From be5f3086ce1c852a7db8c5dd733c20662b509346 Mon Sep 17 00:00:00 2001
From: Stian Thorgersen <stianst@gmail.com>
Date: Mon, 15 Jun 2015 15:01:00 +0200
Subject: [PATCH 01/10] KEYCLOAK-1449 Demo bundle doesn't include subsystem
 configuration

---
 distribution/demo-dist/assembly.xml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/distribution/demo-dist/assembly.xml b/distribution/demo-dist/assembly.xml
index 5a6be78a2a..cdd484dbe6 100755
--- a/distribution/demo-dist/assembly.xml
+++ b/distribution/demo-dist/assembly.xml
@@ -14,6 +14,7 @@
             <outputDirectory>keycloak</outputDirectory>
             <excludes>
                 <exclude>**/*.sh</exclude>
+                <exclude>**/standalone.xml</exclude>
             </excludes>
         </fileSet>
         <fileSet>

From eda64584d7a51207c93bbc423519835c9132c9ea Mon Sep 17 00:00:00 2001
From: Stian Thorgersen <stianst@gmail.com>
Date: Mon, 15 Jun 2015 15:49:39 +0200
Subject: [PATCH 02/10] Update keycloak-server.json

---
 .../standalone/configuration/keycloak-server.json      | 10 ++++++++++
 .../eap6-server-overlay/src/main/keycloak-server.json  | 10 ++++++++++
 2 files changed, 20 insertions(+)

diff --git a/distribution/feature-packs/server-feature-pack/src/main/resources/content/standalone/configuration/keycloak-server.json b/distribution/feature-packs/server-feature-pack/src/main/resources/content/standalone/configuration/keycloak-server.json
index 9f0d03ea5d..9b8f05171d 100644
--- a/distribution/feature-packs/server-feature-pack/src/main/resources/content/standalone/configuration/keycloak-server.json
+++ b/distribution/feature-packs/server-feature-pack/src/main/resources/content/standalone/configuration/keycloak-server.json
@@ -1,4 +1,8 @@
 {
+    "providers": [
+        "classpath:${jboss.server.config.dir}/providers/*"
+    ],
+
     "admin": {
         "realm": "master"
     },
@@ -63,6 +67,12 @@
         "interval": 900
     },
 
+    "connectionsHttpClient": {
+        "default": {
+            "disable-trust-manager": true
+        }
+    },
+
     "connectionsJpa": {
         "default": {
             "dataSource": "java:jboss/datasources/KeycloakDS",
diff --git a/distribution/server-overlay/eap6/eap6-server-overlay/src/main/keycloak-server.json b/distribution/server-overlay/eap6/eap6-server-overlay/src/main/keycloak-server.json
index 9f0d03ea5d..9b8f05171d 100644
--- a/distribution/server-overlay/eap6/eap6-server-overlay/src/main/keycloak-server.json
+++ b/distribution/server-overlay/eap6/eap6-server-overlay/src/main/keycloak-server.json
@@ -1,4 +1,8 @@
 {
+    "providers": [
+        "classpath:${jboss.server.config.dir}/providers/*"
+    ],
+
     "admin": {
         "realm": "master"
     },
@@ -63,6 +67,12 @@
         "interval": 900
     },
 
+    "connectionsHttpClient": {
+        "default": {
+            "disable-trust-manager": true
+        }
+    },
+
     "connectionsJpa": {
         "default": {
             "dataSource": "java:jboss/datasources/KeycloakDS",

From cd762e5e8c3d76f1491c8432386b408446d51176 Mon Sep 17 00:00:00 2001
From: Stian Thorgersen <stianst@gmail.com>
Date: Mon, 15 Jun 2015 20:13:06 +0200
Subject: [PATCH 03/10] Added wildfly extension to dist

---
 .../feature-packs/server-feature-pack/pom.xml      |  6 +++++-
 .../org/keycloak/keycloak-services/main/module.xml |  1 +
 .../keycloak-wildfly-extensions/main/module.xml    | 14 ++++++++++++++
 .../eap6/eap6-server-modules/build.xml             |  4 ++++
 .../eap6/eap6-server-modules/pom.xml               |  4 ++++
 .../org/keycloak/keycloak-services/main/module.xml |  1 +
 .../keycloak-wildfly-extensions/main/module.xml    | 14 ++++++++++++++
 7 files changed, 43 insertions(+), 1 deletion(-)
 create mode 100644 distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/base/org/keycloak/keycloak-wildfly-extensions/main/module.xml
 create mode 100644 distribution/server-overlay/eap6/eap6-server-modules/src/main/resources/modules/org/keycloak/keycloak-wildfly-extensions/main/module.xml

