KEYCLOAK-2037 Update documentation
This commit is contained in:
Stian Thorgersen
parent
77bccda7a4
commit
6c3a3517b8
1 changed files with 5 additions and 29 deletions
|
|
@ -818,44 +818,20 @@ $ keytool -import -alias yourdomain -keystore keycloak.jks -file your-certificat
|
||||||
</section>
|
</section>
|
||||||
|
|
||||||
<section>
|
<section>
|
||||||
<title>Adding Keycloak server in Domain Mode</title>
|
<title>Keycloak server in Domain Mode</title>
|
||||||
<para>
|
<para>
|
||||||
In domain mode, you start the server with the "domain" command instead of the "standalone" command. In this case, the Keycloak subsystem is
|
In domain mode, you start the server with the "domain" command instead of the "standalone" command. In this case, the Keycloak subsystem is
|
||||||
defined in domain/configuration/domain.xml instead of standalone/configuration.standalone.xml. Inside domain.xml, you will see more than one
|
defined in domain/configuration/domain.xml instead of standalone/configuration.standalone.xml. Inside domain.xml, you will see more than one
|
||||||
profile. A Keycloak subsystem can be defined in zero or more of those profiles.
|
profile. The Keycloak subsystem is defined for all initial profiles.
|
||||||
</para>
|
</para>
|
||||||
<para>
|
<para>
|
||||||
To enable Keycloak for a server profile edit domain/configuration/domain.xml. To the <literal>extensions</literal>
|
THe server is also added to server profiles. By default two servers are started
|
||||||
element add the Keycloak extension:
|
in the main-server-group which uses the full profile.
|
||||||
<programlisting><![CDATA[
|
|
||||||
<extensions>
|
|
||||||
...
|
|
||||||
<extension module="org.keycloak.keycloak-subsystem"/>
|
|
||||||
</extensions>
|
|
||||||
]]></programlisting>
|
|
||||||
Then you need to add the server to the required server profiles. By default WildFly starts two servers
|
|
||||||
in the main-server-group which uses the full profile. To add Keycloak for this profile add the Keycloak
|
|
||||||
subsystem to the <literal>profile</literal> element with <literal>name</literal> full:
|
|
||||||
<programlisting><![CDATA[
|
|
||||||
<profile name="full">
|
|
||||||
...
|
|
||||||
<subsystem xmlns="urn:jboss:domain:keycloak:1.0">
|
|
||||||
<auth-server name="main-auth-server">
|
|
||||||
<enabled>true</enabled>
|
|
||||||
<web-context>auth</web-context>
|
|
||||||
</auth-server>
|
|
||||||
</subsystem>
|
|
||||||
]]></programlisting>
|
|
||||||
</para>
|
</para>
|
||||||
<para>
|
<para>
|
||||||
To configure the server copy <literal>standalone/configuration/keycloak-server.json</literal> to
|
You need to make sure <literal>domain/servers/<SERVER NAME>/configuration</literal> is identical
|
||||||
<literal>domain/servers/<SERVER NAME>/configuration</literal>. The configuration should be identical
|
|
||||||
for all servers in a group.
|
for all servers in a group.
|
||||||
</para>
|
</para>
|
||||||
<para>
|
|
||||||
Follow the <link linkend='clustering'>Clustering</link> section of the documentation to configure Keycloak
|
|
||||||
for clustering. In domain mode it doesn't make much sense to not configure Keycloak in cluster mode.
|
|
||||||
</para>
|
|
||||||
<para>
|
<para>
|
||||||
To deploy custom providers and themes you should deploys these as modules and make sure the modules are
|
To deploy custom providers and themes you should deploys these as modules and make sure the modules are
|
||||||
available to all servers in the group. See <link linkend='providers'>Providers</link> and
|
available to all servers in the group. See <link linkend='providers'>Providers</link> and
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue