{realm=ManagementRealm,role-decoder=groups-to-roles},{realm=local,role-mapper=super-user-mapper}])
|
||||
/subsystem=elytron/provider-http-server-mechanism-factory=global/:add
|
||||
/subsystem=elytron/http-authentication-factory=management-http-authentication/:add(http-server-mechanism-factory=global,security-domain=ManagementDomain,mechanism-configurations=[{mechanism-name=DIGEST,mechanism-realm-configurations=[{realm-name=ManagementRealm}]}])
|
||||
/subsystem=elytron/http-authentication-factory=application-http-authentication/:add(http-server-mechanism-factory=global,security-domain=ApplicationDomain,mechanism-configurations=[{mechanism-name=BASIC,mechanism-realm-configurations=[{realm-name=Application Realm}]},{mechanism-name=FORM}])
|
||||
/subsystem=elytron/provider-sasl-server-factory=global/:add
|
||||
/subsystem=elytron/mechanism-provider-filtering-sasl-server-factory=elytron/:add(sasl-server-factory=global,filters=[{provider-name=WildFlyElytron}])
|
||||
/subsystem=elytron/configurable-sasl-server-factory=configured/:add(sasl-server-factory=elytron,properties={wildfly.sasl.local-user.default-user => "$local"})
|
||||
/subsystem=elytron/sasl-authentication-factory=management-sasl-authentication/:add(sasl-server-factory=configured,security-domain=ManagementDomain,mechanism-configurations=[{mechanism-name=JBOSS-LOCAL-USER,realm-mapper=local},{mechanism-name=DIGEST-MD5,mechanism-realm-configurations=[{realm-name=ManagementRealm}]}])
|
||||
/subsystem=elytron/sasl-authentication-factory=application-sasl-authentication/:add(sasl-server-factory=configured,security-domain=ApplicationDomain,mechanism-configurations=[{mechanism-name=JBOSS-LOCAL-USER,realm-mapper=local},{mechanism-name=DIGEST-MD5,mechanism-realm-configurations=[{realm-name=ApplicationRealm}]}])
|
||||
/subsystem=elytron/:write-attribute(name=final-providers,value=combined-providers)
|
||||
/subsystem=elytron/:write-attribute(name=disallowed-providers,value=[OracleUcrypto])
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=ejb3/service=remote/channel-creation-options=READ_TIMEOUT/:read-resource
|
||||
echo Adding channel-creation-options READ_TIMEOUT to ejb3 remote
|
||||
/subsystem=ejb3/service=remote/channel-creation-options=READ_TIMEOUT/:add(value="${prop.remoting-connector.read.timeout:20}",type=xnio)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=ejb3/service=remote/channel-creation-options=MAX_OUTBOUND_MESSAGES/:read-resource
|
||||
echo Adding channel-creation-options MAX_OUTBOUND_MESSAGES to ejb3 remote
|
||||
/subsystem=ejb3/service=remote/channel-creation-options=MAX_OUTBOUND_MESSAGES/:add(value=1234,type=remoting)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == ASYNC) of /subsystem=infinispan/cache-container=web/distributed-cache=dist:read-attribute(name=mode)
|
||||
echo Setting SYNC mode for web cache-container
|
||||
/subsystem=infinispan/cache-container=web/distributed-cache=dist:write-attribute(name=mode,value=SYNC)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == ASYNC) of /subsystem=infinispan/cache-container=ejb/distributed-cache=dist:read-attribute(name=mode)
|
||||
echo Setting SYNC mode for ejb cache-container
|
||||
/subsystem=infinispan/cache-container=ejb/distributed-cache=dist:write-attribute(name=mode,value=SYNC)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == undefined) of /subsystem=jgroups/channel=ee/:read-attribute(name=cluster)
|
||||
echo Setting cluster attribute to ejb in jgroups subsystem
|
||||
/subsystem=jgroups/channel=ee/:write-attribute(name=cluster,value=ejb)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result != undefined) of /subsystem=jgroups/stack=udp/protocol=FD_SOCK/:read-attribute(name=socket-binding)
|
||||
echo Unsetting socket-binding from udp FD_SOCK protocol
|
||||
# it has to be done via remove and add, because socket-binding is not writable attribute
|
||||
/subsystem=jgroups/stack=udp/protocol=FD_SOCK/:remove
|
||||
/subsystem=jgroups/stack=udp/protocol=FD_SOCK/:add
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /subsystem=jgroups/stack=tcp/protocol=FD/:read-resource
|
||||
echo Replacing tcp FD protocol with FD_ALL
|
||||
/subsystem=jgroups/stack=tcp/protocol=FD/:remove
|
||||
/subsystem=jgroups/stack=tcp/protocol=FD_ALL/:add
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result != undefined) of /subsystem=jgroups/stack=tcp/protocol=FD_SOCK/:read-attribute(name=socket-binding)
|
||||
echo Unsetting socket-binding from tcp FD_SOCK protocol
|
||||
# it has to be done via remove and add, because socket-binding is not writable attribute
|
||||
/subsystem=jgroups/stack=tcp/protocol=FD_SOCK/:remove
|
||||
/subsystem=jgroups/stack=tcp/protocol=FD_SOCK/:add
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=undertow/server=default-server/host=default-host/setting=http-invoker/:read-resource
|
||||
echo Adding http-invoker to default-host
|
||||
/subsystem=undertow/server=default-server/host=default-host/setting=http-invoker/:add(security-realm=ApplicationRealm)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == false) of /subsystem=undertow/server=default-server/http-listener=default/:read-attribute(name=enable-http2)
|
||||
echo Enabling http2 for default http-listener
|
||||
/subsystem=undertow/server=default-server/http-listener=default/:write-attribute(name=enable-http2,value=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=undertow/server=default-server/https-listener=https/:read-resource
|
||||
echo Adding https-listener
|
||||
/subsystem=undertow/server=default-server/https-listener=https/:add(socket-binding=https,security-realm=ApplicationRealm,enable-http2=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /socket-binding-group=standard-sockets/socket-binding=jgroups-tcp-fd/:read-resource
|
||||
echo Removing socket-binding jgroups-tcp-fd
|
||||
/socket-binding-group=standard-sockets/socket-binding=jgroups-tcp-fd/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /socket-binding-group=standard-sockets/socket-binding=jgroups-udp-fd/:read-resource
|
||||
echo Removing socket-binding jgroups-udp-fd
|
||||
/socket-binding-group=standard-sockets/socket-binding=jgroups-udp-fd/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == 224.0.1.105) of /socket-binding-group=standard-sockets/socket-binding=modcluster/:read-attribute(name=multicast-address)
|
||||
echo Adding jboss.modcluster.multicast.address property to modcluster multicast-address
|
||||
/socket-binding-group=standard-sockets/socket-binding=modcluster/:write-attribute(name=multicast-address,value=${jboss.modcluster.multicast.address:224.0.1.105})
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 3.3.0 to 3.4.0
|
||||
if (outcome == success) of /subsystem=undertow/server=default-server/host=default-host/filter-ref=server-header/:read-resource
|
||||
echo Removing X-Powered-By and Server headers from Keycloak responses...
|
||||
/subsystem=undertow/server=default-server/host=default-host/filter-ref=server-header/:remove
|
||||
/subsystem=undertow/server=default-server/host=default-host/filter-ref=x-powered-by-header/:remove
|
||||
/subsystem=undertow/configuration=filter/response-header=x-powered-by-header/:remove
|
||||
/subsystem=undertow/configuration=filter/response-header=server-header/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /subsystem=jdr/:read-resource
|
||||
echo Removing jdr subsystem and extension
|
||||
/subsystem=jdr/:remove
|
||||
/extension=org.jboss.as.jdr/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /subsystem=jsf/:read-resource
|
||||
echo Removing jsf subsystem and extension
|
||||
/subsystem=jsf/:remove
|
||||
/extension=org.jboss.as.jsf/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=infinispan/cache-container=keycloak/distributed-cache=clientSessions/:read-resource
|
||||
echo Adding distributed-cache=clientSessions to keycloak cache container...
|
||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=clientSessions/:add(mode=SYNC,owners=1)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=infinispan/cache-container=keycloak/distributed-cache=offlineClientSessions/:read-resource
|
||||
echo Adding distributed-cache=offlineClientSessions to keycloak cache container...
|
||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=offlineClientSessions/:add(mode=SYNC,owners=1)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=keycloak-server/spi=x509cert-lookup/:read-resource
|
||||
echo Adding spi=x509cert-lookup...
|
||||
/subsystem=keycloak-server/spi=x509cert-lookup/:add(default-provider=${keycloak.x509cert.lookup.provider:default})
|
||||
/subsystem=keycloak-server/spi=x509cert-lookup/provider=default/:add(enabled=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 4.2.0 to 4.3.0
|
||||
if (outcome == failed) of /subsystem=keycloak-server/spi=hostname/:read-resource
|
||||
echo Adding spi=hostname...
|
||||
/subsystem=keycloak-server/spi=hostname/:add(default-provider=request)
|
||||
/subsystem=keycloak-server/spi=hostname/provider=fixed/:add(properties={hostname => "localhost",httpPort => "-1",httpsPort => "-1"},enabled=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 4.3.0 to 4.4.0
|
||||
if (outcome == failed) of /subsystem=elytron/permission-set=login-permission/:read-resource
|
||||
echo Adding permission-set=login-permission to elytron
|
||||
/subsystem=elytron/permission-set=login-permission:add(permissions=[{class-name=org.wildfly.security.auth.permission.LoginPermission}])
|
||||
/subsystem=elytron/permission-set=default-permissions/:add(permissions=[{class-name=org.wildfly.extension.batch.jberet.deployment.BatchPermission,module=org.wildfly.extension.batch.jberet,target-name=*},{class-name=org.wildfly.transaction.client.RemoteTransactionPermission,module=org.wildfly.transaction.client},{class-name=org.jboss.ejb.client.RemoteEJBPermission,module=org.jboss.ejb-client}])
|
||||
/subsystem=elytron/simple-permission-mapper=default-permission-mapper/:undefine-attribute(name=permission-mappings)
|
||||
/subsystem=elytron/simple-permission-mapper=default-permission-mapper:write-attribute(name=permission-mappings,value=[{permission-sets=[{permission-set=login-permission},{permission-set=default-permissions}],match-all=true},{permission-sets=[{permission-set=default-permissions}],principals=[anonymous]}])
|
||||
echo
|
||||
end-if
|
||||
|
||||
|
||||
if (result == org.hibernate.infinispan) of /subsystem=infinispan/cache-container=hibernate:read-attribute(name=module)
|
||||
echo Update hibernate cache module
|
||||
/subsystem=infinispan/cache-container=hibernate:write-attribute(name=module, value=org.infinispan.hibernate-cache)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == success) of /subsystem=infinispan/cache-container=hibernate:read-attribute(name=default-cache)
|
||||
echo Remove default cache from hibernate cache
|
||||
/subsystem=infinispan/cache-container=hibernate:undefine-attribute(name=default-cache)
|
||||
echo
|
||||
end-if
|
||||
if (result == ASYNC) of /subsystem=infinispan/cache-container=hibernate/replicated-cache=timestamps:read-attribute(name=mode)
|
||||
echo Switching mode for timestamps cache from ASYNC to SYNC
|
||||
/subsystem=infinispan/cache-container=hibernate/replicated-cache=timestamps:write-attribute(name=mode, value=SYNC)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /subsystem=infinispan/cache-container=hibernate/local-cache=entity/eviction=EVICTION:read-resource
|
||||
echo Removing eviction from hibernate entity cache and replacing with object-memory
|
||||
/subsystem=infinispan/cache-container=hibernate/local-cache=entity/eviction=EVICTION:remove
|
||||
/subsystem=infinispan/cache-container=hibernate/local-cache=entity/memory=object:add(size=10000)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == success) of /subsystem=infinispan/cache-container=hibernate/distributed-cache=local-query/eviction=EVICTION:read-resource
|
||||
echo Removing eviction from hibernate local-query cache and replacing with object-memory
|
||||
/subsystem=infinispan/cache-container=hibernate/local-cache=local-query/eviction=EVICTION:remove
|
||||
/subsystem=infinispan/cache-container=hibernate/local-cache=local-query/memory=object:add(size=10000)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /subsystem=infinispan/cache-container=keycloak/local-cache=realms/eviction=EVICTION:read-resource
|
||||
echo Removing eviction from keycloak realms cache and replacing with object-memory
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=realms/eviction=EVICTION:remove
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=realms/memory=object:add(size=10000)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == success) of /subsystem=infinispan/cache-container=keycloak/local-cache=users/eviction=EVICTION:read-resource
|
||||
echo Removing eviction from keycloak users cache and replacing with object-memory
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=users/eviction=EVICTION:remove
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=users/memory=object:add(size=10000)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == success) of /subsystem=infinispan/cache-container=keycloak/local-cache=authorization/eviction=EVICTION:read-resource
|
||||
echo Removing eviction from keycloak authorization cache and replacing with object-memory
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/eviction=EVICTION:remove
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/memory=object:add(size=10000)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == success) of /subsystem=infinispan/cache-container=keycloak/local-cache=keys/eviction=EVICTION:read-resource
|
||||
echo Removing eviction from keycloak keys cache and replacing with object-memory
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=keys/eviction=EVICTION:remove
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=keys/memory=object:add(size=1000)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /subsystem=jgroups/stack=tcp/protocol=FRAG2:read-resource
|
||||
echo Upgrade jgroups protocol from FRAG2 to FRAG3 for tcp stack
|
||||
/subsystem=jgroups/stack=tcp/protocol=FRAG2:remove
|
||||
/subsystem=jgroups/stack=tcp/protocol=FRAG3:add()
|
||||
echo
|
||||
end-if
|
||||
if (outcome == success) of /subsystem=jgroups/stack=udp/protocol=FRAG2:read-resource
|
||||
echo Upgrade jgroups protocol from FRAG2 to FRAG3 for udp stack
|
||||
/subsystem=jgroups/stack=udp/protocol=FRAG2:remove
|
||||
/subsystem=jgroups/stack=udp/protocol=FRAG3:add()
|
||||
echo
|
||||
end-if
|
||||
if (outcome == success) of /subsystem=remoting/configuration=endpoint:read-resource
|
||||
echo Remove endpoint from remoting configuration
|
||||
/subsystem=remoting/configuration=endpoint:remove
|
||||
echo
|
||||
end-if
|
||||
if (outcome == success) of /socket-binding-group=standard-sockets/socket-binding=jgroups-mping:read-attribute(name=port)
|
||||
/socket-binding-group=standard-sockets/socket-binding=jgroups-mping:undefine-attribute(name=port)
|
||||
end-if
|
||||
if (outcome == success) of /socket-binding-group=standard-sockets/socket-binding=modcluster:read-attribute(name=port)
|
||||
/socket-binding-group=standard-sockets/socket-binding=modcluster:undefine-attribute(name=port)
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /subsystem=keycloak-server/spi=connectionsInfinispan/provider=default:read-resource
|
||||
echo Changing JNDI reference in connectionsInfinispan SPI
|
||||
/subsystem=keycloak-server/spi=connectionsInfinispan/provider=default:undefine-attribute(name=properties)
|
||||
/subsystem=keycloak-server/spi=connectionsInfinispan/provider=default:write-attribute(name=properties,value={cacheContainer=java:jboss/infinispan/container/keycloak})
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 4.4.0 to 4.5.0
|
||||
if (outcome == failed) of /subsystem=core-management/:read-resource
|
||||
echo Adding core-management extension
|
||||
/extension=org.wildfly.extension.core-management/:add
|
||||
echo Adding subsystem core-management
|
||||
/subsystem=core-management/:add
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 4.5.0 to 4.6.0
|
||||
if (outcome == success) of /subsystem=elytron/http-authentication-factory=application-http-authentication/:read-resource
|
||||
echo Removing application-http-authentication from elytron subsystem
|
||||
/subsystem=elytron/http-authentication-factory=application-http-authentication:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == undefined) of /subsystem=transactions/:read-attribute(name=node-identifier,include-defaults=false)
|
||||
echo Setting node-identifier attribute of core-environment element in transactions subsystem
|
||||
/subsystem=transactions/:write-attribute(name=node-identifier,value=expression "${jboss.tx.node.id:1}")
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /subsystem=jgroups/stack=udp/transport=UDP/property=port_range:read-attribute(name=value)
|
||||
try
|
||||
/subsystem=jgroups/stack=udp/transport=UDP/property=port_range:remove
|
||||
echo Remove port_range property from UDP transport type of udp stack
|
||||
catch
|
||||
echo
|
||||
end-try
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /subsystem=jgroups/stack=tcp/transport=TCP/property=port_range:read-attribute(name=value)
|
||||
try
|
||||
/subsystem=jgroups/stack=tcp/transport=TCP/property=port_range:remove
|
||||
echo Remove port_range property from TCP transport type of tcp stack
|
||||
catch
|
||||
echo
|
||||
end-try
|
||||
end-if
|
||||
|
||||
# Migrate from 4.8.3 to 5.0.0
|
||||
if (outcome == failed) of /subsystem=logging/logger=io.jaegertracing.Configuration/:read-resource
|
||||
echo Adding io.jaegertracing.Configuration logger
|
||||
/subsystem=logging/logger=io.jaegertracing.Configuration/:add(category=io.jaegertracing.Configuration,level=WARN)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 5.0.0 to 6.0.0
|
||||
if (result == NON_XA) of /subsystem=infinispan/cache-container=hibernate/local-cache=entity/component=transaction/:read-attribute(name=mode)
|
||||
echo Removing NON_XA transaction mode from infinispan/hibernate/entity
|
||||
/subsystem=infinispan/cache-container=hibernate/local-cache=entity/component=transaction/:undefine-attribute(name=mode)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == false) of /subsystem=datasources/data-source=ExampleDS/:read-attribute(name=statistics-enabled)
|
||||
echo Adding statistics-enabled expression to ExampleDS datasource
|
||||
/subsystem=datasources/data-source=ExampleDS/:write-attribute(name=statistics-enabled,value=${wildfly.datasources.statistics-enabled:${wildfly.statistics-enabled:false}})
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == false) of /subsystem=datasources/data-source=KeycloakDS/:read-attribute(name=statistics-enabled)
|
||||
echo Adding statistics-enabled expression to KeycloakDS datasource
|
||||
/subsystem=datasources/data-source=KeycloakDS/:write-attribute(name=statistics-enabled,value=${wildfly.datasources.statistics-enabled:${wildfly.statistics-enabled:false}})
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == false) of /subsystem=ejb3/:read-attribute(name=statistics-enabled)
|
||||
echo Adding statistics-enabled expression to ejb3 subsystem
|
||||
/subsystem=ejb3/:write-attribute(name=statistics-enabled,value=${wildfly.ejb3.statistics-enabled:${wildfly.statistics-enabled:false}})
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == false) of /subsystem=transactions/:read-attribute(name=statistics-enabled)
|
||||
echo Adding statistics-enabled expression to transactions subsystem
|
||||
/subsystem=transactions/:write-attribute(name=statistics-enabled,value=${wildfly.transactions.statistics-enabled:${wildfly.statistics-enabled:false}})
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == false) of /subsystem=undertow/:read-attribute(name=statistics-enabled)
|
||||
echo Adding statistics-enabled expression to undertow subsystem
|
||||
/subsystem=undertow/:write-attribute(name=statistics-enabled,value=${wildfly.undertow.statistics-enabled:${wildfly.statistics-enabled:false}})
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == false) of /subsystem=webservices/:read-attribute(name=statistics-enabled)
|
||||
echo Adding statistics-enabled expression to webservices subsystem
|
||||
/subsystem=webservices/:write-attribute(name=statistics-enabled,value=${wildfly.webservices.statistics-enabled:${wildfly.statistics-enabled:false}})
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /extension=org.jboss.as.weld/:read-resource
|
||||
echo Adding weld extension
|
||||
/extension=org.jboss.as.weld/:add
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=weld/:read-resource
|
||||
echo Adding weld subsystem
|
||||
/subsystem=weld/:add
|
||||
echo
|
||||
end-if
|
||||
|
||||
## KEYCLOAK-16723 / KEYCLOAK-16907:
|
||||
##
|
||||
## Loading of MicroProfile SmallRye config, health, and metrics extensions & subsystems got removed
|
||||
## as part of upgrading to Wildfly 22. See [WFLY-14203], [WFLY-14151], and [WFLY-14108] for details
|
||||
|
||||
# Migrate from 6.0.1 to 7.0.0
|
||||
if (outcome == success) of /subsystem=ejb3/service=remote/channel-creation-options=READ_TIMEOUT/:read-resource
|
||||
echo Removing READ_TIMEOUT option from remote service from ejb3 subsystem
|
||||
/subsystem=ejb3/service=remote/channel-creation-options=READ_TIMEOUT/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=infinispan/cache-container=web/distributed-cache=routing:read-resource
|
||||
echo Adding distributed cache routing to web cache container to infinispan subsystem
|
||||
/subsystem=infinispan/cache-container=web/distributed-cache=routing/:add
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=infinispan/cache-container=web/replicated-cache=sso:read-resource
|
||||
echo Adding replicated cache sso to web cache container to infinispan subsystem
|
||||
/subsystem=infinispan/cache-container=web/replicated-cache=sso/:add
|
||||
/subsystem=infinispan/cache-container=web/replicated-cache=sso/component=locking/:add(isolation=REPEATABLE_READ)
|
||||
/subsystem=infinispan/cache-container=web/replicated-cache=sso/component=transaction/:add(mode=BATCH)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /socket-binding-group=standard-sockets/socket-binding=jgroups-tcp-fd/:read-resource
|
||||
echo Adding jgroups-tcp-fd socket binding to socket binding group
|
||||
/socket-binding-group=standard-sockets/socket-binding=jgroups-tcp-fd/:add(interface=private,port=57600)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /socket-binding-group=standard-sockets/socket-binding=jgroups-udp-fd/:read-resource
|
||||
echo Adding jgroups-udp-fd socket binding to socket binding group
|
||||
/socket-binding-group=standard-sockets/socket-binding=jgroups-udp-fd/:add(interface=private,port=54200)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == undefined) of /subsystem=jgroups/stack=tcp/protocol=FD_SOCK/:read-attribute(name=socket-binding)
|
||||
echo Adding socket-binding for FD_SOCK protocol for tcp stack in jgroups subsystem
|
||||
/subsystem=jgroups/stack=tcp/protocol=FD_SOCK/:write-attribute(name=socket-binding,value=jgroups-tcp-fd)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == undefined) of /subsystem=jgroups/stack=udp/protocol=FD_SOCK/:read-attribute(name=socket-binding)
|
||||
echo Adding socket-binding for FD_SOCK protocol for udp stack in jgroups subsystem
|
||||
/subsystem=jgroups/stack=udp/protocol=FD_SOCK/:write-attribute(name=socket-binding,value=jgroups-udp-fd)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == "true") of /subsystem=keycloak-server/spi=truststore/provider=file:map-get(name=properties, key=disabled)
|
||||
echo Disabling Truststore Provider
|
||||
/subsystem=keycloak-server/spi=truststore/provider=file:write-attribute(name=enabled, value=false)
|
||||
echo Removing deprecated option
|
||||
/subsystem=keycloak-server/spi=truststore/provider=file:map-remove(name=properties, key=disabled)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 7.0.0 to 8.0.0
|
||||
|
||||
if ((result.time == 100L) && (result.unit == MILLISECONDS)) of /subsystem=ejb3/thread-pool=default:read-attribute(name=keepalive-time)
|
||||
echo Changing thread pool keepalive of ejb3 subsystem
|
||||
/subsystem=ejb3/thread-pool=default:write-attribute(name=keepalive-time.time, value=60)
|
||||
/subsystem=ejb3/thread-pool=default:write-attribute(name=keepalive-time.unit,value=SECONDS)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == UP) of /subsystem=microprofile-health-smallrye:read-attribute(name=empty-liveness-checks-status)
|
||||
echo Adding empty-liveness-checks-status attribute to microprofile-health-smallrye subsystem
|
||||
/subsystem=microprofile-health-smallrye:write-attribute(name=empty-liveness-checks-status, value=${env.MP_HEALTH_EMPTY_LIVENESS_CHECKS_STATUS:UP})
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == UP) of /subsystem=microprofile-health-smallrye:read-attribute(name=empty-readiness-checks-status)
|
||||
echo Adding empty-readiness-checks-status attribute to microprofile-health-smallrye subsystem
|
||||
/subsystem=microprofile-health-smallrye:write-attribute(name=empty-readiness-checks-status, value=${env.MP_HEALTH_EMPTY_READINESS_CHECKS_STATUS:UP})
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=keycloak-server/spi=hostname/provider=default/:read-resource
|
||||
echo Adding default hostname provider
|
||||
/subsystem=keycloak-server/spi=hostname/provider=default/:add(properties={frontendUrl => "${keycloak.frontendUrl:}",forceBackendUrlToFrontendUrl => "false"},enabled=true)
|
||||
end-if
|
||||
|
||||
if (result == request) of /subsystem=keycloak-server/spi=hostname/:read-attribute(name=default-provider)
|
||||
echo Switching from request to default hostname provider
|
||||
|
||||
/subsystem=keycloak-server/spi=hostname/:write-attribute(name=default-provider,value=default)
|
||||
end-if
|
||||
|
||||
if (result != fixed) of /subsystem=keycloak-server/spi=hostname/:read-attribute(name=default-provider)
|
||||
try
|
||||
/subsystem=keycloak-server/spi=hostname/provider=fixed:remove
|
||||
echo Removed config for unused fixed hostname provider
|
||||
catch
|
||||
end-try
|
||||
end-if
|
||||
|
||||
# Migrate from 10.0.2 to 11.0.0 (migration changes for infinispan update from 9.4.18.Final to 10.1.8.Final)
|
||||
|
||||
if (result != org.keycloak.keycloak-model-infinispan) of /subsystem=infinispan/cache-container=keycloak:read-attribute(name=module)
|
||||
echo Setting class loader for keycloak cache-container so JBoss Marshalling works properly with Infinispan 10.x
|
||||
/subsystem=infinispan/cache-container=keycloak:write-attribute(name=module,value=org.keycloak.keycloak-model-infinispan)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 11.0.0 to 12.0.0
|
||||
|
||||
if (result != expression "${jboss.mail.server.host:localhost}") of /socket-binding-group=standard-sockets/remote-destination-outbound-socket-binding=mail-smtp:read-attribute(name=host)
|
||||
echo Adding host expression to the SMTP configuration of a remote destination outbound socket binding in the mail subsystem
|
||||
/socket-binding-group=standard-sockets/remote-destination-outbound-socket-binding=mail-smtp:write-attribute(name=host, value=expression "${jboss.mail.server.host:localhost}")
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result != expression "${jboss.mail.server.port:25}") of /socket-binding-group=standard-sockets/remote-destination-outbound-socket-binding=mail-smtp:read-attribute(name=port)
|
||||
echo Adding port expression to the SMTP configuration of a remote destination outbound socket binding in the mail subsystem
|
||||
/socket-binding-group=standard-sockets/remote-destination-outbound-socket-binding=mail-smtp:write-attribute(name=port, value=expression "${jboss.mail.server.port:25}")
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 12.0.0 to 13.0.0
|
||||
|
||||
## KEYCLOAK-16723 / KEYCLOAK-16907:
|
||||
##
|
||||
## Based on [WFLY-14203], [WFLY-14151], and [WFLY-14108] remove MicroProfile SmallRye config, health, and metrics if present
|
||||
|
||||
if (outcome == success) of /subsystem=microprofile-config-smallrye/:read-resource
|
||||
echo Removing microprofile-config-smallrye subsystem...
|
||||
/subsystem=microprofile-config-smallrye/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /extension=org.wildfly.extension.microprofile.config-smallrye/:read-resource
|
||||
echo Removing microprofile.config-smallrye extension...
|
||||
/extension=org.wildfly.extension.microprofile.config-smallrye/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /subsystem=microprofile-health-smallrye/:read-resource
|
||||
echo Removing microprofile-health-smallrye subsystem...
|
||||
/subsystem=microprofile-health-smallrye/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /extension=org.wildfly.extension.microprofile.health-smallrye/:read-resource
|
||||
echo Removing microprofile.health-smallrye extension...
|
||||
/extension=org.wildfly.extension.microprofile.health-smallrye/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /subsystem=microprofile-metrics-smallrye/:read-resource
|
||||
echo Removing microprofile-metrics-smallrye subsystem...
|
||||
/subsystem=microprofile-metrics-smallrye/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /extension=org.wildfly.extension.microprofile.metrics-smallrye/:read-resource
|
||||
echo Removing microprofile.metrics-smallrye extension...
|
||||
/extension=org.wildfly.extension.microprofile.metrics-smallrye/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
## Yet based on [WFLY-14203], [WFLY-14151], and [WFLY-14108] load
|
||||
## org.wildfly.extension.health/org.wildfly.extension.metrics extensions & subsystems instead
|
||||
|
||||
if (outcome == failed) of /extension=org.wildfly.extension.health:read-resource
|
||||
echo Adding WildFly extension for health...
|
||||
/extension=org.wildfly.extension.health:add(module=org.wildfly.extension.health)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=health:read-resource
|
||||
echo Adding Wildfly subsystem for health...
|
||||
/subsystem=health:add(security-enabled=false)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /extension=org.wildfly.extension.metrics:read-resource
|
||||
echo Adding Wildfly extension for base metrics...
|
||||
/extension=org.wildfly.extension.metrics:add(module=org.wildfly.extension.metrics)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=metrics:read-resource
|
||||
echo Adding Wildfly subsystem for base metrics...
|
||||
/subsystem=metrics:add(exposed-subsystems=[*],security-enabled=false)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == "Keycloak") of :read-attribute(name=product-name)
|
||||
echo Adding base metrics subsystem prefix to Keycloak...
|
||||
/subsystem=metrics:write-attribute(name=prefix,value=${wildfly.metrics.prefix:wildfly})
|
||||
echo
|
||||
else
|
||||
echo Adding base metrics subsystem prefix to RH-SSO...
|
||||
/subsystem=metrics:write-attribute(name=prefix,value=${wildfly.metrics.prefix:jboss})
|
||||
echo
|
||||
end-if
|
||||
|
||||
## Add ability to make use of automatically generated self-signed certificate with Elytron,
|
||||
## introduced by WFCORE-5095 in Wildfly Core 14.0.0.Final
|
||||
|
||||
if (outcome == failed) of /subsystem=elytron/key-store=applicationKS:read-resource
|
||||
echo Adding key store for the feature of auto-generation of self-signed certificate to Elytron subsystem...
|
||||
/subsystem=elytron/key-store=applicationKS:add(credential-reference={clear-text=password},type=JKS)
|
||||
/subsystem=elytron/key-store=applicationKS:write-attribute(name=path,value=application.keystore)
|
||||
/subsystem=elytron/key-store=applicationKS:write-attribute(name=relative-to,value=jboss.server.config.dir)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=elytron/key-manager=applicationKM:read-resource
|
||||
echo Adding key manager for the feature of auto-generation of self-signed certificate to Elytron subsystem...
|
||||
/subsystem=elytron/key-manager=applicationKM:add(key-store=applicationKS, credential-reference={clear-text=password})
|
||||
/subsystem=elytron/key-manager=applicationKM:write-attribute(name=generate-self-signed-certificate-host,value=localhost)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=elytron/server-ssl-context=applicationSSC:read-resource
|
||||
echo Adding SSL context for the feature of auto-generation of self-signed certificate to Elytron subsystem...
|
||||
/subsystem=elytron/server-ssl-context=applicationSSC:add(key-manager=applicationKM)
|
||||
echo
|
||||
end-if
|
||||
|
||||
## Convert type of 'hung-task-termination-period' attribute for 'managed-executor-service' from INT to LONG
|
||||
if (result == 0) of /subsystem=ee/managed-executor-service=default:read-attribute(name=hung-task-termination-period)
|
||||
echo Setting period for automatic termination of hung tasks for managed executor service to default value (0 miliseconds)
|
||||
/subsystem=ee/managed-executor-service=default:write-attribute(name=hung-task-termination-period,value=0L)
|
||||
echo
|
||||
end-if
|
||||
|
||||
## Convert type of 'hung-task-termination-period' attribute for 'managed-scheduled-executor-service' from INT to LONG
|
||||
if (result == 0) of /subsystem=ee/managed-scheduled-executor-service=default:read-attribute(name=hung-task-termination-period)
|
||||
echo Setting period for automatic termination of hung tasks for managed scheduled executor service to default value (0 miliseconds)
|
||||
/subsystem=ee/managed-scheduled-executor-service=default:write-attribute(name=hung-task-termination-period,value=0L)
|
||||
echo
|
||||
end-if
|
||||
|
||||
## Set value of JPA default-datasource from empty string to 'undefined'
|
||||
if (outcome == success) && (result == "") of /subsystem=jpa:read-attribute(name=default-datasource)
|
||||
echo Setting value of to default-datasource attribute in JPA subsystem to 'undefined'
|
||||
/subsystem=jpa:undefine-attribute(name=default-datasource)
|
||||
echo
|
||||
end-if
|
||||
|
||||
echo *** End Migration ***
|
|
@ -0,0 +1,744 @@
|
|||
echo
|
||||
echo *** WARNING ***
|
||||
echo
|
||||
echo ** If the following embed-server command fails, manual intervention is needed.
|
||||
echo ** In such case, remove any <extension> and <subsystem> declarations referring
|
||||
echo ** to the removed smallrye modules from the standalone.xml file and rerun this script.
|
||||
echo ** For details, see Migration Changes section in the Upgrading guide.
|
||||
echo ** We apologize for this inconvenience.
|
||||
echo
|
||||
|
||||
embed-server --server-config=standalone.xml
|
||||
|
||||
echo *** Begin Migration ***
|
||||
echo
|
||||
|
||||
# Migrate from 1.8.1 to 1.9.1
|
||||
if (outcome == failed) of /subsystem=infinispan/cache-container=keycloak/local-cache=work/:read-resource
|
||||
echo Adding local-cache=work to keycloak cache container...
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=work/:add(indexing=NONE,start=LAZY)
|
||||
echo
|
||||
end-if
|
||||
# realmVersions cache deprecated in 2.1.0
|
||||
#if (outcome == failed) of /subsystem=infinispan/cache-container=keycloak/local-cache=realmVersions/:read-resource
|
||||
# echo Adding local-cache=realmVersions to keycloak cache container...
|
||||
# /subsystem=infinispan/cache-container=keycloak/local-cache=realmVersions/:add(indexing=NONE,start=LAZY)
|
||||
# /subsystem=infinispan/cache-container=keycloak/local-cache=realmVersions/component=transaction/:write-attribute(name=mode,value=BATCH)
|
||||
# echo
|
||||
#end-if
|
||||
|
||||
|
||||
# Migrate from 1.9.1 to 1.9.2
|
||||
if (result == NONE) of /subsystem=infinispan/cache-container=keycloak/local-cache=users/component=eviction/:read-attribute(name=strategy)
|
||||
echo Adding eviction strategy to keycloak users cache container...
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=users/component=eviction/:write-attribute(name=strategy,value=LRU)
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=users/component=eviction/:write-attribute(name=max-entries,value=10000)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 1.9.2 to 1.9.8
|
||||
# NO CHANGES
|
||||
|
||||
# Migrate from 1.9.8 to 2.0.0
|
||||
if (outcome == failed) of /subsystem=infinispan/cache-container=keycloak/local-cache=authorization/:read-resource
|
||||
echo Adding local-cache=authorization to keycloak cache container...
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/:add(indexing=NONE,start=LAZY)
|
||||
echo
|
||||
end-if
|
||||
if (result == undefined) of /subsystem=infinispan/cache-container=keycloak/local-cache=authorization/component=eviction/:read-attribute(name=strategy,include-defaults=false)
|
||||
echo Updating authorization cache container..
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/component=eviction/:write-attribute(name=strategy,value=LRU)
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/component=eviction/:write-attribute(name=max-entries,value=100)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 2.0.0 to 2.1.0
|
||||
if (outcome == success) of /subsystem=infinispan/cache-container=keycloak/local-cache=realmVersions/:read-resource
|
||||
echo Removing deprecated cache 'realmVersions'
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=realmVersions/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate kecloak-server.json (deprecated in 2.2.0)
|
||||
if (result == []) of /subsystem=keycloak-server/:read-children-names(child-type=spi)
|
||||
echo Migrating keycloak-server.json to server cofig xml...
|
||||
/subsystem=keycloak-server/:migrate-json
|
||||
echo
|
||||
end-if
|
||||
if (result == [expression "classpath:${jboss.server.config.dir}/providers/*"]) of /subsystem=keycloak-server/:read-attribute(name=providers)
|
||||
echo Updating provider to default value
|
||||
/subsystem=keycloak-server/:write-attribute(name=providers,value=[classpath:${jboss.home.dir}/providers/*])
|
||||
echo
|
||||
end-if
|
||||
if (result == keycloak) of /subsystem=keycloak-server/theme=defaults:read-attribute(name=default)
|
||||
echo Undefining default theme...
|
||||
/subsystem=keycloak-server/theme=defaults:undefine-attribute(name=default)
|
||||
echo
|
||||
end-if
|
||||
if (result == expression "${jboss.server.config.dir}/themes") of /subsystem=keycloak-server/theme=defaults:read-attribute(name=dir)
|
||||
echo Updating theme dir to default value
|
||||
/subsystem=keycloak-server/theme=defaults/:write-attribute(name=dir,value=${jboss.home.dir}/themes)
|
||||
echo
|
||||
end-if
|
||||
|
||||
set persistenceProvider=jpa
|
||||
|
||||
# Migrate from 2.1.0 to 2.2.0
|
||||
if (outcome == failed) of /extension=org.jboss.as.deployment-scanner/:read-resource
|
||||
echo Adding deployment-scanner extension...
|
||||
/extension=org.jboss.as.deployment-scanner/:add(module=org.jboss.as.deployment-scanner)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == failed) of /subsystem=deployment-scanner/:read-resource
|
||||
echo Adding deployment-scanner...
|
||||
/subsystem=deployment-scanner/:add
|
||||
echo
|
||||
end-if
|
||||
if (outcome == failed) of /subsystem=deployment-scanner/scanner=default/:read-resource
|
||||
echo Adding scanner=default
|
||||
/subsystem=deployment-scanner/scanner=default/:add(path=deployments,relative-to=jboss.server.base.dir,runtime-failure-causes-rollback=${jboss.deployment.scanner.rollback.on.failure:false},scan-interval=5000)
|
||||
echo
|
||||
end-if
|
||||
if (result == update) of /subsystem=keycloak-server/spi=connectionsJpa/provider=default/:map-get(name=properties,key=databaseSchema)
|
||||
echo Updating connectionsJpa default properties...
|
||||
/subsystem=keycloak-server/spi=connectionsJpa/provider=default/:map-remove(name=properties,key=databaseSchema)
|
||||
/subsystem=keycloak-server/spi=connectionsJpa/provider=default/:map-put(name=properties,key=initializeEmpty,value=true)
|
||||
/subsystem=keycloak-server/spi=connectionsJpa/provider=default/:map-put(name=properties,key=migrationStrategy,value=update)
|
||||
/subsystem=keycloak-server/spi=connectionsJpa/provider=default/:map-put(name=properties,key=migrationExport,value=${jboss.home.dir}/keycloak-database-update.sql)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == failed) of /subsystem=keycloak-server/spi=userFederatedStorage/:read-resource
|
||||
echo Adding spi=userFederatedStorage...
|
||||
/subsystem=keycloak-server/spi=userFederatedStorage/:add(default-provider=$persistenceProvider)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == failed) of /subsystem=keycloak-server/spi=jta-lookup/:read-resource
|
||||
echo Adding spi=jta-lookup...
|
||||
/subsystem=keycloak-server/spi=jta-lookup/:add(default-provider=${keycloak.jta.lookup.provider:jboss})
|
||||
/subsystem=keycloak-server/spi=jta-lookup/provider=jboss/:add(enabled=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 2.2.0 to 2.2.1
|
||||
# NO CHANGES
|
||||
|
||||
# Migrate from 2.2.1 to 2.3.0
|
||||
if (outcome == failed) of /subsystem=infinispan/cache-container=keycloak/local-cache=keys/:read-resource
|
||||
echo Adding local-cache=keys to keycloak cache container...