diff --git a/distribution/feature-packs/server-feature-pack/pom.xml b/distribution/feature-packs/server-feature-pack/pom.xml
index bafc79e693..0fc42f8938 100644
--- a/distribution/feature-packs/server-feature-pack/pom.xml
+++ b/distribution/feature-packs/server-feature-pack/pom.xml
@@ -40,7 +40,11 @@
             <groupId>org.keycloak.subsystem</groupId>
             <artifactId>keycloak-server</artifactId>
             <type>war</type>
-        </dependency>   
+        </dependency>
+        <dependency>
+            <groupId>org.keycloak</groupId>
+            <artifactId>keycloak-wildfly-extensions</artifactId>
+        </dependency>
         <dependency>
             <groupId>org.keycloak</groupId>
             <artifactId>keycloak-wf9-server-subsystem</artifactId>
diff --git a/distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/base/org/keycloak/keycloak-services/main/module.xml b/distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/base/org/keycloak/keycloak-services/main/module.xml
index 00d616208c..df80d95b07 100644
--- a/distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/base/org/keycloak/keycloak-services/main/module.xml
+++ b/distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/base/org/keycloak/keycloak-services/main/module.xml
@@ -60,6 +60,7 @@
         <module name="org.keycloak.keycloak-social-stackoverflow" services="import"/>
         <module name="org.keycloak.keycloak-timer-api" services="import"/>
         <module name="org.keycloak.keycloak-timer-basic" services="import"/>
+        <module name="org.keycloak.keycloak-wildfly-extensions" services="import"/>
 
         <module name="javax.ws.rs.api"/>
         <module name="org.jboss.resteasy.resteasy-jaxrs"/>
diff --git a/distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/base/org/keycloak/keycloak-wildfly-extensions/main/module.xml b/distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/base/org/keycloak/keycloak-wildfly-extensions/main/module.xml
new file mode 100644
index 0000000000..556769e366
--- /dev/null
+++ b/distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/base/org/keycloak/keycloak-wildfly-extensions/main/module.xml
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-wildfly-extensions">
+    <resources>
+        <artifact name="${org.keycloak:keycloak-wildfly-extensions}"/>
+    </resources>
+    <dependencies>
+        <module name="org.keycloak.keycloak-core"/>
+        <module name="org.keycloak.keycloak-model-api"/>
+        <module name="org.keycloak.keycloak-services"/>
+        <module name="org.keycloak.keycloak-forms-common-freemarker"/>
+        <module name="org.keycloak.keycloak-forms-common-themes"/>
+        <module name="org.jboss.modules"/>
+    </dependencies>
+</module>
diff --git a/distribution/server-overlay/eap6/eap6-server-modules/build.xml b/distribution/server-overlay/eap6/eap6-server-modules/build.xml
index bf6a829b42..b709a59982 100755
--- a/distribution/server-overlay/eap6/eap6-server-modules/build.xml
+++ b/distribution/server-overlay/eap6/eap6-server-modules/build.xml
@@ -317,6 +317,10 @@
 
         <module-def name="org.keycloak.keycloak-server-subsystem"/>
 
+        <module-def name="org.keycloak.keycloak-wildfly-extensions">
+            <maven-resource group="org.keycloak" artifact="keycloak-wildfly-extensions"/>
+        </module-def>
+
     </target>
 
     <target name="clean-target">
diff --git a/distribution/server-overlay/eap6/eap6-server-modules/pom.xml b/distribution/server-overlay/eap6/eap6-server-modules/pom.xml
index e66ad80b17..a7c2fbe853 100755
--- a/distribution/server-overlay/eap6/eap6-server-modules/pom.xml
+++ b/distribution/server-overlay/eap6/eap6-server-modules/pom.xml
@@ -39,6 +39,10 @@
             <artifactId>keycloak-server</artifactId>
             <type>war</type>
         </dependency>
+        <dependency>
+            <groupId>org.keycloak</groupId>
+            <artifactId>keycloak-wildfly-extensions</artifactId>
+        </dependency>
         <dependency>
             <groupId>org.bouncycastle</groupId>
             <artifactId>bcprov-jdk15on</artifactId>
diff --git a/distribution/server-overlay/eap6/eap6-server-modules/src/main/resources/modules/org/keycloak/keycloak-services/main/module.xml b/distribution/server-overlay/eap6/eap6-server-modules/src/main/resources/modules/org/keycloak/keycloak-services/main/module.xml
index 0ff106f989..045e788b2f 100755
--- a/distribution/server-overlay/eap6/eap6-server-modules/src/main/resources/modules/org/keycloak/keycloak-services/main/module.xml
+++ b/distribution/server-overlay/eap6/eap6-server-modules/src/main/resources/modules/org/keycloak/keycloak-services/main/module.xml
@@ -61,6 +61,7 @@
         <module name="org.keycloak.keycloak-social-stackoverflow" services="import"/>
         <module name="org.keycloak.keycloak-timer-api" services="import"/>
         <module name="org.keycloak.keycloak-timer-basic" services="import"/>
+        <module name="org.keycloak.keycloak-wildfly-extensions" services="import"/>
 
         <module name="javax.ws.rs.api"/>
         <module name="org.jboss.resteasy.resteasy-jaxrs"/>
diff --git a/distribution/server-overlay/eap6/eap6-server-modules/src/main/resources/modules/org/keycloak/keycloak-wildfly-extensions/main/module.xml b/distribution/server-overlay/eap6/eap6-server-modules/src/main/resources/modules/org/keycloak/keycloak-wildfly-extensions/main/module.xml
new file mode 100644
index 0000000000..787fd2f09f
--- /dev/null
+++ b/distribution/server-overlay/eap6/eap6-server-modules/src/main/resources/modules/org/keycloak/keycloak-wildfly-extensions/main/module.xml
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-wildfly-extensions">
+    <resources>
+        <!-- Insert resources here -->
+    </resources>
+    <dependencies>
+        <module name="org.keycloak.keycloak-core"/>
+        <module name="org.keycloak.keycloak-model-api"/>
+        <module name="org.keycloak.keycloak-services"/>
+        <module name="org.keycloak.keycloak-forms-common-freemarker"/>
+        <module name="org.keycloak.keycloak-forms-common-themes"/>
+        <module name="org.jboss.modules"/>
+    </dependencies>
+</module>

