diff --git a/topics/cache/disable.adoc b/topics/cache/disable.adoc index 7e5f30bd19..6ac53535b0 100755 --- a/topics/cache/disable.adoc +++ b/topics/cache/disable.adoc @@ -10,13 +10,13 @@ Here's what the config looks like initially. ---- "userCache": { - "infinispan" : { + "default" : { "enabled": true } }, "realmCache": { - "infinispan" : { + "default" : { "enabled": true } }, diff --git a/topics/network/https.adoc b/topics/network/https.adoc index 5cc156b3d7..a6e1c2da2e 100755 --- a/topics/network/https.adoc +++ b/topics/network/https.adoc @@ -4,15 +4,12 @@ WARNING: {{book.project.name}} is not set up by default to handle SSL/HTTPS. It is highly recommended that you either enable SSL on the {{book.project.name}} server itself or on a reverse proxy in front of the {{book.project.name}} server. -{{book.project.name}} can run out of the box without SSL/HTTPS so long as you stick to private IP addresses like localhost, 127.0.0.1, 10.0.x.x, 192.168.x.x, and 172..16.x.x. -If you try to access {{book.project.name}} out of the box via a non-private IP address you will get an error. - This default behavior is defined by the SSL/HTTPS mode of each {{book.project.name}} realm. This is discussed in more detail in the link:{{book.adminguide.link}}[{{book.adminguide.name}}], but let's give some context and a brief overview of these modes. external:: {{book.project.name}} can run out of the box without SSL so long as you stick to private IP addresses like `localhost`, `127.0.0.1`, `10.0.x.x`, `192.168.x.x`, and `172..16.x.x`. - If you try to access {{book.project.name}} from a non-private IP adress you will get an error. + If you don’t have SSL/HTTPS configured on the server or you try to access {{book.project.name}} over HTTP from a non-private IP adress you will get an error. none:: {{book.project.name}} does not require SSL. This should really only be used in development when you are playing around with things. diff --git a/topics/network/outgoing.adoc b/topics/network/outgoing.adoc index b0d3271526..cbf55fd797 100755 --- a/topics/network/outgoing.adoc +++ b/topics/network/outgoing.adoc @@ -72,7 +72,7 @@ You can use _keytool_ to create a new truststore file or add trusted host certif $ keytool -import -alias HOSTDOMAIN -keystore truststore.jks -file host-certificate.cer ---- -The truststore is configured within the_keycloak-server.json_ file. The location of this file depends on your <>. +The truststore is configured within the _keycloak-server.json_ file. The location of this file depends on your <>. You can add your truststore configuration by using the following template: [source] diff --git a/topics/operating-mode/domain.adoc b/topics/operating-mode/domain.adoc index 295fe634cf..61ff8868b5 100755 --- a/topics/operating-mode/domain.adoc +++ b/topics/operating-mode/domain.adoc @@ -42,7 +42,7 @@ from the domain controller. Various other chapters in this guide walk you through configuring various aspects like databases, HTTP network connections, caches, and other infrastructure related things. While standalone mode uses the _standalone.xml_ file to configure these things, -domain mode uses the _.../domain/domain.xml_ configuration file. This is +domain mode uses the _.../domain/configuration/domain.xml_ configuration file. This is where the domain profile and server group for the {{book.project.name}} server are defined. @@ -53,7 +53,7 @@ WARNING: Any changes you make to this file while the domain controller is runnin by the server. Instead use the the command line scripting or the web console of {{book.appserver.name}}. See the link:{{book.appserver.admindoc.link}}[{{book.appserver.admindoc.name}}] for more information. -Let's look at some aspects of this _domain.xml_ file. The `auth-serve-standalone` and `auth-server-clustered` `profile` XML block is where you are going to make the bulk of your configuration decisions. +Let's look at some aspects of this _domain.xml_ file. The `auth-server-standalone` and `auth-server-clustered` `profile` XML blocks are where you are going to make the bulk of your configuration decisions. You'll be configuring things here like network connections, caches, and database connections. @@ -174,10 +174,10 @@ The structure of these per server directories ends up looking like any other {{b .Working Directories image:../../{{book.images}}/domain-server-dir.png[] -==== {{book.project.name}} JSon Configuration +==== {{book.project.name}} JSON Configuration Unfortunately, there is no centralized way to manage the _keycloak.json_ file. You'll have to manage a copy of this file -in every server instance you deploy. This file must exist in the _.../domain/servers/{SERVER NAME}/configuration directory. +in every server instance you deploy. This file must exist in the _.../domain/servers/{SERVER NAME}/configuration directory._ .JSON Configuration image:../../{{book.images}}/domain-json-config.png[] @@ -264,6 +264,8 @@ $ add-user.sh To represent the user add the following to the server-identities definition ---- +NOTE: The add-user.sh does not add user to {{book.project.name}} server but to the underlying JBoss Enterprise Application Platform. The credentials used and generated in the above script are only for example purpose. Please use the ones generated on your system. + Now cut and paste the secret value into the _.../domain/configuration/host-slave.xml_ file as follows: [source,xml] diff --git a/topics/operating-mode/standalone.adoc b/topics/operating-mode/standalone.adoc index f389738ceb..f6141705aa 100755 --- a/topics/operating-mode/standalone.adoc +++ b/topics/operating-mode/standalone.adoc @@ -46,7 +46,7 @@ WARNING: Any changes you make to this file while the server is running will not ==== Standalone {{book.project.name}} JSON Configuration {{book.project.name}} has a json configuration file that is specific to {{book.project.name}} components. This configuration is located within -the file_.../standalone/configuration/keycloak.json_. This file is used to configure non-infrastructure level things that are +the file.../standalone/configuration/keycloak-server.json. This file is used to configure non-infrastructure level things that are only applicable to {{book.project.name}} .Standalone {{book.project.name}} Config File