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=keys/:add(indexing=NONE,start=LAZY)
|
||||
echo
|
||||
end-if
|
||||
if (result == undefined) of /subsystem=infinispan/cache-container=keycloak/local-cache=keys/component=eviction/:read-attribute(name=strategy,include-defaults=false)
|
||||
echo Updating eviction and expiration in local-cache=keys...
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=keys/component=eviction/:write-attribute(name=strategy,value=LRU)
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=keys/component=eviction/:write-attribute(name=max-entries,value=1000)
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=keys/component=expiration/:write-attribute(name=max-idle,value=3600000)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == failed) of /subsystem=keycloak-server/spi=publicKeyStorage/:read-resource
|
||||
echo Adding spi=publicKeyStorage...
|
||||
/subsystem=keycloak-server/spi=publicKeyStorage/:add
|
||||
/subsystem=keycloak-server/spi=publicKeyStorage/provider=infinispan/:add(properties={minTimeBetweenRequests => "10"},enabled=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 2.3.0 to 2.4.0
|
||||
# NO CHANGES
|
||||
|
||||
# Migrate from 2.4.0 to 2.5.0
|
||||
if (result == NONE) of /subsystem=infinispan/cache-container=keycloak/local-cache=realms/component=eviction/:read-attribute(name=strategy)
|
||||
echo Adding eviction strategy to keycloak realms cache...
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=realms/component=eviction/:write-attribute(name=strategy,value=LRU)
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=realms/component=eviction/:write-attribute(name=max-entries,value=10000)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 2.5.0 to 2.5.1
|
||||
# NO CHANGES
|
||||
|
||||
# Migrate 2.5.1 to 2.5.4
|
||||
if (result != REPEATABLE_READ) of /subsystem=infinispan/cache-container=ejb/local-cache=persistent/component=locking/:read-attribute(name=isolation)
|
||||
echo Changing ejb cache locking to REPEATABLE_READ
|
||||
/subsystem=infinispan/cache-container=ejb/local-cache=persistent/component=locking/:write-attribute(name=isolation,value=REPEATABLE_READ)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /subsystem=infinispan/cache-container=hibernate/local-cache=immutable-entity/:read-resource
|
||||
echo Removing Hibernate immutable-entity cache
|
||||
/subsystem=infinispan/cache-container=hibernate/local-cache=immutable-entity/:remove
|
||||
end-if
|
||||
|
||||
|
||||
# Migrate from 2.5.4 to 3.0.0
|
||||
if (result == jpa) of /subsystem=keycloak-server/spi=eventsStore/:read-attribute(name=default-provider,include-defaults=false)
|
||||
echo Removing default provider for eventsStore
|
||||
/subsystem=keycloak-server/spi=eventsStore/:undefine-attribute(name=default-provider)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if ((outcome == success) && (result.default-provider == jpa) && (result.provider == undefined)) of /subsystem=keycloak-server/spi=realm/:read-resource(recursive=false,include-defaults=false)
|
||||
echo Removing declaration for user SPI
|
||||
/subsystem=keycloak-server/spi=realm/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if ((outcome == success) && (result.default-provider == jpa) && (result.provider == undefined)) of /subsystem=keycloak-server/spi=user/:read-resource(recursive=false,include-defaults=false)
|
||||
echo Removing declaration for user SPI
|
||||
/subsystem=keycloak-server/spi=user/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if ((outcome == success) && (result.default-provider == jpa) && (result.provider == undefined)) of /subsystem=keycloak-server/spi=userFederatedStorage/:read-resource(recursive=false,include-defaults=false)
|
||||
echo Removing declaration for userFederatedStorage SPI
|
||||
/subsystem=keycloak-server/spi=userFederatedStorage/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if ((outcome == success) && (result.default-provider == jpa) && (result.provider == undefined)) of /subsystem=keycloak-server/spi=authorizationPersister/:read-resource(recursive=false,include-defaults=false)
|
||||
echo Removing declaration for authorizationPersister SPI
|
||||
/subsystem=keycloak-server/spi=authorizationPersister/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=keycloak-server/spi=userCache/:read-resource
|
||||
echo Adding userCache SPI
|
||||
/subsystem=keycloak-server/spi=userCache/:add
|
||||
/subsystem=keycloak-server/spi=userCache/provider=default/:add(enabled=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=keycloak-server/spi=realmCache/:read-resource
|
||||
echo Adding realmCache SPI
|
||||
/subsystem=keycloak-server/spi=realmCache/:add
|
||||
/subsystem=keycloak-server/spi=realmCache/provider=default/:add(enabled=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if ((result.default-provider == undefined) && (result.provider.default.enabled == true)) of /subsystem=keycloak-server/spi=connectionsInfinispan/:read-resource(recursive=true,include-defaults=false)
|
||||
echo Adding 'default' as default provider for connectionsInfinispan
|
||||
/subsystem=keycloak-server/spi=connectionsInfinispan/:write-attribute(name=default-provider,value=default)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 3.0.0 to 3.1.0
|
||||
# NO CHANGES
|
||||
|
||||
# Migrate from 3.1.0 to 3.2.0
|
||||
if (outcome == failed) of /subsystem=infinispan/cache-container=keycloak/local-cache=authenticationSessions/:read-resource
|
||||
echo Adding local-cache=authenticationSessions to keycloak cache container...
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=authenticationSessions/:add(indexing=NONE,start=LAZY)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/:read-resource
|
||||
echo Adding local-cache=actionTokens to keycloak cache container...
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/:add(indexing=NONE,start=LAZY)
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/component=eviction/:write-attribute(name=strategy,value=NONE)
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/component=eviction/:write-attribute(name=max-entries,value=-1)
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/component=expiration/:write-attribute(name=interval,value=300000)
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/component=expiration/:write-attribute(name=max-idle,value=-1)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == 100L) of /subsystem=infinispan/cache-container=keycloak/local-cache=authorization/component=eviction/:read-attribute(name=max-entries)
|
||||
echo Updating eviction in local-cache=authorization...
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/component=eviction/:write-attribute(name=max-entries,value=10000)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 3.2.0 to 3.2.1
|
||||
# NO CHANGES
|
||||
|
||||
# Migrate from 3.2.1 to 3.3.0
|
||||
if (outcome == failed) of /core-service=management/security-realm=ApplicationRealm/server-identity=ssl:read-resource
|
||||
echo Adding keystore to ApplicationRealm...
|
||||
/core-service=management/security-realm=ApplicationRealm/server-identity=ssl:add(keystore-path=application.keystore,keystore-relative-to=jboss.server.config.dir,keystore-password=password,alias=server,key-password=password,generate-self-signed-certificate-host=localhost)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /extension=org.wildfly.extension.elytron/:read-resource
|
||||
echo Adding elytron extension...
|
||||
/extension=org.wildfly.extension.elytron/:add(module=org.wildfly.extension.elytron)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=elytron/:read-resource
|
||||
echo Adding elytron subsystem
|
||||
/subsystem=elytron:add
|
||||
/subsystem=elytron/provider-loader=elytron/:add(module=org.wildfly.security.elytron)
|
||||
/subsystem=elytron/provider-loader=openssl/:add(module=org.wildfly.openssl)
|
||||
/subsystem=elytron/aggregate-providers=combined-providers/:add(providers=[elytron,openssl])
|
||||
/subsystem=elytron/file-audit-log=local-audit/:add(path=audit.log,relative-to=jboss.server.log.dir,format=JSON)
|
||||
/subsystem=elytron/identity-realm=local/:add(identity="$local")
|
||||
/subsystem=elytron/properties-realm=ApplicationRealm/:add(users-properties={path=application-users.properties,relative-to=jboss.server.config.dir,digest-realm-name=ApplicationRealm},groups-properties={path=application-roles.properties,relative-to=jboss.server.config.dir})
|
||||
/subsystem=elytron/properties-realm=ManagementRealm/:add(users-properties={path=mgmt-users.properties,relative-to=jboss.server.config.dir,digest-realm-name=ManagementRealm},groups-properties={path=mgmt-groups.properties,relative-to=jboss.server.config.dir})
|
||||
/subsystem=elytron/simple-permission-mapper=default-permission-mapper/:add(mapping-mode=first,permission-mappings=[{principals=[anonymous],permissions=[{class-name=org.wildfly.extension.batch.jberet.deployment.BatchPermission,module=org.wildfly.extension.batch.jberet,target-name=*},{class-name=org.wildfly.transaction.client.RemoteTransactionPermission,module=org.wildfly.transaction.client},{class-name=org.jboss.ejb.client.RemoteEJBPermission,module=org.jboss.ejb-client}]},{match-all=true,permissions=[{class-name=org.wildfly.security.auth.permission.LoginPermission},{class-name=org.wildfly.extension.batch.jberet.deployment.BatchPermission,module=org.wildfly.extension.batch.jberet,target-name=*},{class-name=org.wildfly.transaction.client.RemoteTransactionPermission,module=org.wildfly.transaction.client},{class-name=org.jboss.ejb.client.RemoteEJBPermission,module=org.jboss.ejb-client}]}])
|
||||
/subsystem=elytron/constant-realm-mapper=local/:add(realm-name=local)
|
||||
/subsystem=elytron/simple-role-decoder=groups-to-roles/:add(attribute=groups)
|
||||
/subsystem=elytron/constant-role-mapper=super-user-mapper/:add(roles=[SuperUser])
|
||||
/subsystem=elytron/security-domain=ApplicationDomain/:add(default-realm=ApplicationRealm,permission-mapper=default-permission-mapper,realms=[{realm=ApplicationRealm,role-decoder=groups-to-roles},{realm=local}])
|
||||
/subsystem=elytron/security-domain=ManagementDomain/:add(default-realm=ManagementRealm,permission-mapper=default-permission-mapper,realms=[{realm=ManagementRealm,role-decoder=groups-to-roles},{realm=local,role-mapper=super-user-mapper}])
|
||||
/subsystem=elytron/provider-http-server-mechanism-factory=global/:add
|
||||
/subsystem=elytron/http-authentication-factory=management-http-authentication/:add(http-server-mechanism-factory=global,security-domain=ManagementDomain,mechanism-configurations=[{mechanism-name=DIGEST,mechanism-realm-configurations=[{realm-name=ManagementRealm}]}])
|
||||
/subsystem=elytron/http-authentication-factory=application-http-authentication/:add(http-server-mechanism-factory=global,security-domain=ApplicationDomain,mechanism-configurations=[{mechanism-name=BASIC,mechanism-realm-configurations=[{realm-name=Application Realm}]},{mechanism-name=FORM}])
|
||||
/subsystem=elytron/provider-sasl-server-factory=global/:add
|
||||
/subsystem=elytron/mechanism-provider-filtering-sasl-server-factory=elytron/:add(sasl-server-factory=global,filters=[{provider-name=WildFlyElytron}])
|
||||
/subsystem=elytron/configurable-sasl-server-factory=configured/:add(sasl-server-factory=elytron,properties={wildfly.sasl.local-user.default-user => "$local"})
|
||||
/subsystem=elytron/sasl-authentication-factory=management-sasl-authentication/:add(sasl-server-factory=configured,security-domain=ManagementDomain,mechanism-configurations=[{mechanism-name=JBOSS-LOCAL-USER,realm-mapper=local},{mechanism-name=DIGEST-MD5,mechanism-realm-configurations=[{realm-name=ManagementRealm}]}])
|
||||
/subsystem=elytron/sasl-authentication-factory=application-sasl-authentication/:add(sasl-server-factory=configured,security-domain=ApplicationDomain,mechanism-configurations=[{mechanism-name=JBOSS-LOCAL-USER,realm-mapper=local},{mechanism-name=DIGEST-MD5,mechanism-realm-configurations=[{realm-name=ApplicationRealm}]}])
|
||||
/subsystem=elytron/:write-attribute(name=final-providers,value=combined-providers)
|
||||
/subsystem=elytron/:write-attribute(name=disallowed-providers,value=[OracleUcrypto])
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=ejb3/service=remote/channel-creation-options=READ_TIMEOUT/:read-resource
|
||||
echo Adding channel-creation-options READ_TIMEOUT to ejb3 remote
|
||||
/subsystem=ejb3/service=remote/channel-creation-options=READ_TIMEOUT/:add(value="${prop.remoting-connector.read.timeout:20}",type=xnio)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=ejb3/service=remote/channel-creation-options=MAX_OUTBOUND_MESSAGES/:read-resource
|
||||
echo Adding channel-creation-options MAX_OUTBOUND_MESSAGES to ejb3 remote
|
||||
/subsystem=ejb3/service=remote/channel-creation-options=MAX_OUTBOUND_MESSAGES/:add(value=1234,type=remoting)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /subsystem=infinispan/cache-container=web/local-cache=persistent:read-resource
|
||||
echo Removing local-cache persistent from web cache-container
|
||||
/subsystem=infinispan/cache-container=web/local-cache=persistent:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /subsystem=infinispan/cache-container=ejb/local-cache=persistent:read-resource
|
||||
echo Removing local-cache persistent from ejb cache-container
|
||||
/subsystem=infinispan/cache-container=ejb/local-cache=persistent:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == local-query) of /subsystem=infinispan/cache-container=hibernate/:read-attribute(name=default-cache)
|
||||
echo Removing default-cache from hibernate cache-container
|
||||
/subsystem=infinispan/cache-container=hibernate/:undefine-attribute(name=default-cache)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=undertow/server=default-server/host=default-host/setting=http-invoker/:read-resource
|
||||
echo Adding http-invoker to default-host
|
||||
/subsystem=undertow/server=default-server/host=default-host/setting=http-invoker/:add(security-realm=ApplicationRealm)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == false) of /subsystem=undertow/server=default-server/http-listener=default/:read-attribute(name=enable-http2)
|
||||
echo Enabling http2 for default http-listener
|
||||
/subsystem=undertow/server=default-server/http-listener=default/:write-attribute(name=enable-http2,value=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=undertow/server=default-server/https-listener=https/:read-resource
|
||||
echo Adding https-listener
|
||||
/subsystem=undertow/server=default-server/https-listener=https/:add(socket-binding=https,security-realm=ApplicationRealm,enable-http2=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 3.3.0 to 3.4.0
|
||||
if (outcome == success) of /subsystem=undertow/server=default-server/host=default-host/filter-ref=server-header/:read-resource
|
||||
echo Removing X-Powered-By and Server headers from Keycloak responses...
|
||||
/subsystem=undertow/server=default-server/host=default-host/filter-ref=server-header/:remove
|
||||
/subsystem=undertow/server=default-server/host=default-host/filter-ref=x-powered-by-header/:remove
|
||||
/subsystem=undertow/configuration=filter/response-header=x-powered-by-header/:remove
|
||||
/subsystem=undertow/configuration=filter/response-header=server-header/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /subsystem=jdr/:read-resource
|
||||
echo Removing jdr subsystem and extension
|
||||
/subsystem=jdr/:remove
|
||||
/extension=org.jboss.as.jdr/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /subsystem=jsf/:read-resource
|
||||
echo Removing jsf subsystem and extension
|
||||
/subsystem=jsf/:remove
|
||||
/extension=org.jboss.as.jsf/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=infinispan/cache-container=keycloak/local-cache=offlineClientSessions/:read-resource
|
||||
echo Adding local-cache=offlineClientSessions to keycloak cache container...
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=offlineClientSessions/:add(indexing=NONE,start=LAZY)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=infinispan/cache-container=keycloak/local-cache=clientSessions/:read-resource
|
||||
echo Adding local-cache=clientSessions to keycloak cache container...
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=clientSessions/:add(indexing=NONE,start=LAZY)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=keycloak-server/spi=x509cert-lookup/:read-resource
|
||||
echo Adding spi=x509cert-lookup...
|
||||
/subsystem=keycloak-server/spi=x509cert-lookup/:add(default-provider=${keycloak.x509cert.lookup.provider:default})
|
||||
/subsystem=keycloak-server/spi=x509cert-lookup/provider=default/:add(enabled=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 4.2.0 to 4.3.0
|
||||
if (outcome == failed) of /subsystem=keycloak-server/spi=hostname/:read-resource
|
||||
echo Adding spi=hostname...
