[KEYCLOAK-3629] - Adding confidential-port attribute to wildfly adapter subsystem
This commit is contained in:
parent
6587cfa084
commit
5f43a6a342
5 changed files with 17 additions and 1 deletions
|
@ -186,7 +186,12 @@ public class SharedAttributeDefinitons {
|
||||||
.setDefaultValue(new ModelNode(false))
|
.setDefaultValue(new ModelNode(false))
|
||||||
.build();
|
.build();
|
||||||
|
|
||||||
|
protected static final SimpleAttributeDefinition CONFIDENTIAL_PORT =
|
||||||
|
new SimpleAttributeDefinitionBuilder("confidential-port", ModelType.INT, true)
|
||||||
|
.setXmlName("confidential-port")
|
||||||
|
.setAllowExpression(true)
|
||||||
|
.setDefaultValue(new ModelNode(8443))
|
||||||
|
.build();
|
||||||
|
|
||||||
|
|
||||||
protected static final List<SimpleAttributeDefinition> ATTRIBUTES = new ArrayList<SimpleAttributeDefinition>();
|
protected static final List<SimpleAttributeDefinition> ATTRIBUTES = new ArrayList<SimpleAttributeDefinition>();
|
||||||
|
@ -196,6 +201,7 @@ public class SharedAttributeDefinitons {
|
||||||
ATTRIBUTES.add(TRUSTSTORE);
|
ATTRIBUTES.add(TRUSTSTORE);
|
||||||
ATTRIBUTES.add(TRUSTSTORE_PASSWORD);
|
ATTRIBUTES.add(TRUSTSTORE_PASSWORD);
|
||||||
ATTRIBUTES.add(SSL_REQUIRED);
|
ATTRIBUTES.add(SSL_REQUIRED);
|
||||||
|
ATTRIBUTES.add(CONFIDENTIAL_PORT);
|
||||||
ATTRIBUTES.add(ALLOW_ANY_HOSTNAME);
|
ATTRIBUTES.add(ALLOW_ANY_HOSTNAME);
|
||||||
ATTRIBUTES.add(DISABLE_TRUST_MANAGER);
|
ATTRIBUTES.add(DISABLE_TRUST_MANAGER);
|
||||||
ATTRIBUTES.add(CONNECTION_POOL_SIZE);
|
ATTRIBUTES.add(CONNECTION_POOL_SIZE);
|
||||||
|
|
|
@ -30,6 +30,7 @@ keycloak.realm.realm-public-key=Public key of the realm
|
||||||
keycloak.realm.auth-server-url=Base URL of the Realm Auth Server
|
keycloak.realm.auth-server-url=Base URL of the Realm Auth Server
|
||||||
keycloak.realm.disable-trust-manager=Adapter will not use a trust manager when making adapter HTTPS requests
|
keycloak.realm.disable-trust-manager=Adapter will not use a trust manager when making adapter HTTPS requests
|
||||||
keycloak.realm.ssl-required=Specify if SSL is required (valid values are all, external and none)
|
keycloak.realm.ssl-required=Specify if SSL is required (valid values are all, external and none)
|
||||||
|
keycloak.realm.confidential-port=Specify the confidential port (SSL/TLS) used by the Realm Auth Server
|
||||||
keycloak.realm.allow-any-hostname=SSL Setting
|
keycloak.realm.allow-any-hostname=SSL Setting
|
||||||
keycloak.realm.truststore=Truststore used for adapter client HTTPS requests
|
keycloak.realm.truststore=Truststore used for adapter client HTTPS requests
|
||||||
keycloak.realm.truststore-password=Password of the Truststore
|
keycloak.realm.truststore-password=Password of the Truststore
|
||||||
|
@ -60,6 +61,7 @@ keycloak.secure-deployment.realm-public-key=Public key of the realm
|
||||||
keycloak.secure-deployment.auth-server-url=Base URL of the Realm Auth Server
|
keycloak.secure-deployment.auth-server-url=Base URL of the Realm Auth Server
|
||||||
keycloak.secure-deployment.disable-trust-manager=Adapter will not use a trust manager when making adapter HTTPS requests
|
keycloak.secure-deployment.disable-trust-manager=Adapter will not use a trust manager when making adapter HTTPS requests
|
||||||
keycloak.secure-deployment.ssl-required=Specify if SSL is required (valid values are all, external and none)
|
keycloak.secure-deployment.ssl-required=Specify if SSL is required (valid values are all, external and none)
|
||||||
|
keycloak.secure-deployment.confidential-port=Specify the confidential port (SSL/TLS) used by the Realm Auth Server