From 60f40544bbabbe9332c5a8e4c4c0e8d6c3c459f8 Mon Sep 17 00:00:00 2001
From: Stian Thorgersen <stianst@gmail.com>
Date: Mon, 15 Jun 2015 20:24:32 +0200
Subject: [PATCH 04/10] Fix event-store example

---
 .../examples/providers/events/MemEventStoreProviderFactory.java  | 1 +
 1 file changed, 1 insertion(+)

diff --git a/examples/providers/event-store-mem/src/main/java/org/keycloak/examples/providers/events/MemEventStoreProviderFactory.java b/examples/providers/event-store-mem/src/main/java/org/keycloak/examples/providers/events/MemEventStoreProviderFactory.java
index d09b1a3178..f08d31a1e0 100755
--- a/examples/providers/event-store-mem/src/main/java/org/keycloak/examples/providers/events/MemEventStoreProviderFactory.java
+++ b/examples/providers/event-store-mem/src/main/java/org/keycloak/examples/providers/events/MemEventStoreProviderFactory.java
@@ -34,6 +34,7 @@ public class MemEventStoreProviderFactory implements EventStoreProviderFactory {
     @Override
     public void init(Config.Scope config) {
         events = Collections.synchronizedList(new LinkedList<Event>());
+        adminEvents = Collections.synchronizedList(new LinkedList<AdminEvent>());
 
         String excludes = config.get("excludes");
         if (excludes != null) {

From b7e3fc5f73e675c432ddbd3448f2d5949dd1e934 Mon Sep 17 00:00:00 2001
From: Stian Thorgersen <stianst@gmail.com>
Date: Tue, 16 Jun 2015 08:10:51 +0200
Subject: [PATCH 05/10] Recover server-overlay name

---
 distribution/server-overlay/pom.xml                    | 4 ++--
 distribution/server-overlay/wf9-server-overlay/pom.xml | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/distribution/server-overlay/pom.xml b/distribution/server-overlay/pom.xml
index f05e4861a0..fff09c72e2 100755
--- a/distribution/server-overlay/pom.xml
+++ b/distribution/server-overlay/pom.xml
@@ -8,9 +8,9 @@
         <relativePath>../../pom.xml</relativePath>
     </parent>
 
-    <artifactId>keycloak-server-overlay</artifactId>
+    <artifactId>keycloak-server-overlay-parent</artifactId>
     <packaging>pom</packaging>
-    <name>Keycloak Server Overlay Distributions</name>
+    <name>Keycloak Server Overlay Parent</name>
     <description/>
 
 
diff --git a/distribution/server-overlay/wf9-server-overlay/pom.xml b/distribution/server-overlay/wf9-server-overlay/pom.xml
index 5219ebc370..03353a75c1 100755
--- a/distribution/server-overlay/wf9-server-overlay/pom.xml
+++ b/distribution/server-overlay/wf9-server-overlay/pom.xml
@@ -8,9 +8,9 @@
         <relativePath>../../../pom.xml</relativePath>
     </parent>
 
-    <artifactId>keycloak-wf9-server-overlay</artifactId>
+    <artifactId>keycloak-server-overlay</artifactId>
     <packaging>pom</packaging>
-    <name>Keycloak Wildfly 9 Server Overlay Distribution</name>
+    <name>Keycloak Server Overlay Distribution</name>
     <description/>
 
     <dependencies>

From 1b0c4e5d1fca016d8fd6045189952c47bd9812a1 Mon Sep 17 00:00:00 2001
From: Stian Thorgersen <stianst@gmail.com>
Date: Tue, 16 Jun 2015 13:29:27 +0200
Subject: [PATCH 06/10] KEYCLOAK-1468 Infinispan cache not available in JNDI

---
 .../feature-pack-build.xml                    |  3 +
 .../standalone/subsystems-ha.xml              | 36 +++++++
 .../configuration/standalone/subsystems.xml   | 19 +++-
 distribution/subsystem-war/pom.xml            | 12 +++
 .../wildfly/InfinispanCacheActivator.java     | 29 ++++++
 .../org.jboss.msc.service.ServiceActivator    |  1 +
 .../WEB-INF/jboss-deployment-structure.xml    |  2 +
 .../keycloak-infinispan.xml                   | 93 +++++++++++++++++++
 8 files changed, 191 insertions(+), 4 deletions(-)
 create mode 100644 distribution/feature-packs/server-feature-pack/src/main/resources/configuration/standalone/subsystems-ha.xml
 create mode 100644 distribution/subsystem-war/src/main/java/org/keycloak/provider/wildfly/InfinispanCacheActivator.java
 create mode 100644 distribution/subsystem-war/src/main/resources/META-INF/services/org.jboss.msc.service.ServiceActivator
 create mode 100644 integration/wildfly/wf9-server-subsystem/src/main/resources/subsystem-templates/keycloak-infinispan.xml