|
||||
/subsystem=keycloak-server/spi=hostname/:add(default-provider=request)
|
||||
/subsystem=keycloak-server/spi=hostname/provider=fixed/:add(properties={hostname => "localhost",httpPort => "-1",httpsPort => "-1"},enabled=true)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 4.3.0 to 4.4.0
|
||||
if (outcome == failed) of /subsystem=elytron/permission-set=login-permission/:read-resource
|
||||
echo Adding permission-set=login-permission to elytron
|
||||
/subsystem=elytron/permission-set=login-permission:add(permissions=[{class-name=org.wildfly.security.auth.permission.LoginPermission}])
|
||||
/subsystem=elytron/permission-set=default-permissions/:add(permissions=[{class-name=org.wildfly.extension.batch.jberet.deployment.BatchPermission,module=org.wildfly.extension.batch.jberet,target-name=*},{class-name=org.wildfly.transaction.client.RemoteTransactionPermission,module=org.wildfly.transaction.client},{class-name=org.jboss.ejb.client.RemoteEJBPermission,module=org.jboss.ejb-client}])
|
||||
/subsystem=elytron/simple-permission-mapper=default-permission-mapper/:undefine-attribute(name=permission-mappings)
|
||||
/subsystem=elytron/simple-permission-mapper=default-permission-mapper:write-attribute(name=permission-mappings,value=[{permission-sets=[{permission-set=login-permission},{permission-set=default-permissions}],match-all=true},{permission-sets=[{permission-set=default-permissions}],principals=[anonymous]}])
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == org.hibernate.infinispan) of /subsystem=infinispan/cache-container=hibernate:read-attribute(name=module)
|
||||
echo Update hibernate cache module
|
||||
/subsystem=infinispan/cache-container=hibernate:write-attribute(name=module, value=org.infinispan.hibernate-cache)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == success) of /subsystem=infinispan/cache-container=hibernate/local-cache=entity/eviction=EVICTION:read-resource
|
||||
echo Removing eviction from hibernate entity cache and replacing with object-memory
|
||||
/subsystem=infinispan/cache-container=hibernate/local-cache=entity/eviction=EVICTION:remove
|
||||
/subsystem=infinispan/cache-container=hibernate/local-cache=entity/memory=object:add(size=10000)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == success) of /subsystem=infinispan/cache-container=hibernate/local-cache=local-query/eviction=EVICTION:read-resource
|
||||
echo Removing eviction from hibernate local-query cache and replacing with object-memory
|
||||
/subsystem=infinispan/cache-container=hibernate/local-cache=local-query/eviction=EVICTION:remove
|
||||
/subsystem=infinispan/cache-container=hibernate/local-cache=local-query/memory=object:add(size=10000)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == success) of /subsystem=infinispan/cache-container=keycloak/local-cache=realms/eviction=EVICTION:read-resource
|
||||
echo Removing eviction from keycloak realms cache and replacing with object-memory
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=realms/eviction=EVICTION:remove
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=realms/memory=object:add(size=10000)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == success) of /subsystem=infinispan/cache-container=keycloak/local-cache=users/eviction=EVICTION:read-resource
|
||||
echo Removing eviction from keycloak users cache and replacing with object-memory
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=users/eviction=EVICTION:remove
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=users/memory=object:add(size=10000)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == success) of /subsystem=infinispan/cache-container=keycloak/local-cache=authorization/eviction=EVICTION:read-resource
|
||||
echo Removing eviction from keycloak authorization cache and replacing with object-memory
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/eviction=EVICTION:remove
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/memory=object:add(size=10000)
|
||||
echo
|
||||
end-if
|
||||
if (outcome == success) of /subsystem=infinispan/cache-container=keycloak/local-cache=keys/eviction=EVICTION:read-resource
|
||||
echo Removing eviction from keycloak keys cache and replacing with object-memory
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=keys/eviction=EVICTION:remove
|
||||
/subsystem=infinispan/cache-container=keycloak/local-cache=keys/memory=object:add(size=1000)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /subsystem=keycloak-server/spi=connectionsInfinispan/provider=default:read-resource
|
||||
echo Changing JNDI reference in connectionsInfinispan SPI
|
||||
/subsystem=keycloak-server/spi=connectionsInfinispan/provider=default:undefine-attribute(name=properties)
|
||||
/subsystem=keycloak-server/spi=connectionsInfinispan/provider=default:write-attribute(name=properties,value={cacheContainer=java:jboss/infinispan/container/keycloak})
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 4.4.0 to 4.5.0
|
||||
if (outcome == failed) of /subsystem=core-management/:read-resource
|
||||
echo Adding core-management extension
|
||||
/extension=org.wildfly.extension.core-management/:add
|
||||
echo Adding subsystem core-management
|
||||
/subsystem=core-management/:add
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 4.5.0 to 4.6.0
|
||||
if (outcome == success) of /subsystem=elytron/http-authentication-factory=application-http-authentication/:read-resource
|
||||
echo Removing application-http-authentication from elytron subsystem
|
||||
/subsystem=elytron/http-authentication-factory=application-http-authentication:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == undefined) of /subsystem=transactions/:read-attribute(name=node-identifier,include-defaults=false)
|
||||
echo Setting node-identifier attribute of core-environment element in transactions subsystem
|
||||
/subsystem=transactions/:write-attribute(name=node-identifier,value=expression "${jboss.tx.node.id:1}")
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 4.8.3 to 5.0.0
|
||||
if (outcome == failed) of /subsystem=logging/logger=io.jaegertracing.Configuration/:read-resource
|
||||
echo Adding io.jaegertracing.Configuration logger
|
||||
/subsystem=logging/logger=io.jaegertracing.Configuration/:add(category=io.jaegertracing.Configuration,level=WARN)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 5.0.0 to 6.0.0
|
||||
if (result == NON_XA) of /subsystem=infinispan/cache-container=hibernate/local-cache=entity/component=transaction/:read-attribute(name=mode)
|
||||
echo Removing NON_XA transaction mode from infinispan/hibernate/entity
|
||||
/subsystem=infinispan/cache-container=hibernate/local-cache=entity/component=transaction/:undefine-attribute(name=mode)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == false) of /subsystem=datasources/data-source=ExampleDS/:read-attribute(name=statistics-enabled)
|
||||
echo Adding statistics-enabled expression to ExampleDS datasource
|
||||
/subsystem=datasources/data-source=ExampleDS/:write-attribute(name=statistics-enabled,value=${wildfly.datasources.statistics-enabled:${wildfly.statistics-enabled:false}})
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == false) of /subsystem=datasources/data-source=KeycloakDS/:read-attribute(name=statistics-enabled)
|
||||
echo Adding statistics-enabled expression to KeycloakDS datasource
|
||||
/subsystem=datasources/data-source=KeycloakDS/:write-attribute(name=statistics-enabled,value=${wildfly.datasources.statistics-enabled:${wildfly.statistics-enabled:false}})
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == false) of /subsystem=ejb3/:read-attribute(name=statistics-enabled)
|
||||
echo Adding statistics-enabled expression to ejb3 subsystem
|
||||
/subsystem=ejb3/:write-attribute(name=statistics-enabled,value=${wildfly.ejb3.statistics-enabled:${wildfly.statistics-enabled:false}})
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == false) of /subsystem=transactions/:read-attribute(name=statistics-enabled)
|
||||
echo Adding statistics-enabled expression to transactions subsystem
|
||||
/subsystem=transactions/:write-attribute(name=statistics-enabled,value=${wildfly.transactions.statistics-enabled:${wildfly.statistics-enabled:false}})
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == false) of /subsystem=undertow/:read-attribute(name=statistics-enabled)
|
||||
echo Adding statistics-enabled expression to undertow subsystem
|
||||
/subsystem=undertow/:write-attribute(name=statistics-enabled,value=${wildfly.undertow.statistics-enabled:${wildfly.statistics-enabled:false}})
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == false) of /subsystem=webservices/:read-attribute(name=statistics-enabled)
|
||||
echo Adding statistics-enabled expression to webservices subsystem
|
||||
/subsystem=webservices/:write-attribute(name=statistics-enabled,value=${wildfly.webservices.statistics-enabled:${wildfly.statistics-enabled:false}})
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /extension=org.jboss.as.weld/:read-resource
|
||||
echo Adding weld extension
|
||||
/extension=org.jboss.as.weld/:add
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=weld/:read-resource
|
||||
echo Adding weld subsystem
|
||||
/subsystem=weld/:add
|
||||
echo
|
||||
end-if
|
||||
|
||||
## KEYCLOAK-16723 / KEYCLOAK-16907:
|
||||
##
|
||||
## Loading of MicroProfile SmallRye config, health, and metrics extensions & subsystems got removed
|
||||
## as part of upgrading to Wildfly 22. See [WFLY-14203], [WFLY-14151], and [WFLY-14108] for details
|
||||
|
||||
# Migrate from 6.0.1 to 7.0.0
|
||||
if (outcome == success) of /subsystem=ejb3/service=remote/channel-creation-options=READ_TIMEOUT/:read-resource
|
||||
echo Removing READ_TIMEOUT option from remote service from ejb3 subsystem
|
||||
/subsystem=ejb3/service=remote/channel-creation-options=READ_TIMEOUT/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=infinispan/cache-container=web/local-cache=routing:read-resource
|
||||
echo Adding local cache routing to web cache container to infinispan subsystem
|
||||
/subsystem=infinispan/cache-container=web/local-cache=routing/:add
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=infinispan/cache-container=web/local-cache=sso:read-resource
|
||||
echo Adding local cache sso to web cache container to infinispan subsystem
|
||||
/subsystem=infinispan/cache-container=web/local-cache=sso/:add
|
||||
/subsystem=infinispan/cache-container=web/local-cache=sso/component=locking/:add(isolation=REPEATABLE_READ)
|
||||
/subsystem=infinispan/cache-container=web/local-cache=sso/component=transaction/:add(mode=BATCH)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == "true") of /subsystem=keycloak-server/spi=truststore/provider=file:map-get(name=properties, key=disabled)
|
||||
echo Disabling Truststore Provider
|
||||
/subsystem=keycloak-server/spi=truststore/provider=file:write-attribute(name=enabled, value=false)
|
||||
echo Removing deprecated option
|
||||
/subsystem=keycloak-server/spi=truststore/provider=file:map-remove(name=properties, key=disabled)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 7.0.0 to 8.0.0
|
||||
|
||||
if ((result.time == 100L) && (result.unit == MILLISECONDS)) of /subsystem=ejb3/thread-pool=default:read-attribute(name=keepalive-time)
|
||||
echo Changing thread pool keepalive of ejb3 subsystem
|
||||
/subsystem=ejb3/thread-pool=default:write-attribute(name=keepalive-time.time, value=60)
|
||||
/subsystem=ejb3/thread-pool=default:write-attribute(name=keepalive-time.unit,value=SECONDS)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=keycloak-server/spi=hostname/provider=default/:read-resource
|
||||
echo Adding default hostname provider
|
||||
/subsystem=keycloak-server/spi=hostname/provider=default/:add(properties={frontendUrl => "${keycloak.frontendUrl:}",forceBackendUrlToFrontendUrl => "false"},enabled=true)
|
||||
end-if
|
||||
|
||||
if (result == request) of /subsystem=keycloak-server/spi=hostname/:read-attribute(name=default-provider)
|
||||
echo Switching from request to default hostname provider
|
||||
|
||||
/subsystem=keycloak-server/spi=hostname/:write-attribute(name=default-provider,value=default)
|
||||
end-if
|
||||
|
||||
if (result != fixed) of /subsystem=keycloak-server/spi=hostname/:read-attribute(name=default-provider)
|
||||
try
|
||||
/subsystem=keycloak-server/spi=hostname/provider=fixed:remove
|
||||
echo Removed config for unused fixed hostname provider
|
||||
catch
|
||||
end-try
|
||||
end-if
|
||||
|
||||
# Migrate from 10.0.2 to 11.0.0 (migration changes for infinispan update from 9.4.18.Final to 10.1.8.Final)
|
||||
|
||||
if (result != org.keycloak.keycloak-model-infinispan) of /subsystem=infinispan/cache-container=keycloak:read-attribute(name=module)
|
||||
echo Setting class loader for keycloak cache-container so JBoss Marshalling works properly with Infinispan 10.x
|
||||
/subsystem=infinispan/cache-container=keycloak:write-attribute(name=module,value=org.keycloak.keycloak-model-infinispan)
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 11.0.0 to 12.0.0
|
||||
|
||||
if (result != expression "${jboss.mail.server.host:localhost}") of /socket-binding-group=standard-sockets/remote-destination-outbound-socket-binding=mail-smtp:read-attribute(name=host)
|
||||
echo Adding host expression to the SMTP configuration of a remote destination outbound socket binding in the mail subsystem
|
||||
/socket-binding-group=standard-sockets/remote-destination-outbound-socket-binding=mail-smtp:write-attribute(name=host, value=expression "${jboss.mail.server.host:localhost}")
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result != expression "${jboss.mail.server.port:25}") of /socket-binding-group=standard-sockets/remote-destination-outbound-socket-binding=mail-smtp:read-attribute(name=port)
|
||||
echo Adding port expression to the SMTP configuration of a remote destination outbound socket binding in the mail subsystem
|
||||
/socket-binding-group=standard-sockets/remote-destination-outbound-socket-binding=mail-smtp:write-attribute(name=port, value=expression "${jboss.mail.server.port:25}")
|
||||
echo
|
||||
end-if
|
||||
|
||||
# Migrate from 12.0.0 to 13.0.0
|
||||
|
||||
## KEYCLOAK-16723 / KEYCLOAK-16907:
|
||||
##
|
||||
## Based on [WFLY-14203], [WFLY-14151], and [WFLY-14108] remove MicroProfile SmallRye config, health, and metrics if present
|
||||
|
||||
if (outcome == success) of /subsystem=microprofile-config-smallrye/:read-resource
|
||||
echo Removing microprofile-config-smallrye subsystem...
|
||||
/subsystem=microprofile-config-smallrye/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /extension=org.wildfly.extension.microprofile.config-smallrye/:read-resource
|
||||
echo Removing microprofile.config-smallrye extension...
|
||||
/extension=org.wildfly.extension.microprofile.config-smallrye/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /subsystem=microprofile-health-smallrye/:read-resource
|
||||
echo Removing microprofile-health-smallrye subsystem...
|
||||
/subsystem=microprofile-health-smallrye/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /extension=org.wildfly.extension.microprofile.health-smallrye/:read-resource
|
||||
echo Removing microprofile.health-smallrye extension...
|
||||
/extension=org.wildfly.extension.microprofile.health-smallrye/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /subsystem=microprofile-metrics-smallrye/:read-resource
|
||||
echo Removing microprofile-metrics-smallrye subsystem...
|
||||
/subsystem=microprofile-metrics-smallrye/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == success) of /extension=org.wildfly.extension.microprofile.metrics-smallrye/:read-resource
|
||||
echo Removing microprofile.metrics-smallrye extension...
|
||||
/extension=org.wildfly.extension.microprofile.metrics-smallrye/:remove
|
||||
echo
|
||||
end-if
|
||||
|
||||
## Yet based on [WFLY-14203], [WFLY-14151], and [WFLY-14108] load
|
||||
## org.wildfly.extension.health/org.wildfly.extension.metrics extensions & subsystems instead
|
||||
|
||||
if (outcome == failed) of /extension=org.wildfly.extension.health:read-resource
|
||||
echo Adding WildFly extension for health...
|
||||
/extension=org.wildfly.extension.health:add(module=org.wildfly.extension.health)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=health:read-resource
|
||||
echo Adding Wildfly subsystem for health...
|
||||
/subsystem=health:add(security-enabled=false)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /extension=org.wildfly.extension.metrics:read-resource
|
||||
echo Adding Wildfly extension for base metrics...
|
||||
/extension=org.wildfly.extension.metrics:add(module=org.wildfly.extension.metrics)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=metrics:read-resource
|
||||
echo Adding Wildfly subsystem for base metrics...
|
||||
/subsystem=metrics:add(exposed-subsystems=[*],security-enabled=false)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (result == "Keycloak") of :read-attribute(name=product-name)
|
||||
echo Adding base metrics subsystem prefix to Keycloak...
|
||||
/subsystem=metrics:write-attribute(name=prefix,value=${wildfly.metrics.prefix:wildfly})
|
||||
echo
|
||||
else
|
||||
echo Adding base metrics subsystem prefix to RH-SSO...
|
||||
/subsystem=metrics:write-attribute(name=prefix,value=${wildfly.metrics.prefix:jboss})
|
||||
echo
|
||||
end-if
|
||||
|
||||
## Add ability to make use of automatically generated self-signed certificate with Elytron,
|
||||
## introduced by WFCORE-5095 in Wildfly Core 14.0.0.Final
|
||||
|
||||
if (outcome == failed) of /subsystem=elytron/key-store=applicationKS:read-resource
|
||||
echo Adding key store for the feature of auto-generation of self-signed certificate to Elytron subsystem...
|
||||
/subsystem=elytron/key-store=applicationKS:add(credential-reference={clear-text=password},type=JKS)
|
||||
/subsystem=elytron/key-store=applicationKS:write-attribute(name=path,value=application.keystore)
|
||||
/subsystem=elytron/key-store=applicationKS:write-attribute(name=relative-to,value=jboss.server.config.dir)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=elytron/key-manager=applicationKM:read-resource
|
||||
echo Adding key manager for the feature of auto-generation of self-signed certificate to Elytron subsystem...
|
||||
/subsystem=elytron/key-manager=applicationKM:add(key-store=applicationKS, credential-reference={clear-text=password})
|
||||
/subsystem=elytron/key-manager=applicationKM:write-attribute(name=generate-self-signed-certificate-host,value=localhost)
|
||||
echo
|
||||
end-if
|
||||
|
||||
if (outcome == failed) of /subsystem=elytron/server-ssl-context=applicationSSC:read-resource
|
||||
echo Adding SSL context for the feature of auto-generation of self-signed certificate to Elytron subsystem...
|
||||
/subsystem=elytron/server-ssl-context=applicationSSC:add(key-manager=applicationKM)
|
||||
echo
|
||||
end-if
|
||||
|
||||
## Convert type of 'hung-task-termination-period' attribute for 'managed-executor-service' from INT to LONG
|
||||
if (result == 0) of /subsystem=ee/managed-executor-service=default:read-attribute(name=hung-task-termination-period)
|
||||
echo Setting period for automatic termination of hung tasks for managed executor service to default value (0 miliseconds)
|
||||
/subsystem=ee/managed-executor-service=default:write-attribute(name=hung-task-termination-period,value=0L)
|
||||
echo
|
||||
end-if
|
||||
|
||||
## Convert type of 'hung-task-termination-period' attribute for 'managed-scheduled-executor-service' from INT to LONG
|
||||
if (result == 0) of /subsystem=ee/managed-scheduled-executor-service=default:read-attribute(name=hung-task-termination-period)
|
||||
echo Setting period for automatic termination of hung tasks for managed scheduled executor service to default value (0 miliseconds)
|
||||
/subsystem=ee/managed-scheduled-executor-service=default:write-attribute(name=hung-task-termination-period,value=0L)
|
||||
echo
|
||||
end-if
|
||||
|
||||
## Set value of JPA default-datasource from empty string to 'undefined'
|
||||
if (outcome == success) && (result == "") of /subsystem=jpa:read-attribute(name=default-datasource)
|
||||
echo Setting value of to default-datasource attribute in JPA subsystem to 'undefined'
|
||||
/subsystem=jpa:undefine-attribute(name=default-datasource)
|
||||
echo
|
||||
end-if
|
||||
|
||||
echo *** End Migration ***
|
|
@ -0,0 +1,202 @@
|
|||
|
||||
Apache License
|
||||
Version 2.0, January 2004
|
||||
http://www.apache.org/licenses/
|
||||
|
||||
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
|
||||
|
||||
1. Definitions.
|
||||
|
||||
"License" shall mean the terms and conditions for use, reproduction,
|
||||
and distribution as defined by Sections 1 through 9 of this document.
|
||||
|
||||
"Licensor" shall mean the copyright owner or entity authorized by
|
||||
the copyright owner that is granting the License.
|
||||
|
||||
"Legal Entity" shall mean the union of the acting entity and all
|
||||
other entities that control, are controlled by, or are under common
|
||||
control with that entity. For the purposes of this definition,
|
||||
"control" means (i) the power, direct or indirect, to cause the
|
||||
direction or management of such entity, whether by contract or
|
||||
otherwise, or (ii) ownership of fifty percent (50%) or more of the
|
||||
outstanding shares, or (iii) beneficial ownership of such entity.
|
||||
|
||||
"You" (or "Your") shall mean an individual or Legal Entity
|
||||
exercising permissions granted by this License.
|
||||
|
||||
"Source" form shall mean the preferred form for making modifications,
|
||||
including but not limited to software source code, documentation
|
||||
source, and configuration files.
|
||||
|
||||
"Object" form shall mean any form resulting from mechanical
|
||||
transformation or translation of a Source form, including but
|
||||
not limited to compiled object code, generated documentation,
|
||||
and conversions to other media types.
|
||||
|
||||
"Work" shall mean the work of authorship, whether in Source or
|
||||
Object form, made available under the License, as indicated by a
|
||||
copyright notice that is included in or attached to the work
|
||||
(an example is provided in the Appendix below).
|
||||
|
||||
"Derivative Works" shall mean any work, whether in Source or Object
|
||||
form, that is based on (or derived from) the Work and for which the
|
||||
editorial revisions, annotations, elaborations, or other modifications
|
||||
represent, as a whole, an original work of authorship. For the purposes
|
||||
of this License, Derivative Works shall not include works that remain
|
||||
separable from, or merely link (or bind by name) to the interfaces of,
|
||||
the Work and Derivative Works thereof.
|
||||
|
||||
"Contribution" shall mean any work of authorship, including
|
||||
the original version of the Work and any modifications or additions
|
||||
to that Work or Derivative Works thereof, that is intentionally
|
||||
submitted to Licensor for inclusion in the Work by the copyright owner
|
||||
or by an individual or Legal Entity authorized to submit on behalf of
|
||||
the copyright owner. For the purposes of this definition, "submitted"
|
||||
means any form of electronic, verbal, or written communication sent
|
||||
to the Licensor or its representatives, including but not limited to
|
||||
communication on electronic mailing lists, source code control systems,
|
||||
and issue tracking systems that are managed by, or on behalf of, the
|
||||
Licensor for the purpose of discussing and improving the Work, but
|
||||
excluding communication that is conspicuously marked or otherwise
|
||||
designated in writing by the copyright owner as "Not a Contribution."
|
||||
|
||||
"Contributor" shall mean Licensor and any individual or Legal Entity
|
||||
on behalf of whom a Contribution has been received by Licensor and
|
||||
subsequently incorporated within the Work.
|
||||
|
||||
2. Grant of Copyright License. Subject to the terms and conditions of
|
||||
this License, each Contributor hereby grants to You a perpetual,
|
||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
||||
copyright license to reproduce, prepare Derivative Works of,
|
||||
publicly display, publicly perform, sublicense, and distribute the
|
||||
Work and such Derivative Works in Source or Object form.