|
||||||
keycloak.secure-deployment.allow-any-hostname=SSL Setting
|
keycloak.secure-deployment.allow-any-hostname=SSL Setting
|
||||||
keycloak.secure-deployment.truststore=Truststore used for adapter client HTTPS requests
|
keycloak.secure-deployment.truststore=Truststore used for adapter client HTTPS requests
|
||||||
keycloak.secure-deployment.truststore-password=Password of the Truststore
|
keycloak.secure-deployment.truststore-password=Password of the Truststore
|
||||||
|
@ -100,6 +102,7 @@ keycloak.secure-server.realm-public-key=Public key of the realm
|
||||||
keycloak.secure-server.auth-server-url=Base URL of the Realm Auth Server
|
keycloak.secure-server.auth-server-url=Base URL of the Realm Auth Server
|
||||||
keycloak.secure-server.disable-trust-manager=Adapter will not use a trust manager when making adapter HTTPS requests
|
keycloak.secure-server.disable-trust-manager=Adapter will not use a trust manager when making adapter HTTPS requests
|
||||||
keycloak.secure-server.ssl-required=Specify if SSL is required (valid values are all, external and none)
|
keycloak.secure-server.ssl-required=Specify if SSL is required (valid values are all, external and none)
|
||||||
|
keycloak.secure-server.confidential-port=Specify the confidential port (SSL/TLS) used by the Realm Auth Server
|
||||||
keycloak.secure-server.allow-any-hostname=SSL Setting
|
keycloak.secure-server.allow-any-hostname=SSL Setting
|
||||||
keycloak.secure-server.truststore=Truststore used for adapter client HTTPS requests
|
keycloak.secure-server.truststore=Truststore used for adapter client HTTPS requests
|
||||||
keycloak.secure-server.truststore-password=Password of the Truststore
|
keycloak.secure-server.truststore-password=Password of the Truststore
|
||||||
|
|
|
@ -58,6 +58,7 @@
|
||||||
<xs:element name="expose-token" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
|
<xs:element name="expose-token" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
|
||||||
<xs:element name="disable-trust-manager" type="xs:boolean" minOccurs="0" maxOccurs="1" />
|
<xs:element name="disable-trust-manager" type="xs:boolean" minOccurs="0" maxOccurs="1" />
|
||||||
<xs:element name="ssl-required" type="xs:string" minOccurs="0" maxOccurs="1" />
|
<xs:element name="ssl-required" type="xs:string" minOccurs="0" maxOccurs="1" />
|
||||||
|
<xs:element name="confidential-port" type="xs:integer" minOccurs="0" maxOccurs="1" />
|
||||||
<xs:element name="cors-allowed-methods" type="xs:string" minOccurs="0" maxOccurs="1"/>
|
<xs:element name="cors-allowed-methods" type="xs:string" minOccurs="0" maxOccurs="1"/>
|
||||||
<xs:element name="cors-exposed-headers" type="xs:string" minOccurs="0" maxOccurs="1"/>
|
<xs:element name="cors-exposed-headers" type="xs:string" minOccurs="0" maxOccurs="1"/>
|
||||||
<xs:element name="realm-public-key" type="xs:string" minOccurs="1" maxOccurs="1"/>
|
<xs:element name="realm-public-key" type="xs:string" minOccurs="1" maxOccurs="1"/>
|
||||||
|
@ -100,6 +101,7 @@
|
||||||
<xs:element name="connection-pool-size" type="xs:integer" minOccurs="0" maxOccurs="1"/>
|
<xs:element name="connection-pool-size" type="xs:integer" minOccurs="0" maxOccurs="1"/>
|
||||||
<xs:element name="expose-token" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
|
<xs:element name="expose-token" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
|
||||||
<xs:element name="ssl-required" type="xs:string" minOccurs="0" maxOccurs="1" />
|