diff --git a/distribution/feature-packs/server-feature-pack/feature-pack-build.xml b/distribution/feature-packs/server-feature-pack/feature-pack-build.xml
index 8737c28576..48b588e0b9 100644
--- a/distribution/feature-packs/server-feature-pack/feature-pack-build.xml
+++ b/distribution/feature-packs/server-feature-pack/feature-pack-build.xml
@@ -4,6 +4,9 @@
     </dependencies>
     <config>
         <standalone template="configuration/standalone/template.xml" subsystems="configuration/standalone/subsystems.xml" output-file="standalone/configuration/standalone.xml" />
+        <standalone template="configuration/standalone/template.xml" subsystems="configuration/standalone/subsystems-ha.xml" output-file="standalone/configuration/standalone-ha.xml">
+            <property name="jgroups.supplement" value="" />
+        </standalone>
         <domain template="configuration/domain/template.xml" subsystems="configuration/domain/subsystems.xml" output-file="domain/configuration/domain.xml" />
     </config>
 
diff --git a/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/standalone/subsystems-ha.xml b/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/standalone/subsystems-ha.xml
new file mode 100644
index 0000000000..c402990ed1
--- /dev/null
+++ b/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/standalone/subsystems-ha.xml
@@ -0,0 +1,36 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!--  See src/resources/configuration/ReadMe.txt for how the configuration assembly works -->
+<config>
+   <subsystems>
+      <subsystem>logging.xml</subsystem>
+      <subsystem>batch.xml</subsystem>
+      <subsystem>bean-validation.xml</subsystem>
+      <subsystem>keycloak-datasources.xml</subsystem>
+      <subsystem>ee.xml</subsystem>
+      <subsystem supplement="ha">ejb3.xml</subsystem>
+      <subsystem>io.xml</subsystem>
+      <subsystem supplement="ha">keycloak-infinispan.xml</subsystem>
+      <subsystem>jaxrs.xml</subsystem>
+      <subsystem>jca.xml</subsystem>
+      <subsystem>jdr.xml</subsystem>
+      <subsystem>jgroups.xml</subsystem>
+      <subsystem>jmx.xml</subsystem>
+      <subsystem>jpa.xml</subsystem>
+      <subsystem>jsf.xml</subsystem>
+      <subsystem>mail.xml</subsystem>
+      <subsystem>mod_cluster.xml</subsystem>
+      <subsystem>naming.xml</subsystem>
+      <subsystem>pojo.xml</subsystem>
+      <subsystem>remoting.xml</subsystem>
+      <subsystem>resource-adapters.xml</subsystem>
+      <subsystem>request-controller.xml</subsystem>
+      <subsystem>sar.xml</subsystem>
+      <subsystem>security-manager.xml</subsystem>
+      <subsystem>security.xml</subsystem>
+      <subsystem>transactions.xml</subsystem>
+      <subsystem supplement="ha">undertow.xml</subsystem>
+      <subsystem>webservices.xml</subsystem>
+      <subsystem>weld.xml</subsystem>
+      <subsystem>keycloak-server.xml</subsystem>
+   </subsystems>
+</config>
\ No newline at end of file
diff --git a/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/standalone/subsystems.xml b/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/standalone/subsystems.xml
index d20bf2e610..f1dff3279e 100644
--- a/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/standalone/subsystems.xml
+++ b/distribution/feature-packs/server-feature-pack/src/main/resources/configuration/standalone/subsystems.xml
@@ -3,21 +3,32 @@
 <config>
    <subsystems>
       <subsystem>logging.xml</subsystem>
-      <!-- resteasy complains if bean-validation is missing -->
+      <subsystem>batch.xml</subsystem>
       <subsystem>bean-validation.xml</subsystem>
       <subsystem>keycloak-datasources.xml</subsystem>
-      <subsystem supplement="web-build">ee.xml</subsystem>
+      <subsystem>ee.xml</subsystem>
+      <subsystem>ejb3.xml</subsystem>
       <subsystem>io.xml</subsystem>
-      <subsystem>infinispan.xml</subsystem>
+      <subsystem>keycloak-infinispan.xml</subsystem>
       <subsystem>jaxrs.xml</subsystem>
       <subsystem>jca.xml</subsystem>
+      <subsystem>jdr.xml</subsystem>
+      <subsystem>jmx.xml</subsystem>
       <subsystem>jpa.xml</subsystem>
-      <subsystem supplement="web-build">naming.xml</subsystem>
+      <subsystem>jsf.xml</subsystem>
+      <subsystem>mail.xml</subsystem>
+      <subsystem>naming.xml</subsystem>
+      <subsystem>pojo.xml</subsystem>
+      <subsystem>remoting.xml</subsystem>
+      <subsystem>resource-adapters.xml</subsystem>
       <subsystem>request-controller.xml</subsystem>
+      <subsystem>sar.xml</subsystem>
       <subsystem>security-manager.xml</subsystem>
       <subsystem>security.xml</subsystem>
       <subsystem>transactions.xml</subsystem>
       <subsystem>undertow.xml</subsystem>
+      <subsystem>webservices.xml</subsystem>
+      <subsystem>weld.xml</subsystem>
       <subsystem>keycloak-server.xml</subsystem>
    </subsystems>
 </config>
diff --git a/distribution/subsystem-war/pom.xml b/distribution/subsystem-war/pom.xml
index 4be6a118a8..66c20fdb34 100755
--- a/distribution/subsystem-war/pom.xml
+++ b/distribution/subsystem-war/pom.xml
@@ -15,6 +15,18 @@
     <name>Keycloak Subsystem Server WAR</name>
     <description/>
 