|
||||
|
||||
3. Grant of Patent License. Subject to the terms and conditions of
|
||||
this License, each Contributor hereby grants to You a perpetual,
|
||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
||||
(except as stated in this section) patent license to make, have made,
|
||||
use, offer to sell, sell, import, and otherwise transfer the Work,
|
||||
where such license applies only to those patent claims licensable
|
||||
by such Contributor that are necessarily infringed by their
|
||||
Contribution(s) alone or by combination of their Contribution(s)
|
||||
with the Work to which such Contribution(s) was submitted. If You
|
||||
institute patent litigation against any entity (including a
|
||||
cross-claim or counterclaim in a lawsuit) alleging that the Work
|
||||
or a Contribution incorporated within the Work constitutes direct
|
||||
or contributory patent infringement, then any patent licenses
|
||||
granted to You under this License for that Work shall terminate
|
||||
as of the date such litigation is filed.
|
||||
|
||||
4. Redistribution. You may reproduce and distribute copies of the
|
||||
Work or Derivative Works thereof in any medium, with or without
|
||||
modifications, and in Source or Object form, provided that You
|
||||
meet the following conditions:
|
||||
|
||||
(a) You must give any other recipients of the Work or
|
||||
Derivative Works a copy of this License; and
|
||||
|
||||
(b) You must cause any modified files to carry prominent notices
|
||||
stating that You changed the files; and
|
||||
|
||||
(c) You must retain, in the Source form of any Derivative Works
|
||||
that You distribute, all copyright, patent, trademark, and
|
||||
attribution notices from the Source form of the Work,
|
||||
excluding those notices that do not pertain to any part of
|
||||
the Derivative Works; and
|
||||
|
||||
(d) If the Work includes a "NOTICE" text file as part of its
|
||||
distribution, then any Derivative Works that You distribute must
|
||||
include a readable copy of the attribution notices contained
|
||||
within such NOTICE file, excluding those notices that do not
|
||||
pertain to any part of the Derivative Works, in at least one
|
||||
of the following places: within a NOTICE text file distributed
|
||||
as part of the Derivative Works; within the Source form or
|
||||
documentation, if provided along with the Derivative Works; or,
|
||||
within a display generated by the Derivative Works, if and
|
||||
wherever such third-party notices normally appear. The contents
|
||||
of the NOTICE file are for informational purposes only and
|
||||
do not modify the License. You may add Your own attribution
|
||||
notices within Derivative Works that You distribute, alongside
|
||||
or as an addendum to the NOTICE text from the Work, provided
|
||||
that such additional attribution notices cannot be construed
|
||||
as modifying the License.
|
||||
|
||||
You may add Your own copyright statement to Your modifications and
|
||||
may provide additional or different license terms and conditions
|
||||
for use, reproduction, or distribution of Your modifications, or
|
||||
for any such Derivative Works as a whole, provided Your use,
|
||||
reproduction, and distribution of the Work otherwise complies with
|
||||
the conditions stated in this License.
|
||||
|
||||
5. Submission of Contributions. Unless You explicitly state otherwise,
|
||||
any Contribution intentionally submitted for inclusion in the Work
|
||||
by You to the Licensor shall be under the terms and conditions of
|
||||
this License, without any additional terms or conditions.
|
||||
Notwithstanding the above, nothing herein shall supersede or modify
|
||||
the terms of any separate license agreement you may have executed
|
||||
with Licensor regarding such Contributions.
|
||||
|
||||
6. Trademarks. This License does not grant permission to use the trade
|
||||
names, trademarks, service marks, or product names of the Licensor,
|
||||
except as required for reasonable and customary use in describing the
|
||||
origin of the Work and reproducing the content of the NOTICE file.
|
||||
|
||||
7. Disclaimer of Warranty. Unless required by applicable law or
|
||||
agreed to in writing, Licensor provides the Work (and each
|
||||
Contributor provides its Contributions) on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
||||
implied, including, without limitation, any warranties or conditions
|
||||
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. You are solely responsible for determining the
|
||||
appropriateness of using or redistributing the Work and assume any
|
||||
risks associated with Your exercise of permissions under this License.
|
||||
|
||||
8. Limitation of Liability. In no event and under no legal theory,
|
||||
whether in tort (including negligence), contract, or otherwise,
|
||||
unless required by applicable law (such as deliberate and grossly
|
||||
negligent acts) or agreed to in writing, shall any Contributor be
|
||||
liable to You for damages, including any direct, indirect, special,
|
||||
incidental, or consequential damages of any character arising as a
|
||||
result of this License or out of the use or inability to use the
|
||||
Work (including but not limited to damages for loss of goodwill,
|
||||
work stoppage, computer failure or malfunction, or any and all
|
||||
other commercial damages or losses), even if such Contributor
|
||||
has been advised of the possibility of such damages.
|
||||
|
||||
9. Accepting Warranty or Additional Liability. While redistributing
|
||||
the Work or Derivative Works thereof, You may choose to offer,
|
||||
and charge a fee for, acceptance of support, warranty, indemnity,
|
||||
or other liability obligations and/or rights consistent with this
|
||||
License. However, in accepting such obligations, You may act only
|
||||
on Your own behalf and on Your sole responsibility, not on behalf
|
||||
of any other Contributor, and only if You agree to indemnify,
|
||||
defend, and hold each Contributor harmless for any liability
|
||||
incurred by, or claims asserted against, such Contributor by reason
|
||||
of your accepting any such warranty or additional liability.
|
||||
|
||||
END OF TERMS AND CONDITIONS
|
||||
|
||||
APPENDIX: How to apply the Apache License to your work.
|
||||
|
||||
To apply the Apache License to your work, attach the following
|
||||
boilerplate notice, with the fields enclosed by brackets "[]"
|
||||
replaced with your own identifying information. (Don't include
|
||||
the brackets!) The text should be enclosed in the appropriate
|
||||
comment syntax for the file format. We also recommend that a
|
||||
file or class name and description of purpose be included on the
|
||||
same "printed page" as the copyright notice for easier
|
||||
identification within third-party archives.
|
||||
|
||||
Copyright [yyyy] [name of copyright owner]
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
|
@ -0,0 +1,22 @@
|
|||
table {
|
||||
border-collapse: collapse;
|
||||
}
|
||||
|
||||
table, th, td {
|
||||
border: 1px solid navy;
|
||||
}
|
||||
|
||||
th {
|
||||
text-align: left;
|
||||
background-color: #BCC6CC;
|
||||
|
||||
}
|
||||
|
||||
th, td {
|
||||
padding: 2px;
|
||||
text-align: left;
|
||||
}
|
||||
|
||||
tr:nth-child(even) {
|
||||
background-color: #f2f2f2;
|
||||
}
|
|
@ -0,0 +1,71 @@
|
|||
<?xml version="1.0"?>
|
||||
<xsl:stylesheet version="1.0"
|
||||
xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
|
||||
|
||||
<xsl:output method="html" encoding="utf-8" standalone="no" media-type="text/html" />
|
||||
<xsl:param name="version"/>
|
||||
<xsl:param name="product.release.name"/>
|
||||
<xsl:variable name="lowercase" select="'abcdefghijklmnopqrstuvwxyz '" />
|
||||
<xsl:variable name="uppercase" select="'ABCDEFGHIJKLMNOPQRSTUVWXYZ!'" />
|
||||
|
||||
<xsl:template match="/">
|
||||
<html>
|
||||
<head>
|
||||
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
|
||||
<link rel="stylesheet" type="text/css" href="licenses.css"/>
|
||||
</head>
|
||||
<body>
|
||||
<h2><xsl:value-of select="$product.release.name"/><xsl:text> </xsl:text><xsl:value-of select="substring-before($version, '-')"/> - Servlet Feature Pack</h2>
|
||||
<p>The following material has been provided for informational purposes only, and should not be relied upon or construed as a legal opinion or legal advice.</p>
|
||||
<!-- Read matching templates -->
|
||||
<table>
|
||||
<tr>
|
||||
<th>Package Group</th>
|
||||
<th>Package Artifact</th>
|
||||
<th>Package Version</th>
|
||||
<th>Remote Licenses</th>
|
||||
<th>Local Licenses</th>
|
||||
</tr>
|
||||
<xsl:for-each select="licenseSummary/dependencies/dependency">
|
||||
<xsl:sort select="concat(groupId, '.', artifactId)"/>
|
||||
<tr>
|
||||
<td><xsl:value-of select="groupId"/></td>
|
||||
<td><xsl:value-of select="artifactId"/></td>
|
||||
<td><xsl:value-of select="version"/></td>
|
||||
<td>
|
||||
<xsl:for-each select="licenses/license">
|
||||
<a href="{./url}"><xsl:value-of select="name"/></a><br/>
|
||||
</xsl:for-each>
|
||||
</td>
|
||||
<td>
|
||||
<xsl:for-each select="licenses/license">
|
||||
<xsl:variable name="filename">
|
||||
<xsl:call-template name="remap-local-filename">
|
||||
<xsl:with-param name="name" select="name" />
|
||||
</xsl:call-template>
|
||||
</xsl:variable>
|
||||
<a href="{$filename}"><xsl:value-of select="$filename"/></a><br/>
|
||||
</xsl:for-each>
|
||||
</td>
|
||||
</tr>
|
||||
</xsl:for-each>
|
||||
</table>
|
||||
</body>
|
||||
</html>
|
||||
</xsl:template>
|
||||
|
||||
<xsl:template name="remap-local-filename">
|
||||
<xsl:param name="name"/>
|
||||
<xsl:choose>
|
||||
<xsl:when test="$name = 'GNU General Public License v2.0 only'">
|
||||
<xsl:text>gnu general public license v2.0 only.html</xsl:text>
|
||||
</xsl:when>
|
||||
<xsl:when test="$name = ''">
|
||||
<xsl:text>.html</xsl:text>
|
||||
</xsl:when>
|
||||
<xsl:otherwise>
|
||||
<xsl:value-of select="concat(translate($name, $uppercase, $lowercase), '.txt')"/>
|
||||
</xsl:otherwise>
|
||||
</xsl:choose>
|
||||
</xsl:template>
|
||||
</xsl:stylesheet>
|
|
@ -0,0 +1,47 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<feature-group-spec name="domain-keycloak-clustered" xmlns="urn:jboss:galleon:feature-group:1.0">
|
||||
|
||||
<feature-group name="domain-interfaces">
|
||||
<exclude feature-id="domain.interface:interface=unsecure"/>
|
||||
</feature-group>
|
||||
|
||||
<feature spec="domain.socket-binding-group">
|
||||
<param name="socket-binding-group" value="ha-sockets"/>
|
||||
<param name="default-interface" value="public" />
|
||||
<feature-group name="domain-sockets"/>
|
||||
<feature-group name="domain-ha-sockets"/>
|
||||
<feature-group name="domain-mail-sockets"/>
|
||||
<feature-group name="domain-transactions-sockets"/>
|
||||
<feature-group name="domain-server-groups"/>
|
||||
</feature>
|
||||
|
||||
<feature spec="profile">
|
||||
<param name="profile" value="auth-server-clustered"/>
|
||||
<feature-group name="domain-ha-profile">
|
||||
<exclude spec="subsystem.sar"/>
|
||||
<exclude spec="subsystem.jdr"/>
|
||||
<exclude spec="subsystem.jsf"/>
|
||||
<exclude spec="subsystem.pojo"/>
|
||||
<exclude spec="subsystem.webservices"/>
|
||||
<exclude spec="subsystem.batch-jberet"/>
|
||||
<exclude spec="subsystem.distributable-web"/>
|
||||
<exclude spec="subsystem.discovery"/>
|
||||
<exclude spec="subsystem.ee-security"/>
|
||||
<exclude spec="subsystem.resource-adapters"/>
|
||||
<exclude spec="subsystem.singleton"/>
|
||||
<exclude spec="subsystem.weld"/>
|
||||
</feature-group>
|
||||
<feature-group name="keycloak-server-subsystem"/>
|
||||
<feature-group name="datasources">
|
||||
<feature-group name="keycloak-datasource"/>
|
||||
</feature-group>
|
||||
<feature-group name="infinispan-dist-keycloak"/>
|
||||
</feature>
|
||||
|
||||
<feature spec="domain.system-property">
|
||||
<param name="system-property" value="java.net.preferIPv4Stack"/>
|
||||
<param name="value" value="true"/>
|
||||
</feature>
|
||||
<feature-group name="access-control"/>
|
||||
|
||||
</feature-group-spec>
|
|
@ -0,0 +1,48 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<feature-group-spec name="domain-keycloak-standalone" xmlns="urn:jboss:galleon:feature-group:1.0">
|
||||
|
||||
<feature-group name="domain-interfaces">
|
||||
<exclude feature-id="domain.interface:interface=unsecure"/>
|
||||
</feature-group>
|
||||
|
||||
<feature spec="domain.interface">
|
||||
<param name="interface" value="private"/>
|
||||
<param name="inet-address" value="${jboss.bind.address.private:127.0.0.1}"/>
|
||||
</feature>
|
||||
<feature spec="domain.socket-binding-group">
|
||||
<param name="socket-binding-group" value="standard-sockets" />
|
||||
<param name="default-interface" value="public" />
|
||||
<feature-group name="domain-sockets"/>
|
||||
<feature-group name="domain-transactions-sockets"/>
|
||||
<feature-group name="domain-mail-sockets"/>
|
||||
</feature>
|
||||
|
||||
<feature spec="profile">
|
||||
<param name="profile" value="auth-server-standalone"/>
|
||||
<feature-group name="domain-profile">
|
||||
<exclude spec="subsystem.sar"/>
|
||||
<exclude spec="subsystem.jdr"/>
|
||||
<exclude spec="subsystem.jsf"/>
|
||||
<exclude spec="subsystem.pojo"/>
|
||||
<exclude spec="subsystem.webservices"/>
|
||||
<exclude spec="subsystem.batch-jberet"/>
|
||||
<exclude spec="subsystem.distributable-web"/>
|
||||
<exclude spec="subsystem.discovery"/>
|
||||
<exclude spec="subsystem.ee-security"/>
|
||||
<exclude spec="subsystem.resource-adapters"/>
|
||||
<exclude spec="subsystem.weld"/>
|
||||
</feature-group>
|
||||
<feature-group name="keycloak-server-subsystem"/>
|
||||
<feature-group name="datasources">
|
||||
<feature-group name="keycloak-datasource"/>
|
||||
</feature-group>
|
||||
<feature-group name="infinispan-local"/>
|
||||
</feature>
|
||||
|
||||
<feature spec="domain.system-property">
|
||||
<param name="system-property" value="java.net.preferIPv4Stack"/>
|
||||
<param name="value" value="true"/>
|
||||
</feature>
|
||||
<feature-group name="access-control"/>
|
||||
|
||||
</feature-group-spec>
|
|
@ -0,0 +1,38 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<feature-group-spec name="domain-server-groups-keycloak" xmlns="urn:jboss:galleon:feature-group:1.0">
|
||||
|
||||
<feature spec="domain.server-group">
|
||||
<param name="server-group" value="auth-server-group"/>
|
||||
<param name="profile" value="auth-server-standalone" />
|
||||
<param name="socket-binding-group" value="standard-sockets" />
|
||||
<param name="socket-binding-default-interface" value="public"/>
|
||||
<feature spec="domain.server-group.jvm">
|
||||
<param name="jvm" value="default"/>
|
||||
<param name="heap-size" value="64m"/>
|
||||
<param name="max-heap-size" value="512m"/>
|
||||
</feature>
|
||||
</feature>
|
||||
<feature spec="domain.server-group">
|
||||
<param name="server-group" value="auth-server-group"/>
|
||||
<param name="profile" value="auth-server-clustered" />
|
||||
<param name="socket-binding-group" value="ha-sockets" />
|
||||
<param name="socket-binding-default-interface" value="public"/>
|
||||
<feature spec="domain.server-group.jvm">
|
||||
<param name="jvm" value="default"/>
|
||||
<param name="heap-size" value="64m"/>
|
||||
<param name="max-heap-size" value="512m"/>
|
||||
</feature>
|
||||
</feature>
|
||||
<feature spec="domain.server-group">
|
||||
<param name="server-group" value="load-balancer-group"/>
|
||||
<param name="profile" value="load-balancer" />
|
||||
<param name="socket-binding-group" value="load-balancer-sockets" />
|
||||
<param name="socket-binding-default-interface" value="public"/>
|
||||
<feature spec="domain.server-group.jvm">
|
||||
<param name="jvm" value="default"/>
|
||||
<param name="heap-size" value="64m"/>
|
||||
<param name="max-heap-size" value="512m"/>
|
||||
</feature>
|
||||
</feature>
|
||||
|
||||
</feature-group-spec>
|
|
@ -0,0 +1,34 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<feature-group-spec name="host-master" xmlns="urn:jboss:galleon:feature-group:1.0">
|
||||
<feature-group name="servlet-host-master">
|
||||
<exclude spec="host.server-config"/>
|
||||
|
||||
</feature-group>
|
||||
<feature spec="host">
|
||||
<param name="host" value="master"/>
|
||||
<feature spec="host.interface">
|
||||
<param name="interface" value="public"/>
|
||||
<param name="inet-address" value="${jboss.bind.address:127.0.0.1}"/>
|
||||
</feature>
|
||||
<feature spec="host.jvm">
|
||||
<param name="jvm" value="default"/>
|
||||
<param name="jvm-options" value="["-server","-XX:MetaspaceSize=96m","-XX:MaxMetaspaceSize=256m"]"/>
|
||||
</feature>
|
||||
<feature spec="host.server-config">
|
||||
<param name="server-config" value="load-balancer"/>
|
||||
<param name="group" value="load-balancer-group"/>
|
||||
<feature spec="host.server-config.jvm">
|
||||
<param name="jvm" value="default"/>
|
||||
</feature>
|
||||
</feature>
|
||||
<feature spec="host.server-config">
|
||||
<param name="server-config" value="server-one"/>
|
||||
<param name="group" value="auth-server-group"/>
|
||||
<param name="auto-start" value="true"/>
|
||||
<param name="socket-binding-port-offset" value="150"/>
|
||||
<feature spec="host.server-config.jvm">
|
||||
<param name="jvm" value="default"/>
|
||||
</feature>
|
||||
</feature>
|
||||
</feature>
|
||||
</feature-group-spec>
|
|
@ -0,0 +1,28 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<feature-group-spec name="host-slave" xmlns="urn:jboss:galleon:feature-group:1.0">
|
||||
<feature-group name="servlet-host-slave">
|
||||
<exclude feature-id="host.interface:host=slave,interface=unsecure"/>
|
||||
<exclude feature-id="host.interface:host=slave,interface=private"/>
|
||||
<exclude spec="host.server-config"/>
|
||||
</feature-group>
|
||||
<feature spec="host">
|
||||
<param name="host" value="slave"/>
|
||||
<feature spec="host.interface">
|
||||
<param name="interface" value="public"/>
|
||||
<param name="inet-address" value="${jboss.bind.address:127.0.0.1}"/>
|
||||
</feature>
|
||||
<feature spec="host.jvm">
|
||||
<param name="jvm" value="default"/>
|
||||
<param name="jvm-options" value="["-server","-XX:MetaspaceSize=96m","-XX:MaxMetaspaceSize=256m"]"/>
|
||||
</feature>
|
||||
<feature spec="host.server-config">
|
||||
<param name="server-config" value="server-two"/>
|
||||
<param name="group" value="auth-server-group"/>
|
||||
<param name="auto-start" value="true"/>
|
||||
<param name="socket-binding-port-offset" value="250"/>
|
||||
<feature spec="host.server-config.jvm">
|
||||
<param name="jvm" value="default"/>
|
||||
</feature>
|
||||
</feature>
|
||||
</feature>
|
||||
</feature-group-spec>
|
|
@ -0,0 +1,35 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<feature-group-spec name="host" xmlns="urn:jboss:galleon:feature-group:1.0">
|
||||
<feature-group name="servlet-host">
|
||||
<exclude feature-id="host.interface:host=master,interface=unsecure"/>
|
||||
<exclude feature-id="host.interface:host=master,interface=private"/>
|
||||
<exclude spec="host.server-config"/>
|
||||
</feature-group>
|
||||
<feature spec="host">
|
||||
<param name="host" value="master"/>
|
||||
<feature spec="host.interface">
|
||||
<param name="interface" value="public"/>
|
||||
<param name="inet-address" value="${jboss.bind.address:127.0.0.1}"/>
|
||||
</feature>
|
||||
<feature spec="host.jvm">
|
||||
<param name="jvm" value="default"/>
|
||||
<param name="jvm-options" value="["-server","-XX:MetaspaceSize=96m","-XX:MaxMetaspaceSize=256m"]"/>
|
||||
</feature>
|
||||
<feature spec="host.server-config">
|
||||
<param name="server-config" value="load-balancer"/>
|
||||
<param name="group" value="load-balancer-group"/>
|
||||