<xs:element name="ssl-required" type="xs:string" minOccurs="0" maxOccurs="1" />
|
||||||
|
<xs:element name="confidential-port" type="xs:integer" minOccurs="0" maxOccurs="1" />
|
||||||
<xs:element name="realm-public-key" type="xs:string" minOccurs="0" maxOccurs="1"/>
|
<xs:element name="realm-public-key" type="xs:string" minOccurs="0" maxOccurs="1"/>
|
||||||
<xs:element name="credential" type="credential-type" minOccurs="0" maxOccurs="1"/>
|
<xs:element name="credential" type="credential-type" minOccurs="0" maxOccurs="1"/>
|
||||||
<xs:element name="redirect-rewrite-rule" type="redirect-rewrite-rule-type" minOccurs="0" maxOccurs="1"/>
|
<xs:element name="redirect-rewrite-rule" type="redirect-rewrite-rule-type" minOccurs="0" maxOccurs="1"/>
|
||||||
|
|
|
@ -51,6 +51,7 @@ public class SubsystemParsingTestCase extends AbstractSubsystemBaseTest {
|
||||||
node.get("auth-url").set("http://localhost:8080/auth-server/rest/realms/demo/protocol/openid-connect/login");
|
node.get("auth-url").set("http://localhost:8080/auth-server/rest/realms/demo/protocol/openid-connect/login");
|
||||||
node.get("code-url").set("http://localhost:8080/auth-server/rest/realms/demo/protocol/openid-connect/access/codes");
|
node.get("code-url").set("http://localhost:8080/auth-server/rest/realms/demo/protocol/openid-connect/access/codes");
|
||||||
node.get("ssl-required").set("external");
|
node.get("ssl-required").set("external");
|
||||||
|
node.get("confidential-port").set(443);
|
||||||
node.get("expose-token").set(true);
|
node.get("expose-token").set(true);
|
||||||
|
|
||||||
ModelNode jwtCredential = new ModelNode();
|
ModelNode jwtCredential = new ModelNode();
|
||||||
|
|
|
@ -22,6 +22,7 @@
|
||||||
<truststore>truststore.jks</truststore>
|
<truststore>truststore.jks</truststore>
|
||||||
<truststore-password>secret</truststore-password>
|
<truststore-password>secret</truststore-password>
|
||||||
<ssl-required>EXTERNAL</ssl-required>
|
<ssl-required>EXTERNAL</ssl-required>
|
||||||
|
<confidential-port>443</confidential-port>
|
||||||
<allow-any-hostname>false</allow-any-hostname>
|
<allow-any-hostname>false</allow-any-hostname>
|
||||||
<disable-trust-manager>true</disable-trust-manager>
|
<disable-trust-manager>true</disable-trust-manager>
|
||||||
<connection-pool-size>20</connection-pool-size>
|
<connection-pool-size>20</connection-pool-size>
|
||||||
|
@ -56,6 +57,7 @@
|
||||||
</realm-public-key>
|
</realm-public-key>
|
||||||
<auth-server-url>http://localhost:8080/auth</auth-server-url>
|
<auth-server-url>http://localhost:8080/auth</auth-server-url>
|
||||||
<ssl-required>EXTERNAL</ssl-required>
|
<ssl-required>EXTERNAL</ssl-required>
|
||||||
|
<confidential-port>443</confidential-port>
|
||||||
<credential name="secret">0aa31d98-e0aa-404c-b6e0-e771dba1e798</credential>
|
<credential name="secret">0aa31d98-e0aa-404c-b6e0-e771dba1e798</credential>
|
||||||
<redirect-rewrite-rule name="^/wsmaster/api/(.*)$">api/$1/</redirect-rewrite-rule>
|
<redirect-rewrite-rule name="^/wsmaster/api/(.*)$">api/$1/</redirect-rewrite-rule>
|
||||||
</secure-deployment>
|
</secure-deployment>
|
||||||
|
@ -84,5 +86,7 @@
|
||||||
<realm>jboss-infra</realm>
|
<realm>jboss-infra</realm>
|
||||||
<resource>wildfly-console</resource>
|
<resource>wildfly-console</resource>
|
||||||
<public-client>true</public-client>
|
<public-client>true</public-client>
|
||||||
|
<ssl-required>EXTERNAL</ssl-required>
|
||||||
|
<confidential-port>443</confidential-port>
|
||||||
</secure-server>
|
</secure-server>
|
||||||
</subsystem>
|
</subsystem>
|
Loading…
Reference in a new issue