+    <dependencies>
+        <dependency>
+            <groupId>org.jboss.msc</groupId>
+            <artifactId>jboss-msc</artifactId>
+            <version>1.2.6.Final</version>
+        </dependency>
+        <dependency>
+            <groupId>org.keycloak</groupId>
+            <artifactId>keycloak-core</artifactId>
+        </dependency>
+    </dependencies>
+
     <build>
         <finalName>auth-server</finalName>
         <plugins>
diff --git a/distribution/subsystem-war/src/main/java/org/keycloak/provider/wildfly/InfinispanCacheActivator.java b/distribution/subsystem-war/src/main/java/org/keycloak/provider/wildfly/InfinispanCacheActivator.java
new file mode 100644
index 0000000000..943f7a4cb4
--- /dev/null
+++ b/distribution/subsystem-war/src/main/java/org/keycloak/provider/wildfly/InfinispanCacheActivator.java
@@ -0,0 +1,29 @@
+package org.keycloak.provider.wildfly;
+
+import org.jboss.msc.service.*;
+import org.keycloak.Config;
+
+import java.util.List;
+
+/**
+ * Used to add a dependency on Infinispan caches to make sure they are started.
+ *
+ * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
+ */
+public class InfinispanCacheActivator implements ServiceActivator {
+
+    private static final ServiceName cacheContainerService = ServiceName.of("jboss", "infinispan", "keycloak");
+
+    @Override
+    public void activate(ServiceActivatorContext context) throws ServiceRegistryException {
+        if (context.getServiceRegistry().getService(cacheContainerService) != null) {
+            ServiceTarget st = context.getServiceTarget();
+            st.addDependency(cacheContainerService);
+            st.addDependency(cacheContainerService.append("realms"));
+            st.addDependency(cacheContainerService.append("users"));
+            st.addDependency(cacheContainerService.append("sessions"));
+            st.addDependency(cacheContainerService.append("loginFailures"));
+        }
+    }
+
+}
diff --git a/distribution/subsystem-war/src/main/resources/META-INF/services/org.jboss.msc.service.ServiceActivator b/distribution/subsystem-war/src/main/resources/META-INF/services/org.jboss.msc.service.ServiceActivator
new file mode 100644
index 0000000000..bfed2e10c4
--- /dev/null
+++ b/distribution/subsystem-war/src/main/resources/META-INF/services/org.jboss.msc.service.ServiceActivator
@@ -0,0 +1 @@
+org.keycloak.provider.wildfly.InfinispanCacheActivator
\ No newline at end of file
diff --git a/distribution/subsystem-war/src/main/webapp/WEB-INF/jboss-deployment-structure.xml b/distribution/subsystem-war/src/main/webapp/WEB-INF/jboss-deployment-structure.xml
index 816245c538..f67884e3b7 100755
--- a/distribution/subsystem-war/src/main/webapp/WEB-INF/jboss-deployment-structure.xml
+++ b/distribution/subsystem-war/src/main/webapp/WEB-INF/jboss-deployment-structure.xml
@@ -56,6 +56,8 @@
             <module name="org.jboss.resteasy.resteasy-jackson-provider" services="import"/>
             <module name="org.jboss.resteasy.resteasy-multipart-provider" services="import"/>
             <module name="org.jboss.resteasy.resteasy-jaxrs"/>
+
+            <module name="org.jboss.msc"/>
         </dependencies>
         <exclusions>
             <module name="org.jboss.resteasy.resteasy-jackson2-provider"/>
diff --git a/integration/wildfly/wf9-server-subsystem/src/main/resources/subsystem-templates/keycloak-infinispan.xml b/integration/wildfly/wf9-server-subsystem/src/main/resources/subsystem-templates/keycloak-infinispan.xml
new file mode 100644
index 0000000000..30706ac978
--- /dev/null
+++ b/integration/wildfly/wf9-server-subsystem/src/main/resources/subsystem-templates/keycloak-infinispan.xml
@@ -0,0 +1,93 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!--  See src/resources/configuration/ReadMe.txt for how the configuration assembly works -->
+<config default-supplement="default">
+    <extension-module>org.jboss.as.clustering.infinispan</extension-module>
+    <subsystem xmlns="urn:jboss:domain:infinispan:3.0">
+        <?CACHE-CONTAINERS?>
+    </subsystem>
+    <supplement name="default">
+        <replacement placeholder="CACHE-CONTAINERS">
+            <cache-container name="server" default-cache="default" module="org.wildfly.clustering.server">
+                <local-cache name="default">
+                    <transaction mode="BATCH"/>
+                </local-cache>
+            </cache-container>
+            <cache-container name="web" default-cache="passivation" module="org.wildfly.clustering.web.infinispan">
+                <local-cache name="passivation">
+                    <transaction mode="BATCH"/>
+                    <file-store passivation="true" purge="false"/>
+                </local-cache>
+                <local-cache name="persistent">
+                    <transaction mode="BATCH"/>
+                    <file-store passivation="false" purge="false"/>
+                </local-cache>
+            </cache-container>
+            <cache-container name="ejb" aliases="sfsb" default-cache="passivation" module="org.wildfly.clustering.ejb.infinispan">
+                <local-cache name="passivation">
+                    <transaction mode="BATCH"/>
+                    <file-store passivation="true" purge="false"/>
+                </local-cache>
+                <local-cache name="persistent">
+                    <transaction mode="BATCH"/>
+                    <file-store passivation="false" purge="false"/>
+                </local-cache>
+            </cache-container>
+            <cache-container name="hibernate" default-cache="local-query" module="org.hibernate.infinispan">
+                <local-cache name="entity">
+                    <transaction mode="NON_XA"/>
+                    <eviction strategy="LRU" max-entries="10000"/>
+                    <expiration max-idle="100000"/>
+                </local-cache>
+                <local-cache name="local-query">
+                    <eviction strategy="LRU" max-entries="10000"/>
+                    <expiration max-idle="100000"/>
+                </local-cache>
+                <local-cache name="timestamps"/>
+            </cache-container>
+        </replacement>
+    </supplement>
+    <supplement name="ha">
+        <replacement placeholder="CACHE-CONTAINERS">
+            <cache-container name="keycloak" jndi-name="infinispan/Keycloak">
+                <transport lock-timeout="60000"/>
+                <invalidation-cache name="realms" mode="SYNC"/>
+                <invalidation-cache name="users" mode="SYNC"/>
+                <distributed-cache name="sessions" mode="SYNC" owners="1"/>
+                <distributed-cache name="loginFailures" mode="SYNC" owners="1"/>
+            </cache-container>
+            <cache-container name="server" aliases="singleton cluster" default-cache="default" module="org.wildfly.clustering.server">
+                <transport lock-timeout="60000"/>
+                <replicated-cache name="default" mode="SYNC">
+                    <transaction mode="BATCH"/>
+                </replicated-cache>
+            </cache-container>
+            <cache-container name="web" default-cache="dist" module="org.wildfly.clustering.web.infinispan">
+                <transport lock-timeout="60000"/>
+                <distributed-cache name="dist" mode="ASYNC" l1-lifespan="0" owners="2">
+                    <transaction mode="BATCH"/>
+                    <file-store/>
+                </distributed-cache>
+            </cache-container>
+            <cache-container name="ejb" aliases="sfsb" default-cache="dist" module="org.wildfly.clustering.ejb.infinispan">
+                <transport lock-timeout="60000"/>
+                <distributed-cache name="dist" mode="ASYNC" l1-lifespan="0" owners="2">
+                    <transaction mode="BATCH"/>
+                    <file-store/>
+                </distributed-cache>
+            </cache-container>
+            <cache-container name="hibernate" default-cache="local-query" module="org.hibernate.infinispan">
+                <transport lock-timeout="60000"/>
+                <invalidation-cache name="entity" mode="SYNC">
+                    <transaction mode="NON_XA"/>
+                    <eviction strategy="LRU" max-entries="10000"/>
+                    <expiration max-idle="100000"/>
+                </invalidation-cache>
+                <local-cache name="local-query">
+                    <eviction strategy="LRU" max-entries="10000"/>
+                    <expiration max-idle="100000"/>
+                </local-cache>
+                <replicated-cache name="timestamps" mode="ASYNC"/>
+            </cache-container>
+        </replacement>
+    </supplement>
+</config>
\ No newline at end of file

From dedaa2497275e13207a1d2155fe2e5dd00dab7fa Mon Sep 17 00:00:00 2001
From: Stian Thorgersen <stianst@gmail.com>
Date: Tue, 16 Jun 2015 13:31:31 +0200
Subject: [PATCH 07/10] Updated clustering docs

---
 .../reference/en/en-US/modules/clustering.xml | 26 +------------------
 1 file changed, 1 insertion(+), 25 deletions(-)

diff --git a/docbook/reference/en/en-US/modules/clustering.xml b/docbook/reference/en/en-US/modules/clustering.xml
index 194a95bf53..2b352bb661 100755
--- a/docbook/reference/en/en-US/modules/clustering.xml
+++ b/docbook/reference/en/en-US/modules/clustering.xml
@@ -57,31 +57,7 @@
             cache.
         </para>
         <para>
-            To configure the required Infinspan caches open <literal>standalone/configuration/standalone-ha.xml</literal> and add:
-<programlisting>
-<![CDATA[
-<subsystem xmlns="urn:jboss:domain:infinispan:2.0">
-    <cache-container name="keycloak" jndi-name="infinispan/Keycloak" start="EAGER">
-        <transport lock-timeout="60000"/>
-        <invalidation-cache name="realms" mode="SYNC" start="EAGER"/>
-        <invalidation-cache name="users" mode="SYNC" start="EAGER"/>
-        <distributed-cache name="sessions" mode="SYNC" owners="1" start="EAGER"/>
-        <distributed-cache name="loginFailures" mode="SYNC" owners="1" start="EAGER"/>
-    </cache-container>
-    ...
-</subsystem>
-]]>
-</programlisting>
-        </para>
-        <para>
-            For more advanced options refer to the
-            <ulink url="http://docs.jboss.org/author/display/WFLY8/Infinispan+Subsystem">Infinispan Subsystem</ulink>
-            and
-            <ulink url="http://www.infinispan.org/docs/6.0.x/user_guide/user_guide.html">Infinispan</ulink>
-            documentation.
-        </para>
-        <para>
-            Next open <literal>standalone/configuration/keycloak-server.json</literal> and add:
+            To enable clustering in Keycloak open <literal>standalone/configuration/keycloak-server.json</literal> and add:
 <programlisting>
 "connectionsInfinispan": {
     "default" : {

From 5dc2b7b1d567cd8ab535862cbe77ecd33e929285 Mon Sep 17 00:00:00 2001
From: Stian Thorgersen <stianst@gmail.com>
Date: Tue, 16 Jun 2015 14:02:03 +0200
Subject: [PATCH 08/10] KEYCLOAK-1446 Field ... of subresource ... will not be
 injected according to spec

---
 .../eap6-server-overlay/src/main/xslt/standalone.xsl   | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/distribution/server-overlay/eap6/eap6-server-overlay/src/main/xslt/standalone.xsl b/distribution/server-overlay/eap6/eap6-server-overlay/src/main/xslt/standalone.xsl
index 6f0abad4d9..69ea1c1f00 100755
--- a/distribution/server-overlay/eap6/eap6-server-overlay/src/main/xslt/standalone.xsl
+++ b/distribution/server-overlay/eap6/eap6-server-overlay/src/main/xslt/standalone.xsl
@@ -8,6 +8,7 @@
                 exclude-result-prefixes="xalan j ds k sec">
 
     <xsl:param name="config"/>
+    <xsl:variable name="log" select="'urn:jboss:domain:logging:'"/>
 
     <xsl:output method="xml" version="1.0" encoding="UTF-8" indent="yes" xalan:indent-amount="4" standalone="no"/>
     <xsl:strip-space elements="*"/>
@@ -59,6 +60,15 @@
         </xsl:copy>
     </xsl:template>
 
+    <xsl:template match="//*[local-name()='subsystem' and starts-with(namespace-uri(), $log)]">
+        <xsl:copy>
+            <xsl:apply-templates select="node()|@*"/>
+            <logger category="org.jboss.resteasy.resteasy_jaxrs.i18n">
+                <level name="ERROR"/>
+            </logger>
+        </xsl:copy>
+    </xsl:template>
+
     <xsl:template match="@*|node()">
         <xsl:copy>
             <xsl:apply-templates select="@*|node()" />

From 001b8749037fd99b6acc42d4701e9946046d09b8 Mon Sep 17 00:00:00 2001
From: Stian Thorgersen <stianst@gmail.com>
Date: Tue, 16 Jun 2015 14:40:04 +0200
Subject: [PATCH 09/10] Add missing ExampleDS

---
 .../subsystem-templates/keycloak-datasources.xml          | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/integration/wildfly/wf9-server-subsystem/src/main/resources/subsystem-templates/keycloak-datasources.xml b/integration/wildfly/wf9-server-subsystem/src/main/resources/subsystem-templates/keycloak-datasources.xml
index 114545f388..9f05130294 100644
--- a/integration/wildfly/wf9-server-subsystem/src/main/resources/subsystem-templates/keycloak-datasources.xml
+++ b/integration/wildfly/wf9-server-subsystem/src/main/resources/subsystem-templates/keycloak-datasources.xml
@@ -4,6 +4,14 @@
     <extension-module>org.jboss.as.connector</extension-module>
     <subsystem xmlns="urn:jboss:domain:datasources:3.0">
         <datasources>
+            <datasource jndi-name="java:jboss/datasources/ExampleDS" pool-name="ExampleDS" enabled="true" use-java-context="true">
+                <connection-url>jdbc:h2:mem:test;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE</connection-url>
+                <driver>h2</driver>
+                <security>
+                    <user-name>sa</user-name>
+                    <password>sa</password>
+                </security>
+            </datasource>
             <datasource jndi-name="java:jboss/datasources/KeycloakDS" pool-name="KeycloakDS" enabled="true" use-java-context="true">
                 <connection-url>jdbc:h2:${jboss.server.data.dir}/keycloak;AUTO_SERVER=TRUE</connection-url>
                 <driver>h2</driver>

From d00e128920de1aead2c18072587c9e4068d2f072 Mon Sep 17 00:00:00 2001
From: Marko Strukelj <marko.strukelj@gmail.com>
Date: Tue, 16 Jun 2015 14:49:04 +0200
Subject: [PATCH 10/10] KEYCLOAK-1448 Cannot configure an authenticator for
 method KEYCLOAK

---
 ...cloakAdapterConfigDeploymentProcessor.java | 60 ++++++-------------
 1 file changed, 18 insertions(+), 42 deletions(-)

diff --git a/integration/as7-eap6/as7-subsystem/src/main/java/org/keycloak/subsystem/as7/KeycloakAdapterConfigDeploymentProcessor.java b/integration/as7-eap6/as7-subsystem/src/main/java/org/keycloak/subsystem/as7/KeycloakAdapterConfigDeploymentProcessor.java
index 184de35860..08dbdd7422 100755
--- a/integration/as7-eap6/as7-subsystem/src/main/java/org/keycloak/subsystem/as7/KeycloakAdapterConfigDeploymentProcessor.java
+++ b/integration/as7-eap6/as7-subsystem/src/main/java/org/keycloak/subsystem/as7/KeycloakAdapterConfigDeploymentProcessor.java
@@ -14,7 +14,6 @@
  * License for the specific language governing permissions and limitations under
  * the License.
  */
-
 package org.keycloak.subsystem.as7;
 
 import org.jboss.as.server.deployment.DeploymentPhaseContext;
@@ -46,64 +45,41 @@ public class KeycloakAdapterConfigDeploymentProcessor implements DeploymentUnitP
     // two places to avoid dependency between Keycloak Subsystem and Keyclaok Undertow Integration.
     public static final String AUTH_DATA_PARAM_NAME = "org.keycloak.json.adapterConfig";
 
-    // not sure if we need this yet, keeping here just in case
-    protected void addSecurityDomain(DeploymentUnit deploymentUnit, KeycloakAdapterConfigService service) {
-        String deploymentName = deploymentUnit.getName();
-        if (!service.isSecureDeployment(deploymentName)) {
-            return;
-        }
-        WarMetaData warMetaData = deploymentUnit.getAttachment(WarMetaData.ATTACHMENT_KEY);
-        if (warMetaData == null) return;
-        JBossWebMetaData webMetaData = warMetaData.getMergedJBossWebMetaData();
-        if (webMetaData == null) return;
-
-        LoginConfigMetaData loginConfig = webMetaData.getLoginConfig();
-        if (loginConfig == null || !loginConfig.getAuthMethod().equalsIgnoreCase("KEYCLOAK")) {
-            return;
-        }
-
-        webMetaData.setSecurityDomain("keycloak");
-    }
 
     @Override
     public void deploy(DeploymentPhaseContext phaseContext) throws DeploymentUnitProcessingException {
         DeploymentUnit deploymentUnit = phaseContext.getDeploymentUnit();
-
         String deploymentName = deploymentUnit.getName();
-        KeycloakAdapterConfigService service = KeycloakAdapterConfigService.getInstance();
-        if (service.isSecureDeployment(deploymentName)) {
-            addKeycloakAuthData(phaseContext, deploymentName, service);
-        }
 
-        // FYI, Undertow Extension will find deployments that have auth-method set to KEYCLOAK
-
-        // todo notsure if we need this
-        // addSecurityDomain(deploymentUnit, service);
-    }
-
-    private void addKeycloakAuthData(DeploymentPhaseContext phaseContext, String deploymentName, KeycloakAdapterConfigService service) throws DeploymentUnitProcessingException {
-        DeploymentUnit deploymentUnit = phaseContext.getDeploymentUnit();
+        // if it's not a web-app there's nothing to secure
         WarMetaData warMetaData = deploymentUnit.getAttachment(WarMetaData.ATTACHMENT_KEY);
         if (warMetaData == null) {
-            throw new DeploymentUnitProcessingException("WarMetaData not found for " + deploymentName + ".  Make sure you have specified a WAR as your secure-deployment in the Keycloak subsystem.");
+            return;
         }
-
-        addJSONData(service.getJSON(deploymentName), warMetaData);
         JBossWebMetaData webMetaData = warMetaData.getMergedJBossWebMetaData();
         if (webMetaData == null) {
             webMetaData = new JBossWebMetaData();
             warMetaData.setMergedJBossWebMetaData(webMetaData);
         }
 
+        KeycloakAdapterConfigService service = KeycloakAdapterConfigService.getInstance();
+
+        // if secure-deployment configuration exists for web app, we force KEYCLOAK auth method on it
+        // otherwise we only set up KEYCLOAK auth if it's requested through web.xml auth-method
+        LoginConfigMetaData loginConfig = webMetaData.getLoginConfig();
+        if (!service.isSecureDeployment(deploymentName) && (loginConfig == null || !loginConfig.getAuthMethod().equalsIgnoreCase("KEYCLOAK"))) {
+            return;
+        }
+
+        log.debug("Setting up KEYCLOAK auth method for WAR: " + deploymentName);
+        loginConfig.setAuthMethod("KEYCLOAK");
+
+        if (service.isSecureDeployment(deploymentName)) {
+            addJSONData(service.getJSON(deploymentName), warMetaData);
+            loginConfig.setRealmName(service.getRealmName(deploymentName));
+        }
         addValve(webMetaData);
 
-        LoginConfigMetaData loginConfig = webMetaData.getLoginConfig();
-        if (loginConfig == null) {
-            loginConfig = new LoginConfigMetaData();
-            webMetaData.setLoginConfig(loginConfig);
-        }
-        loginConfig.setAuthMethod("KEYCLOAK");
-        loginConfig.setRealmName(service.getRealmName(deploymentName));
         KeycloakLogger.ROOT_LOGGER.deploymentSecured(deploymentName);
     }