<feature spec="host.server-config.jvm">
|
||||
<param name="jvm" value="default"/>
|
||||
</feature>
|
||||
</feature>
|
||||
<feature spec="host.server-config">
|
||||
<param name="server-config" value="server-one"/>
|
||||
<param name="group" value="auth-server-group"/>
|
||||
<param name="auto-start" value="true"/>
|
||||
<param name="socket-binding-port-offset" value="150"/>
|
||||
<feature spec="host.server-config.jvm">
|
||||
<param name="jvm" value="default"/>
|
||||
</feature>
|
||||
</feature>
|
||||
</feature>
|
||||
</feature-group-spec>
|
|
@ -0,0 +1,31 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<feature-group-spec name="infinispan-dist-ejb" xmlns="urn:jboss:galleon:feature-group:1.0">
|
||||
|
||||
<feature spec="subsystem.infinispan">
|
||||
|
||||
<feature spec="subsystem.infinispan.cache-container">
|
||||
<param name="cache-container" value="ejb"/>
|
||||
<param name="modules" value="[org.wildfly.clustering.ejb.infinispan]"/>
|
||||
<param name="default-cache" value="dist"/>
|
||||
<param name="aliases" value="[sfsb]"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.transport.jgroups">
|
||||
<param name="lock-timeout" value="60000"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.distributed-cache">
|
||||
<param name="distributed-cache" value="dist"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.distributed-cache.component.locking">
|
||||
<param name="isolation" value="REPEATABLE_READ"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.distributed-cache.component.transaction">
|
||||
<param name="mode" value="BATCH"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.distributed-cache.store.file">
|
||||
<unset param="relative-to"/>
|
||||
</feature>
|
||||
</feature>
|
||||
</feature>
|
||||
|
||||
</feature>
|
||||
|
||||
</feature-group-spec>
|
||||
|
|
@ -0,0 +1,39 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<feature-group-spec name="infinispan-dist-hibernate" xmlns="urn:jboss:galleon:feature-group:1.0">
|
||||
<feature spec="subsystem.infinispan">
|
||||
|
||||
<feature spec="subsystem.infinispan.cache-container">
|
||||
<param name="cache-container" value="hibernate"/>
|
||||
<param name="modules" value="[org.infinispan.hibernate-cache]"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache">
|
||||
<param name="local-cache" value="local-query"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache.component.expiration">
|
||||
<param name="max-idle" value="100000"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache.memory.heap">
|
||||
<param name="size" value="10000"/>
|
||||
</feature>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.transport.jgroups">
|
||||
<param name="lock-timeout" value="60000"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.replicated-cache">
|
||||
<param name="replicated-cache" value="timestamps"/>
|
||||
<param name="mode" value="ASYNC"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.invalidation-cache">
|
||||
<param name="invalidation-cache" value="entity"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.invalidation-cache.component.transaction">
|
||||
<param name="mode" value="NON_XA"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.invalidation-cache.component.expiration">
|
||||
<param name="max-idle" value="100000"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.invalidation-cache.memory.heap">
|
||||
<param name="size" value="10000"/>
|
||||
</feature>
|
||||
</feature>
|
||||
</feature>
|
||||
|
||||
</feature>
|
||||
</feature-group-spec>
|
|
@ -0,0 +1,77 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<feature-group-spec name="infinispan-dist-keycloak" xmlns="urn:jboss:galleon:feature-group:1.0">
|
||||
<feature spec="subsystem.infinispan">
|
||||
<feature spec="subsystem.infinispan.cache-container">
|
||||
<param name="cache-container" value="keycloak"/>
|
||||
<param name="modules" value="[org.keycloak.keycloak-model-infinispan]"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.transport.jgroups">
|
||||
<param name="lock-timeout" value="60000"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache">
|
||||
<param name="local-cache" value="realms"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache.memory.heap">
|
||||
<param name="size" value="10000"/>
|
||||
</feature>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache">
|
||||
<param name="local-cache" value="users"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache.memory.heap">
|
||||
<param name="size" value="10000"/>
|
||||
</feature>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.distributed-cache">
|
||||
<param name="distributed-cache" value="sessions"/>
|
||||
<param name="owners" value="1"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.distributed-cache">
|
||||
<param name="distributed-cache" value="authenticationSessions"/>
|
||||
<param name="owners" value="1"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.distributed-cache">
|
||||
<param name="distributed-cache" value="offlineSessions"/>
|
||||
<param name="owners" value="1"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.distributed-cache">
|
||||
<param name="distributed-cache" value="clientSessions"/>
|
||||
<param name="owners" value="1"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.distributed-cache">
|
||||
<param name="distributed-cache" value="offlineClientSessions"/>
|
||||
<param name="owners" value="1"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.distributed-cache">
|
||||
<param name="distributed-cache" value="loginFailures"/>
|
||||
<param name="owners" value="1"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache">
|
||||
<param name="local-cache" value="authorization"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache.memory.heap">
|
||||
<param name="size" value="10000"/>
|
||||
</feature>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.replicated-cache">
|
||||
<param name="replicated-cache" value="work"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache">
|
||||
<param name="local-cache" value="keys"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache.memory.heap">
|
||||
<param name="size" value="1000"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache.component.expiration">
|
||||
<param name="max-idle" value="3600000"/>
|
||||
</feature>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.distributed-cache">
|
||||
<param name="distributed-cache" value="actionTokens"/>
|
||||
<param name="owners" value="2"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.distributed-cache.memory.heap">
|
||||
<param name="size" value="-1"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.distributed-cache.component.expiration">
|
||||
<param name="max-idle" value="-1"/>
|
||||
<param name="interval" value="300000"/>
|
||||
</feature>
|
||||
</feature>
|
||||
</feature>
|
||||
</feature>
|
||||
</feature-group-spec>
|
|
@ -0,0 +1,22 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<feature-group-spec name="infinispan-dist-server" xmlns="urn:jboss:galleon:feature-group:1.0">
|
||||
<feature spec="subsystem.infinispan">
|
||||
|
||||
<feature spec="subsystem.infinispan.cache-container">
|
||||
<param name="cache-container" value="server"/>
|
||||
<param name="modules" value="[org.wildfly.clustering.server]"/>
|
||||
<param name="default-cache" value="default"/>
|
||||
<param name="aliases" value="[singleton, cluster]"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.transport.jgroups">
|
||||
<param name="lock-timeout" value="60000"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.replicated-cache">
|
||||
<param name="replicated-cache" value="default"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.replicated-cache.component.transaction">
|
||||
<param name="mode" value="BATCH"/>
|
||||
</feature>
|
||||
</feature>
|
||||
</feature>
|
||||
</feature>
|
||||
|
||||
</feature-group-spec>
|
|
@ -0,0 +1,40 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<feature-group-spec name="infinispan-dist-web" xmlns="urn:jboss:galleon:feature-group:1.0">
|
||||
<feature spec="subsystem.infinispan">
|
||||
|
||||
<feature spec="subsystem.infinispan.cache-container">
|
||||
<param name="cache-container" value="web"/>
|
||||
<param name="modules" value="[org.wildfly.clustering.web.infinispan]"/>
|
||||
<param name="default-cache" value="dist"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.transport.jgroups">
|
||||
<param name="transport" value="jgroups"/>
|
||||
<param name="lock-timeout" value="60000"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.distributed-cache">
|
||||
<param name="distributed-cache" value="dist"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.distributed-cache.component.locking">
|
||||
<param name="isolation" value="REPEATABLE_READ"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.distributed-cache.component.transaction">
|
||||
<param name="mode" value="BATCH"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.distributed-cache.store.file">
|
||||
<unset param="relative-to"/>
|
||||
</feature>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.replicated-cache">
|
||||
<param name="replicated-cache" value="sso"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.replicated-cache.component.locking">
|
||||
<param name="isolation" value="REPEATABLE_READ"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.replicated-cache.component.transaction">
|
||||
<param name="mode" value="BATCH"/>
|
||||
</feature>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.distributed-cache">
|
||||
<param name="distributed-cache" value="routing"/>
|
||||
</feature>
|
||||
</feature>
|
||||
|
||||
</feature>
|
||||
</feature-group-spec>
|
|
@ -0,0 +1,14 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<feature-group-spec name="infinispan-dist" xmlns="urn:jboss:galleon:feature-group:1.0">
|
||||
|
||||
<feature-group name="infinispan-dist-keycloak"/>
|
||||
|
||||
<feature-group name="infinispan-dist-server"/>
|
||||
|
||||
<feature-group name="infinispan-dist-web"/>
|
||||
|
||||
<feature-group name="infinispan-dist-ejb"/>
|
||||
|
||||
<feature-group name="infinispan-dist-hibernate"/>
|
||||
|
||||
</feature-group-spec>
|
|
@ -0,0 +1,28 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<feature-group-spec name="infinispan-local-ejb" xmlns="urn:jboss:galleon:feature-group:1.0">
|
||||
|
||||
<feature spec="subsystem.infinispan">
|
||||
|
||||
<feature spec="subsystem.infinispan.cache-container">
|
||||
<param name="cache-container" value="ejb"/>
|
||||
<param name="modules" value="[org.wildfly.clustering.ejb.infinispan]"/>
|
||||
<param name="aliases" value="[sfsb]"/>
|
||||
<param name="default-cache" value="passivation"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache">
|
||||
<param name="local-cache" value="passivation"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache.component.locking">
|
||||
<param name="isolation" value="REPEATABLE_READ"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache.component.transaction">
|
||||
<param name="mode" value="BATCH"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache.store.file">
|
||||
<param name="passivation" value="true"/>
|
||||
<param name="purge" value="false"/>
|
||||
<unset param="relative-to"/>
|
||||
</feature>
|
||||
</feature>
|
||||
</feature>
|
||||
</feature>
|
||||
|
||||
</feature-group-spec>
|
|
@ -0,0 +1,30 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<feature-group-spec name="infinispan-local-hibernate" xmlns="urn:jboss:galleon:feature-group:1.0">
|
||||
<feature spec="subsystem.infinispan">
|
||||
<feature spec="subsystem.infinispan.cache-container">
|
||||
<param name="cache-container" value="hibernate"/>
|
||||
<param name="modules" value="[org.infinispan.hibernate-cache]"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache">
|
||||
<param name="local-cache" value="entity"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache.component.expiration">
|
||||
<param name="max-idle" value="100000"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache.memory.heap">
|
||||
<param name="size" value="10000"/>
|
||||
</feature>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache">
|
||||
<param name="local-cache" value="local-query"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache.component.expiration">
|
||||
<param name="max-idle" value="100000"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache.memory.heap">
|
||||
<param name="size" value="10000"/>
|
||||
</feature>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache">
|
||||
<param name="local-cache" value="timestamps"/>
|
||||
</feature>
|
||||
</feature>
|
||||
</feature>
|
||||
</feature-group-spec>
|
|
@ -0,0 +1,67 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<feature-group-spec name="infinispan-local-keycloak" xmlns="urn:jboss:galleon:feature-group:1.0">
|
||||
<feature spec="subsystem.infinispan">
|
||||
<feature spec="subsystem.infinispan.cache-container">
|
||||
<param name="cache-container" value="keycloak"/>
|
||||
<param name="modules" value="[org.keycloak.keycloak-model-infinispan]"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache">
|
||||
<param name="local-cache" value="realms"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache.memory.heap">
|
||||
<param name="size" value="10000"/>
|
||||
</feature>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache">
|
||||
<param name="local-cache" value="users"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache.memory.heap">
|
||||
<param name="size" value="10000"/>
|
||||
</feature>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache">
|
||||
<param name="local-cache" value="sessions"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache">
|
||||
<param name="local-cache" value="authenticationSessions"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache">
|
||||
<param name="local-cache" value="offlineSessions"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache">
|
||||
<param name="local-cache" value="clientSessions"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache">
|
||||
<param name="local-cache" value="offlineClientSessions"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache">
|
||||
<param name="local-cache" value="loginFailures"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache">
|
||||
<param name="local-cache" value="work"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache">
|
||||
<param name="local-cache" value="authorization"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache.memory.heap">
|
||||
<param name="size" value="10000"/>
|
||||
</feature>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache">
|
||||
<param name="local-cache" value="keys"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache.memory.heap">
|
||||
<param name="size" value="1000"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache.component.expiration">
|
||||
<param name="max-idle" value="3600000"/>
|
||||
</feature>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache">
|
||||
<param name="local-cache" value="actionTokens"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache.memory.heap">
|
||||
<param name="size" value="-1"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache.component.expiration">
|
||||
<param name="max-idle" value="-1"/>
|
||||
<param name="interval" value="300000"/>
|
||||
</feature>
|
||||
</feature>
|
||||
</feature>
|
||||
</feature>
|
||||
</feature-group-spec>
|
|
@ -0,0 +1,19 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<feature-group-spec name="infinispan-local-server" xmlns="urn:jboss:galleon:feature-group:1.0">
|
||||
|
||||
<feature spec="subsystem.infinispan">
|
||||
|
||||
<feature spec="subsystem.infinispan.cache-container">
|
||||
<param name="cache-container" value="server"/>
|
||||
<param name="modules" value="[org.wildfly.clustering.server]"/>
|
||||
<param name="default-cache" value="default"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache">
|
||||
<param name="local-cache" value="default"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache.component.transaction">
|
||||
<param name="mode" value="BATCH"/>
|
||||
</feature>
|
||||
</feature>
|
||||
</feature>
|
||||
</feature>
|
||||
|
||||
</feature-group-spec>
|
|
@ -0,0 +1,37 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<feature-group-spec name="infinispan-local-web" xmlns="urn:jboss:galleon:feature-group:1.0">
|
||||
<feature spec="subsystem.infinispan">
|
||||
|
||||
<feature spec="subsystem.infinispan.cache-container">
|
||||
<param name="cache-container" value="web"/>
|
||||
<param name="modules" value="[org.wildfly.clustering.web.infinispan]"/>
|
||||
<param name="default-cache" value="passivation"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache">
|
||||
<param name="local-cache" value="passivation"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache.component.locking">
|
||||
<param name="isolation" value="REPEATABLE_READ"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache.component.transaction">
|
||||
<param name="mode" value="BATCH"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache.store.file">
|
||||
<param name="passivation" value="true"/>
|
||||
<param name="purge" value="false"/>
|
||||
<unset param="relative-to"/>
|
||||
</feature>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache">
|
||||
<param name="local-cache" value="sso"/>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache.component.locking">
|
||||
<param name="isolation" value="REPEATABLE_READ"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache.component.transaction">
|
||||
<param name="mode" value="BATCH"/>
|
||||
</feature>
|
||||
</feature>
|
||||
<feature spec="subsystem.infinispan.cache-container.local-cache">
|
||||
<param name="local-cache" value="routing"/>
|
||||
</feature>
|
||||
</feature>
|
||||
</feature>
|
||||
</feature-group-spec>
|
|
@ -0,0 +1,14 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<feature-group-spec name="infinispan-local" xmlns="urn:jboss:galleon:feature-group:1.0">
|
||||
|
||||
<feature-group name="infinispan-local-keycloak"/>
|
||||
|
||||
<feature-group name="infinispan-local-server"/>
|
||||
|
||||
<feature-group name="infinispan-local-web"/>
|
||||
|
||||
<feature-group name="infinispan-local-ejb"/>
|
||||
|
||||
<feature-group name="infinispan-local-hibernate"/>
|
||||
|
||||
</feature-group-spec>
|
|
@ -0,0 +1,18 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<feature-group-spec name="keycloak-datasource" xmlns="urn:jboss:galleon:feature-group:1.0">
|
||||
<feature spec="subsystem.datasources">
|
||||
<feature spec="subsystem.datasources.data-source">
|
||||
<param name="data-source" value="KeycloakDS"/>
|
||||
<param name="enabled" value="true"/>
|
||||
<param name="use-java-context" value="true"/>
|
||||
<param name="jndi-name" value="java:jboss/datasources/KeycloakDS"/>
|
||||
<param name="data-source" value="KeycloakDS"/>
|
||||
<param name="connection-url" value=""jdbc:h2:${jboss.server.data.dir}/keycloak;AUTO_SERVER=TRUE""/>
|
||||
<param name="driver-name" value="h2"/>
|
||||
<param name="user-name" value="sa"/>
|
||||
<param name="password" value="sa"/>
|
||||
<param name="statistics-enabled" value="${wildfly.datasources.statistics-enabled:${wildfly.statistics-enabled:false}}" />
|
||||
</feature>
|
||||
</feature>
|
||||
</feature-group-spec>
|
||||
|
|
@ -0,0 +1,124 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2021 Red Hat, Inc.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<!--
|
||||
IMPORTANT NOTE: Content of this file is based on wildfly/server-subsystem/src/main/config/default-server-subsys-config.properties
|
||||
!!! Both of them need to be in sync !!!
|
||||
-->
|
||||
<feature-group-spec name="keycloak-server-subsystem" xmlns="urn:jboss:galleon:feature-group:1.0">
|
||||
|
||||
<feature spec="subsystem.keycloak-server">
|
||||
<param name="web-context" value="auth"/>
|
||||
<param name="providers" value="[classpath:${jboss.home.dir}/providers/*]"/>
|
||||
<param name="master-realm-name" value="master"/>
|
||||
<param name="scheduled-task-interval" value="900"/>
|
||||
<feature spec="subsystem.keycloak-server.theme">
|
||||
<param name="theme" value="defaults"/>
|
||||
<param name="staticMaxAge" value="2592000"/>
|
||||
<param name="cacheThemes" value="true"/>
|
||||
<param name="cacheTemplates" value="true"/>
|
||||
<param name="dir" value="${jboss.home.dir}/themes"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.keycloak-server.spi">
|
||||
<param name="spi" value="eventsStore"/>
|
||||
<feature spec="subsystem.keycloak-server.spi.provider">
|
||||
<param name="provider" value="jpa"/>
|
||||
<param name="enabled" value="true"/>
|
||||
<param name="properties" value="{exclude-events="[\"REFRESH_TOKEN\"]"}"/>
|
||||
</feature>
|
||||
</feature>
|
||||
<feature spec="subsystem.keycloak-server.spi">
|
||||
<param name="spi" value="userCache"/>
|
||||
<feature spec="subsystem.keycloak-server.spi.provider">
|
||||
<param name="provider" value="default"/>
|
||||
<param name="enabled" value="true"/>
|
||||
</feature>
|
||||
</feature>
|
||||
<feature spec="subsystem.keycloak-server.spi">
|
||||
<param name="spi" value="userSessionPersister"/>
|
||||
<param name="default-provider" value="jpa"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.keycloak-server.spi">
|
||||
<param name="spi" value="timer"/>
|
||||
<param name="default-provider" value="basic"/>
|
||||
</feature>
|
||||
<feature spec="subsystem.keycloak-server.spi">
|
||||
<param name="spi" value="connectionsHttpClient"/>
|
||||
<feature spec="subsystem.keycloak-server.spi.provider">
|
||||
<param name="provider" value="default"/>
|
||||
<param name="enabled" value="true"/>
|
||||
</feature>
|
||||
</feature>
|
||||
<feature spec="subsystem.keycloak-server.spi">
|
||||
<param name="spi" value="connectionsJpa"/>
|
||||
<feature spec="subsystem.keycloak-server.spi.provider">
|
||||
<param name="provider" value="default"/>
|
||||
<param name="enabled" value="true"/>
|
||||
<param name="properties" value="{[dataSource="java:jboss/datasources/KeycloakDS",initializeEmpty="true",migrationStrategy="update",migrationExport="${jboss.home.dir}/keycloak-database-update.sql"]}"/>
|
||||
</feature>
|
||||
</feature>
|
||||
<feature spec="subsystem.keycloak-server.spi">
|
||||
<param name="spi" value="realmCache"/>
|
||||
<feature spec="subsystem.keycloak-server.spi.provider">
|
||||
<param name="provider" value="default"/>
|
||||
<param name="enabled" value="true"/>
|
||||
</feature>
|
||||
</feature>
|
||||
<feature spec="subsystem.keycloak-server.spi">
|
||||
<param name="spi" value="connectionsInfinispan"/>
|
||||
<param name="default-provider" value="default"/>
|
||||
<feature spec="subsystem.keycloak-server.spi.provider">
|
||||
<param name="provider" value="default"/>
|
||||
<param name="enabled" value="true"/>
|
||||
<param name="properties" value="{cacheContainer="java:jboss/infinispan/container/keycloak"}"/>
|
||||
</feature>
|
||||
</feature>
|
||||
<feature spec="subsystem.keycloak-server.spi">
|
||||
<param name="spi" value="jta-lookup"/>
|
||||
<param name="default-provider" value="${keycloak.jta.lookup.provider:jboss}"/>
|
||||
<feature spec="subsystem.keycloak-server.spi.provider">
|
||||
<param name="provider" value="jboss"/>
|
||||
<param name="enabled" value="true"/>
|
||||
</feature>
|
||||
</feature>
|
||||
<feature spec="subsystem.keycloak-server.spi">
|
||||
<param name="spi" value="publicKeyStorage"/>
|
||||
<feature spec="subsystem.keycloak-server.spi.provider">
|
||||
<param name="provider" value="infinispan"/>
|
||||
<param name="enabled" value="true"/>
|
||||
<param name="properties" value="{minTimeBetweenRequests="10"}"/>
|
||||
</feature>
|
||||
</feature>
|
||||
<feature spec="subsystem.keycloak-server.spi">
|
||||
<param name="spi" value="x509cert-lookup"/>
|
||||
<param name="default-provider" value="${keycloak.x509cert.lookup.provider:default}"/>
|
||||
<feature spec="subsystem.keycloak-server.spi.provider">
|
||||
<param name="provider" value="default"/>
|
||||
<param name="enabled" value="true"/>
|
||||
</feature>
|
||||
</feature>
|
||||
<feature spec="subsystem.keycloak-server.spi">
|
||||
<param name="spi" value="hostname"/>
|
||||
<param name="default-provider" value="default"/>
|
||||
<feature spec="subsystem.keycloak-server.spi.provider">
|
||||
<param name="provider" value="default"/>
|
||||
<param name="enabled" value="true"/>
|
||||
<param name="properties" value="{[frontendUrl="${keycloak.frontendUrl:}",forceBackendUrlToFrontendUrl="false"]}"/>
|
||||
</feature>
|
||||
</feature>
|
||||
</feature>
|
||||
|
||||
</feature-group-spec>
|
|
@ -0,0 +1,43 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<feature-group-spec name="standalone-ha" xmlns="urn:jboss:galleon:feature-group:1.0">
|
||||
|
||||
<origin name="org.wildfly:wildfly-ee-galleon-pack">
|
||||
<feature-group name="standalone-ha">
|
||||
<exclude spec="subsystem.sar"/>
|
||||
<exclude spec="subsystem.jdr"/>
|
||||
<exclude spec="subsystem.jsf"/>
|
||||
<exclude spec="subsystem.pojo"/>
|
||||
<exclude spec="subsystem.webservices"/>
|
||||
<exclude spec="subsystem.batch-jberet"/>
|
||||
<exclude spec="subsystem.distributable-web"/>
|
||||
<exclude spec="subsystem.discovery"/>
|
||||
<exclude spec="subsystem.ee-security"/>
|
||||
<exclude spec="subsystem.resource-adapters"/>
|
||||
<exclude spec="subsystem.infinispan"/>
|
||||
<exclude spec="subsystem.singleton"/>
|
||||
</feature-group>
|
||||
<feature-group name="deployment-scanner"/>
|
||||
<feature-group name="ee">
|
||||
<feature spec="subsystem.ee">
|
||||
<feature spec="subsystem.ee.context-service">
|
||||
<param name="context-service" value="default"/>
|
||||
<param name="jndi-name" value="java:jboss/ee/concurrency/context/default"/>
|
||||
<param name="use-transaction-setup-provider" value="true"/>
|
||||
</feature>
|
||||
</feature>
|
||||
</feature-group>
|
||||
<feature-group name="ejb3"/>
|
||||
<feature-group name="health"/>
|
||||
<feature-group name="io"/>
|
||||
<feature-group name="jaxrs"/>
|
||||
<feature-group name="jca"/>
|
||||
<feature-group name="logging"/>
|
||||
<feature-group name="jgroups"/>
|
||||
</origin>
|
||||
<feature-group name="keycloak-server-subsystem"/>
|
||||
<feature-group name="datasources">
|
||||
<feature-group name="keycloak-datasource"/>
|
||||
</feature-group>
|
||||
<feature-group name="infinispan-dist"/>
|
||||
|
||||
</feature-group-spec>
|
|
@ -0,0 +1,42 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<feature-group-spec name="standalone" xmlns="urn:jboss:galleon:feature-group:1.0">
|
||||
|
||||
<origin name="org.wildfly:wildfly-ee-galleon-pack">
|
||||
<feature-group name="standalone">
|
||||
<exclude spec="subsystem.sar"/>
|
||||
<exclude spec="subsystem.jdr"/>
|
||||
<exclude spec="subsystem.jsf"/>
|
||||
<exclude spec="subsystem.pojo"/>
|
||||
<exclude spec="subsystem.webservices"/>
|
||||
<exclude spec="subsystem.batch-jberet"/>
|
||||
<exclude spec="subsystem.distributable-web"/>
|
||||
<exclude spec="subsystem.discovery"/>
|
||||
<exclude spec="subsystem.ee-security"/>
|
||||
<exclude spec="subsystem.resource-adapters"/>
|
||||
<exclude spec="subsystem.infinispan"/>
|
||||
</feature-group>
|
||||
<feature-group name="deployment-scanner"/>
|
||||
<feature-group name="ee">
|
||||
<feature spec="subsystem.ee">
|
||||
<feature spec="subsystem.ee.context-service">
|
||||
<param name="context-service" value="default"/>
|
||||
<param name="jndi-name" value="java:jboss/ee/concurrency/context/default"/>
|
||||
<param name="use-transaction-setup-provider" value="true"/>
|
||||
</feature>
|
||||
</feature>
|
||||
</feature-group>
|
||||
<feature-group name="ejb3"/>
|
||||
<feature-group name="health"/>
|
||||
<feature-group name="io"/>
|
||||
<feature-group name="jaxrs"/>
|
||||
<feature-group name="jca"/>
|
||||
<feature-group name="logging"/>
|
||||
</origin>
|
||||
|
||||
<feature-group name="keycloak-server-subsystem"/>
|
||||
<feature-group name="datasources">
|
||||
<feature-group name="keycloak-datasource"/>
|
||||
</feature-group>
|
||||
<feature-group name="infinispan-local"/>
|
||||
|
||||
</feature-group-spec>
|
|
@ -0,0 +1,19 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2021 Red Hat, Inc.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<layer-spec xmlns="urn:jboss:galleon:layer-spec:1.0" name="keycloak">
|
||||
<feature spec="subsystem.keycloak-server"/>
|
||||
</layer-spec>
|
|
@ -0,0 +1 @@
|
|||
layers=keycloak
|
|
@ -0,0 +1,28 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2019 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.3" name="com.fasterxml.jackson.dataformat.jackson-dataformat-cbor">
|
||||
<resources>
|
||||
<artifact name="${com.fasterxml.jackson.dataformat:jackson-dataformat-cbor}"/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="com.fasterxml.jackson.core.jackson-core"/>
|
||||
<module name="com.fasterxml.jackson.core.jackson-databind"/>
|
||||
<module name="com.fasterxml.jackson.core.jackson-annotations"/>
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,25 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.3" name="com.github.ua-parser">
|
||||
<resources>
|
||||
<artifact name="${com.github.ua-parser:uap-java}"/>
|
||||
</resources>
|
||||
<dependencies>
|
||||
<module name="org.yaml.snakeyaml"/>
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,30 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.3" name="com.google.zxing.core">
|
||||
<properties>
|
||||
<property name="jboss.api" value="private"/>
|
||||
</properties>
|
||||
|
||||
<resources>
|
||||
<artifact name="${com.google.zxing:core}"/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="javax.api"/>
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,31 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.3" name="com.google.zxing.javase">
|
||||
<properties>
|
||||
<property name="jboss.api" value="private"/>
|
||||
</properties>
|
||||
|
||||
<resources>
|
||||
<artifact name="${com.google.zxing:javase}"/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="com.google.zxing.core"/>
|
||||
<module name="javax.api"/>
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,26 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2018 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.3" name="com.googlecode.owasp-java-html-sanitizer">
|
||||
<resources>
|
||||
<artifact name="${com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer}"/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="com.google.guava"/>
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,34 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ * Copyright 2018 Red Hat, Inc. and/or its affiliates
|
||||
~ * and other contributors as indicated by the @author tags.
|
||||
~ *
|
||||
~ * Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ * you may not use this file except in compliance with the License.
|
||||
~ * You may obtain a copy of the License at
|
||||
~ *
|
||||
~ * http://www.apache.org/licenses/LICENSE-2.0
|
||||
~ *
|
||||
~ * Unless required by applicable law or agreed to in writing, software
|
||||
~ * distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ * See the License for the specific language governing permissions and
|
||||
~ * limitations under the License.
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.3" name="com.openshift.openshift-restclient-java">
|
||||
<properties>
|
||||
<property name="jboss.api" value="private"/>
|
||||
</properties>
|
||||
|
||||
<resources>
|
||||
<artifact name="${com.openshift:openshift-restclient-java}"/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="com.squareup.okhttp3"/>
|
||||
<module name="org.apache.commons.lang"/>
|
||||
<module name="org.jboss.dmr"/>
|
||||
<module name="org.apache.log4j"/>
|
||||
<module name="org.slf4j"/>
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,32 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2019 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.3" name="com.webauthn4j.webauthn4j-core">
|
||||
<resources>
|
||||
<artifact name="${com.webauthn4j:webauthn4j-core}"/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="org.slf4j"/>
|
||||
<module name="org.apache.kerby.kerby-asn1"/>
|
||||
<module name="com.fasterxml.jackson.core.jackson-core"/>
|
||||
<module name="com.fasterxml.jackson.core.jackson-databind"/>
|
||||
<module name="com.fasterxml.jackson.core.jackson-annotations"/>
|
||||
<module name="com.fasterxml.jackson.dataformat.jackson-dataformat-cbor"/>
|
||||
<module name="com.webauthn4j.webauthn4j-util"/>
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,29 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2019 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.3" name="com.webauthn4j.webauthn4j-util">
|
||||
<resources>
|
||||
<artifact name="${com.webauthn4j:webauthn4j-util}"/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="com.fasterxml.jackson.core.jackson-core"/>
|
||||
<module name="com.fasterxml.jackson.core.jackson-databind"/>
|
||||
<module name="com.fasterxml.jackson.core.jackson-annotations"/>
|
||||
<module name="com.fasterxml.jackson.dataformat.jackson-dataformat-cbor"/>
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,30 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2019 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<module xmlns="urn:jboss:module:1.3" name="org.apache.commons.lang">
|
||||
<properties>
|
||||
<property name="jboss.api" value="private"/>
|
||||
</properties>
|
||||
|
||||
<resources>
|
||||
<artifact name="${commons-lang:commons-lang}"/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,30 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2019 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<module xmlns="urn:jboss:module:1.3" name="org.apache.commons.lang3">
|
||||
<properties>
|
||||
<property name="jboss.api" value="private"/>
|
||||
</properties>
|
||||
|
||||
<resources>
|
||||
<artifact name="${org.apache.commons:commons-lang3}"/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,23 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2019 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.3" name="org.apache.kerby.kerby-asn1">
|
||||
<resources>
|
||||
<artifact name="${org.apache.kerby:kerby-asn1}"/>
|
||||
</resources>
|
||||
|
||||
</module>
|
|
@ -0,0 +1,31 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.3" name="org.freemarker">
|
||||
<properties>
|
||||
<property name="jboss.api" value="private"/>
|
||||
</properties>
|
||||
|
||||
<resources>
|
||||
<artifact name="${org.freemarker:freemarker}"/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="javax.api"/>
|
||||
<module name="org.apache.log4j"/>
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,37 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2020 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
~
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.3" name="org.infinispan.jboss-marshalling">
|
||||
<properties>
|
||||
<property name="jboss.api" value="private"/>
|
||||
</properties>
|
||||
|
||||
<resources>
|
||||
<artifact name="${org.infinispan:infinispan-jboss-marshalling}"/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="javax.api"/>
|
||||
<module name="com.github.ben-manes.caffeine"/>
|
||||
<module name="org.infinispan"/>
|
||||
<module name="org.infinispan.commons"/>
|
||||
<module name="org.jboss.logging"/>
|
||||
<module name="org.jboss.marshalling"/>
|
||||
<module name="org.jboss.marshalling.river"/>
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,29 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2021 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
~
|
||||
-->
|
||||
<module name="org.jboss.marshalling" xmlns="urn:jboss:module:1.9">
|
||||
<resources>
|
||||
<artifact name="${org.jboss.marshalling:jboss-marshalling}"/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="jdk.unsupported"/>
|
||||
<module name="org.jboss.modules"/>
|
||||
<module name="org.jboss.marshalling.river" services="import"/>
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,32 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2021 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
~
|
||||
-->
|
||||
<module name="org.jboss.marshalling.river" xmlns="urn:jboss:module:1.9">
|
||||
<properties>
|
||||
<property name="jboss.api" value="private"/>
|
||||
</properties>
|
||||
|
||||
<resources>
|
||||
<artifact name="${org.jboss.marshalling:jboss-marshalling-river}"/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="jdk.unsupported"/>
|
||||
<module name="org.jboss.marshalling"/>
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,36 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
~
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.3" name="org.keycloak.keycloak-authz-policy-common">
|
||||
<properties>
|
||||
<property name="jboss.api" value="private"/>
|
||||
</properties>
|
||||
<resources>
|
||||
<artifact name="${org.keycloak:keycloak-authz-policy-common}"/>
|
||||
</resources>
|
||||
<dependencies>
|
||||
<module name="javax.api"/>
|
||||
<module name="javax.ws.rs.api"/>
|
||||
<module name="org.keycloak.keycloak-core"/>
|
||||
<module name="org.keycloak.keycloak-common"/>
|
||||
<module name="org.keycloak.keycloak-server-spi"/>
|
||||
<module name="org.keycloak.keycloak-server-spi-private"/>
|
||||
<module name="org.keycloak.keycloak-services"/>
|
||||
</dependencies>
|
||||
|
||||
</module>
|
|
@ -0,0 +1,30 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.3" name="org.keycloak.keycloak-common">
|
||||
<resources>
|
||||
<artifact name="${org.keycloak:keycloak-common}"/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="org.bouncycastle" />
|
||||
<module name="javax.api"/>
|
||||
<module name="javax.activation.api"/>
|
||||
<module name="org.jboss.logging"/>
|
||||
<module name="sun.jdk" optional="true" />
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,35 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.3" name="org.keycloak.keycloak-core">
|
||||
<resources>
|
||||
<artifact name="${org.keycloak:keycloak-core}"/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="com.fasterxml.jackson.core.jackson-core"/>
|
||||
<module name="com.fasterxml.jackson.core.jackson-annotations"/>
|
||||
<module name="com.fasterxml.jackson.core.jackson-databind"/>
|
||||
<module name="com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider"/>
|
||||
<module name="org.keycloak.keycloak-common"/>
|
||||
<module name="org.bouncycastle" />
|
||||
<module name="org.jboss.logging"/>
|
||||
<module name="javax.api"/>
|
||||
<module name="javax.activation.api"/>
|
||||
<module name="sun.jdk" optional="true" />
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,26 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.3" name="org.keycloak.keycloak-js-adapter">
|
||||
<properties>
|
||||
<property name="jboss.api" value="private"/>
|
||||
</properties>
|
||||
|
||||
<resources>
|
||||
<artifact name="${org.keycloak:keycloak-js-adapter}"/>
|
||||
</resources>
|
||||
</module>
|
|
@ -0,0 +1,37 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.3" name="org.keycloak.keycloak-kerberos-federation">
|
||||
<properties>
|
||||
<property name="jboss.api" value="private"/>
|
||||
</properties>
|
||||
|
||||
<resources>
|
||||
<artifact name="${org.keycloak:keycloak-kerberos-federation}"/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="org.keycloak.keycloak-common"/>
|
||||
<module name="org.keycloak.keycloak-core"/>
|
||||
<module name="org.keycloak.keycloak-server-spi"/>
|
||||
<module name="org.keycloak.keycloak-server-spi-private"/>
|
||||
<module name="javax.ws.rs.api"/>
|
||||
<module name="org.jboss.resteasy.resteasy-jaxrs"/>
|
||||
<module name="org.jboss.logging"/>
|
||||
<module name="javax.api"/>
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,38 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.3" name="org.keycloak.keycloak-ldap-federation">
|
||||
<properties>
|
||||
<property name="jboss.api" value="private"/>
|
||||
</properties>
|
||||
|
||||
<resources>
|
||||
<artifact name="${org.keycloak:keycloak-ldap-federation}"/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="org.keycloak.keycloak-common"/>
|
||||
<module name="org.keycloak.keycloak-core"/>
|
||||
<module name="org.keycloak.keycloak-server-spi"/>
|
||||
<module name="org.keycloak.keycloak-server-spi-private"/>
|
||||
<module name="org.keycloak.keycloak-kerberos-federation"/>
|
||||
<module name="javax.ws.rs.api"/>
|
||||
<module name="org.jboss.resteasy.resteasy-jaxrs"/>
|
||||
<module name="org.jboss.logging"/>
|
||||
<module name="javax.api"/>
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,44 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.3" name="org.keycloak.keycloak-model-infinispan">
|
||||
<properties>
|
||||
<property name="jboss.api" value="private"/>
|
||||
</properties>
|
||||
|
||||
<resources>
|
||||
<artifact name="${org.keycloak:keycloak-model-infinispan}"/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="org.keycloak.keycloak-common"/>
|
||||
<module name="org.keycloak.keycloak-core"/>
|
||||
<module name="org.keycloak.keycloak-server-spi"/>
|
||||
<module name="org.keycloak.keycloak-server-spi-private"/>
|
||||
<module name="org.keycloak.keycloak-wildfly-extensions" export="true" services="import"/>
|
||||
<module name="org.infinispan"/>
|
||||
<module name="org.infinispan.commons"/>
|
||||
<module name="org.infinispan.persistence.remote"/>
|
||||
<module name="org.infinispan.client.hotrod"/>
|
||||
<module name="org.infinispan.jboss-marshalling"/>
|
||||
<module name="org.jgroups"/>
|
||||
<module name="org.jboss.logging"/>
|
||||
<module name="org.wildfly.clustering.marshalling.api"/>
|
||||
<module name="io.netty"/>
|
||||
<module name="javax.api"/>
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,46 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.3" name="org.keycloak.keycloak-model-jpa">
|
||||
<properties>
|
||||
<property name="jboss.api" value="private"/>
|
||||
</properties>
|
||||
|
||||
<resources>
|
||||
<artifact name="${org.keycloak:keycloak-model-jpa}"/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="javax.transaction.api"/>
|
||||
<module name="org.keycloak.keycloak-common"/>
|
||||
<module name="org.keycloak.keycloak-core"/>
|
||||
<module name="org.keycloak.keycloak-server-spi"/>
|
||||
<module name="org.keycloak.keycloak-server-spi-private"/>
|
||||
<module name="javax.persistence.api"/>
|
||||
<module name="org.jboss.logging"/>
|
||||
<module name="org.liquibase"/>
|
||||
<module name="org.javassist"/>
|
||||
<module name="org.hibernate" services="import"/>
|
||||
<module name="org.bouncycastle" />
|
||||
<module name="javax.api"/>
|
||||
<module name="com.fasterxml.jackson.core.jackson-core"/>
|
||||
<module name="com.fasterxml.jackson.core.jackson-annotations"/>
|
||||
<module name="com.fasterxml.jackson.core.jackson-databind"/>
|
||||
<module name="com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider"/>
|
||||
</dependencies>
|
||||
|
||||
</module>
|
|
@ -0,0 +1,43 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2021 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.3" name="org.keycloak.keycloak-model-map">
|
||||
<properties>
|
||||
<property name="jboss.api" value="private"/>
|
||||
</properties>
|
||||
|
||||
<resources>
|
||||
<artifact name="${org.keycloak:keycloak-model-map}"/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="javax.transaction.api"/>
|
||||
<module name="org.keycloak.keycloak-common"/>
|
||||
<module name="org.keycloak.keycloak-core"/>
|
||||
<module name="org.keycloak.keycloak-server-spi"/>
|
||||
<module name="org.keycloak.keycloak-server-spi-private"/>
|
||||
<module name="org.jboss.logging"/>
|
||||
<module name="org.javassist"/>
|
||||
<module name="javax.api"/>
|
||||
<module name="com.fasterxml.jackson.core.jackson-core"/>
|
||||
<module name="com.fasterxml.jackson.core.jackson-annotations"/>
|
||||
<module name="com.fasterxml.jackson.core.jackson-databind"/>
|
||||
<module name="com.fasterxml.jackson.datatype.jackson-datatype-jdk8"/>
|
||||
<module name="com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider"/>
|
||||
</dependencies>
|
||||
|
||||
</module>
|
|
@ -0,0 +1,38 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.3" name="org.keycloak.keycloak-saml-core-public">
|
||||
<properties>
|
||||
<property name="jboss.api" value="private"/>
|
||||
</properties>
|
||||
|
||||
<resources>
|
||||
<artifact name="${org.keycloak:keycloak-saml-core-public}"/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="org.keycloak.keycloak-common"/>
|
||||
<module name="org.jboss.logging"/>
|
||||
<module name="org.keycloak.keycloak-core"/>
|
||||
<module name="org.apache.santuario.xmlsec">
|
||||
<imports>
|
||||
<exclude path="javax/*"/>
|
||||
</imports>
|
||||
</module>
|
||||
<module name="javax.api"/>
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,40 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.3" name="org.keycloak.keycloak-saml-core">
|
||||
<properties>
|
||||
<property name="jboss.api" value="private"/>
|
||||
</properties>
|
||||
|
||||
<resources>
|
||||
<artifact name="${org.keycloak:keycloak-saml-core}"/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="org.keycloak.keycloak-common"/>
|
||||
<module name="org.keycloak.keycloak-saml-core-public"/>
|
||||
<module name="org.jboss.logging"/>
|
||||
<module name="org.keycloak.keycloak-core"/>
|
||||
<module name="org.apache.santuario.xmlsec">
|
||||
<imports>
|
||||
<exclude path="javax/*"/>
|
||||
</imports>
|
||||
</module>
|
||||
<module name="javax.api"/>
|
||||
<module name="javax.xml.bind.api"/>
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,44 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.3" name="org.keycloak.keycloak-server-spi-private">
|
||||
<properties>
|
||||
<property name="jboss.api" value="private"/>
|
||||
</properties>
|
||||
|
||||
<resources>
|
||||
<artifact name="${org.keycloak:keycloak-server-spi-private}"/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="org.jboss.logging"/>
|
||||
<module name="org.keycloak.keycloak-common"/>
|
||||
<module name="org.keycloak.keycloak-core"/>
|
||||
<module name="org.keycloak.keycloak-server-spi"/>
|
||||
<module name="org.bouncycastle" />
|
||||
<module name="javax.api"/>
|
||||
<module name="javax.ws.rs.api"/>
|
||||
<module name="org.apache.httpcomponents"/>
|
||||
<module name="org.jboss.resteasy.resteasy-jaxrs"/>
|
||||
<module name="javax.transaction.api"/>
|
||||
<module name="com.fasterxml.jackson.core.jackson-databind"/>
|
||||
<module name="com.fasterxml.jackson.core.jackson-core"/>
|
||||
<module name="com.google.guava"/>
|
||||
<module name="com.github.ua-parser" export="true"/>
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,38 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.3" name="org.keycloak.keycloak-server-spi">
|
||||
<resources>
|
||||
<artifact name="${org.keycloak:keycloak-server-spi}"/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="org.jboss.logging"/>
|
||||
<module name="org.keycloak.keycloak-common"/>
|
||||
<module name="org.keycloak.keycloak-core"/>
|
||||
<module name="org.bouncycastle" />
|
||||
<module name="javax.api"/>
|
||||
<module name="javax.ws.rs.api"/>
|
||||
<module name="org.apache.httpcomponents"/>
|
||||
<module name="org.jboss.resteasy.resteasy-jaxrs"/>
|
||||
<module name="javax.transaction.api"/>
|
||||
<module name="com.fasterxml.jackson.core.jackson-core"/>
|
||||
<module name="com.fasterxml.jackson.core.jackson-annotations"/>
|
||||
<module name="com.fasterxml.jackson.core.jackson-databind"/>
|
||||
<module name="com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider"/>
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,29 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-server-subsystem.dependencies">
|
||||
<resources>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="org.keycloak.keycloak-services" export="true"/>
|
||||
<module name="org.jboss.msc"/>
|
||||
<module name="org.infinispan" export="true"/>
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,30 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.3" name="org.keycloak.keycloak-server-subsystem">
|
||||
<properties>
|
||||
<property name="jboss.api" value="private"/>
|
||||
</properties>
|
||||
|
||||
<resources>
|
||||
<resource-root path="."/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="org.keycloak.keycloak-wildfly-server-subsystem" services="export" export="true"/>
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,27 @@
|
|||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<jboss-deployment-structure>
|
||||
<deployment>
|
||||
<dependencies>
|
||||
<module name="org.keycloak.keycloak-server-subsystem.dependencies"/>
|
||||
</dependencies>
|
||||
<exclude-subsystems>
|
||||
<subsystem name="webservices"/>
|
||||
<subsystem name="weld"/>
|
||||
</exclude-subsystems>
|
||||
</deployment>
|
||||
</jboss-deployment-structure>
|
|
@ -0,0 +1,71 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
|
||||
version="3.0">
|
||||
|
||||
<module-name>auth</module-name>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>Keycloak REST Interface</servlet-name>
|
||||
<servlet-class>org.jboss.resteasy.plugins.server.servlet.HttpServlet30Dispatcher</servlet-class>
|
||||
<init-param>
|
||||
<param-name>javax.ws.rs.Application</param-name>
|
||||
<param-value>org.keycloak.services.resources.KeycloakApplication</param-value>
|
||||
</init-param>
|
||||
<init-param>
|
||||
<param-name>resteasy.servlet.mapping.prefix</param-name>
|
||||
<param-value>/</param-value>
|
||||
</init-param>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
<async-supported>true</async-supported>
|
||||
</servlet>
|
||||
|
||||
<context-param>
|
||||
<param-name>resteasy.disable.html.sanitizer</param-name>
|
||||
<param-value>true</param-value>
|
||||
</context-param>
|
||||
|
||||
<listener>
|
||||
<listener-class>org.keycloak.provider.wildfly.WildflyLifecycleListener</listener-class>
|
||||
</listener>
|
||||
|
||||
<filter>
|
||||
<filter-name>Client Connection Filter</filter-name>
|
||||
<filter-class>org.keycloak.provider.wildfly.WildFlyRequestFilter</filter-class>
|
||||
<async-supported>true</async-supported>
|
||||
</filter>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>Client Connection Filter</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>Keycloak REST Interface</servlet-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<resource-env-ref>
|
||||
<resource-env-ref-name>infinispan/Keycloak</resource-env-ref-name>
|
||||
<resource-env-ref-type>org.infinispan.manager.EmbeddedCacheManager</resource-env-ref-type>
|
||||
<lookup-name>java:jboss/infinispan/container/keycloak</lookup-name>
|
||||
</resource-env-ref>
|
||||
</web-app>
|
|
@ -0,0 +1,81 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.3" name="org.keycloak.keycloak-services">
|
||||
<properties>
|
||||
<property name="jboss.api" value="private"/>
|
||||
</properties>
|
||||
|
||||
<resources>
|
||||
<artifact name="${org.keycloak:keycloak-services}"/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="org.keycloak.keycloak-common" services="import"/>
|
||||
<module name="org.keycloak.keycloak-core" services="import"/>
|
||||
<module name="org.keycloak.keycloak-js-adapter" services="import"/>
|
||||
<module name="org.keycloak.keycloak-kerberos-federation" services="import"/>
|
||||
<module name="org.keycloak.keycloak-ldap-federation" services="import"/>
|
||||
<module name="org.keycloak.keycloak-sssd-federation" optional="true" services="import"/>
|
||||
<module name="org.keycloak.keycloak-server-spi" services="import"/>
|
||||
<module name="org.keycloak.keycloak-server-spi-private" services="import"/>
|
||||
<module name="org.keycloak.keycloak-model-jpa" services="import"/>
|
||||
<module name="org.keycloak.keycloak-model-map" services="import"/>
|
||||
<module name="org.keycloak.keycloak-model-infinispan" services="import"/>
|
||||
<module name="org.keycloak.keycloak-saml-core-public" services="import"/>
|
||||
<module name="org.keycloak.keycloak-saml-core" services="import"/>
|
||||
<module name="org.keycloak.keycloak-services" export="true" services="import"/>
|
||||
<module name="org.keycloak.keycloak-wildfly-extensions" export="true" services="import"/>
|
||||
|
||||
<!-- Authorization -->
|
||||
<module name="org.keycloak.keycloak-authz-policy-common" services="import"/>
|
||||
|
||||
<!-- Openshift Client Storage -->
|
||||
<module name="com.openshift.openshift-restclient-java" services="import"/>
|
||||
|
||||
<module name="com.googlecode.owasp-java-html-sanitizer"/>
|
||||
<module name="com.google.guava"/>
|
||||
<module name="org.freemarker"/>
|
||||
<module name="javax.ws.rs.api"/>
|
||||
<module name="javax.mail.api"/>
|
||||
<module name="javax.xml.soap.api"/>
|
||||
<module name="org.jboss.resteasy.resteasy-jaxrs"/>
|
||||
<module name="org.jboss.resteasy.resteasy-multipart-provider"/>
|
||||
<module name="org.jboss.dmr"/>
|
||||
<module name="javax.servlet.api"/>
|
||||
<module name="com.fasterxml.jackson.core.jackson-core"/>
|
||||
<module name="com.fasterxml.jackson.core.jackson-annotations"/>
|
||||
<module name="com.fasterxml.jackson.core.jackson-databind"/>
|
||||
<module name="com.fasterxml.jackson.datatype.jackson-datatype-jdk8"/>
|
||||
<module name="com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider"/>
|
||||
<module name="com.google.zxing.core"/>
|
||||
<module name="com.google.zxing.javase"/>
|
||||
<module name="org.jboss.logging"/>
|
||||
<module name="org.bouncycastle" />
|
||||
<module name="javax.api"/>
|
||||
<module name="javax.activation.api"/>
|
||||
<module name="javax.json.api"/>
|
||||
<module name="org.apache.commons.io"/>
|
||||
<module name="org.apache.httpcomponents"/>
|
||||
<module name="org.twitter4j"/>
|
||||
<module name="javax.transaction.api"/>
|
||||
<module name="sun.jdk"/>
|
||||
<module name="com.webauthn4j.webauthn4j-core"/>
|
||||
<module name="com.webauthn4j.webauthn4j-util"/>
|
||||
<module name="javax.persistence.api"/>
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,34 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.3" name="org.keycloak.keycloak-sssd-federation">
|
||||
<properties>
|
||||
<property name="jboss.api" value="private"/>
|
||||
</properties>
|
||||
|
||||
<resources>
|
||||
<artifact name="${org.keycloak:keycloak-sssd-federation}"/>
|
||||
<resource-root path="/usr/share/java/jna.jar"/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="org.jboss.logging"/>
|
||||
<module name="org.keycloak.keycloak-core" />
|
||||
<module name="org.keycloak.keycloak-server-spi" />
|
||||
<module name="org.keycloak.keycloak-server-spi-private"/>
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,40 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.6" name="org.keycloak.keycloak-wildfly-adduser">
|
||||
<main-class name="org.keycloak.wildfly.adduser.AddUser"/>
|
||||
|
||||
<properties>
|
||||
<property name="jboss.api" value="private"/>
|
||||
</properties>
|
||||
|
||||
<resources>
|
||||
<artifact name="${org.keycloak:keycloak-wildfly-adduser}"/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="org.keycloak.keycloak-common"/>
|
||||
<module name="org.keycloak.keycloak-core"/>
|
||||
<module name="org.keycloak.keycloak-server-spi" services="import"/>
|
||||
<module name="org.keycloak.keycloak-server-spi-private" services="import"/>
|
||||
<module name="org.keycloak.keycloak-services" services="import"/>
|
||||
<module name="org.aesh"/>
|
||||
<module name="org.jboss.as.domain-management"/>
|
||||
<module name="com.fasterxml.jackson.core.jackson-core"/>
|
||||
<module name="com.fasterxml.jackson.core.jackson-annotations"/>
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,41 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.3" name="org.keycloak.keycloak-wildfly-extensions">
|
||||
<properties>
|
||||
<property name="jboss.api" value="private"/>
|
||||
</properties>
|
||||
|
||||
<resources>
|
||||
<artifact name="${org.keycloak:keycloak-wildfly-extensions}"/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="com.fasterxml.jackson.core.jackson-databind"/>
|
||||
<module name="javax.servlet.api"/>
|
||||
<module name="org.keycloak.keycloak-common"/>
|
||||
<module name="org.keycloak.keycloak-core"/>
|
||||
<module name="org.keycloak.keycloak-server-spi"/>
|
||||
<module name="org.keycloak.keycloak-server-spi-private"/>
|
||||
<module name="org.keycloak.keycloak-services"/>
|
||||
<module name="org.jboss.dmr"/>
|
||||
<module name="org.jboss.logging"/>
|
||||
<module name="org.jboss.modules"/>
|
||||
<module name="org.jboss.resteasy.resteasy-jaxrs"/>
|
||||
<module name="org.wildfly.security.elytron"/>
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,55 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<module xmlns="urn:jboss:module:1.3" name="org.keycloak.keycloak-wildfly-server-subsystem">
|
||||
<properties>
|
||||
<property name="jboss.api" value="private"/>
|
||||
</properties>
|
||||
|
||||
<resources>
|
||||
<resource-root path="."/>
|
||||
<artifact name="${org.keycloak:keycloak-wildfly-server-subsystem}"/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="com.fasterxml.jackson.core.jackson-core"/>
|
||||
<module name="com.fasterxml.jackson.core.jackson-databind"/>
|
||||
<module name="javax.api"/>
|
||||
<module name="org.jboss.staxmapper"/>
|
||||
<module name="org.jboss.as.controller"/>
|
||||
<module name="org.jboss.as.ee"/>
|
||||
<module name="org.jboss.as.server"/>
|
||||
<module name="org.jboss.modules"/>
|
||||
<module name="org.jboss.msc"/>
|
||||
<module name="org.jboss.logging"/>
|
||||
<module name="org.jboss.vfs"/>
|
||||
<module name="org.jboss.as.web-common" optional="true"/>
|
||||
<module name="org.jboss.as.web" optional="true"/>
|
||||
<module name="org.jboss.as.version" optional="true"/>
|
||||
<module name="org.keycloak.keycloak-services"/>
|
||||
<module name="org.keycloak.keycloak-server-spi-private"/>
|
||||
<module name="org.keycloak.keycloak-wildfly-adapter" optional="true"/>
|
||||
<module name="org.keycloak.keycloak-core"/>
|
||||
<module name="org.keycloak.keycloak-common"/>
|
||||
<module name="org.keycloak.keycloak-server-spi"/>
|
||||
<module name="org.keycloak.keycloak-authz-policy-common"/>
|
||||
<module name="org.jboss.metadata.common"/>
|
||||
<module name="org.jboss.metadata.web"/>
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,31 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.3" name="org.liquibase">
|
||||
<properties>
|
||||
<property name="jboss.api" value="private"/>
|
||||
</properties>
|
||||
|
||||
<resources>
|
||||
<artifact name="${org.liquibase:liquibase-core}"/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="org.apache.commons.logging"/>
|
||||
<module name="javax.api"/>
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,30 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.3" name="org.twitter4j">
|
||||
<properties>
|
||||
<property name="jboss.api" value="private"/>
|
||||
</properties>
|
||||
|
||||
<resources>
|
||||
<artifact name="${org.twitter4j:twitter4j-core}"/>
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="javax.api"/>
|
||||
</dependencies>
|
||||
</module>
|
|
@ -0,0 +1,6 @@
|
|||
<?xml version="1.0" ?>
|
||||
<!-- actual content of this package comes from artifact=org.keycloak:keycloak-client-cli-dist:zip
|
||||
See pom.xml execution/id: unpack-cli.
|
||||
-->
|
||||
<package-spec xmlns="urn:jboss:galleon:package:2.0" name="client-cli">
|
||||
</package-spec>
|
|
@ -0,0 +1,2 @@
|
|||
<?xml version="1.0" ?>
|
||||
<package-spec xmlns="urn:jboss:galleon:package:2.0" name="docs-examples"/>
|
|
@ -0,0 +1 @@
|
|||
// placeholder file: content copied by tasks.xml from src/main/resources/packages/identity/pm/wildfly/resources/bin/product.conf
|
|
@ -0,0 +1 @@
|
|||
// placeholder file: content copied by tasks.xml from src/main/resources/packages/identity/pm/wildfly/resources/modules/system/layers/keycloak/org/jboss/as/product/keycloak/module.xml
|
|
@ -0,0 +1,4 @@
|
|||
<?xml version="1.0" ?>
|
||||
|
||||
<package-spec xmlns="urn:jboss:galleon:package:2.0" name="identity">
|
||||
</package-spec>
|
|
@ -0,0 +1 @@
|
|||
slot=${product.slot}
|
|
@ -0,0 +1,3 @@
|
|||
JBoss-Product-Release-Name: ${product.name.full}
|
||||
JBoss-Product-Release-Version: ${product.version}
|
||||
JBoss-Product-Console-Slot: ${product.wildfly.console.slot}
|
|
@ -0,0 +1,26 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<module xmlns="urn:jboss:module:1.3" name="org.jboss.as.product" slot="${product.slot}">
|
||||
<properties>
|
||||
<property name="jboss.api" value="private"/>
|
||||
</properties>
|
||||
|
||||
<resources>
|
||||
<resource-root path="dir"/>
|
||||
</resources>
|
||||
</module>
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue