Remove JBoss-based auth servers from the testsuite (#14317)
Closes #14299
This commit is contained in:
parent
22713bc144
commit
a20d6e2f1f
142 changed files with 43 additions and 3002 deletions
|
@ -67,9 +67,9 @@ As an example, to run tests using a MySQL docker container on Undertow auth-serv
|
||||||
|
|
||||||
If you want to run tests using a pre-configured Keycloak distribution (instead of Undertow):
|
If you want to run tests using a pre-configured Keycloak distribution (instead of Undertow):
|
||||||
|
|
||||||
mvn -f testsuite/integration-arquillian clean verify -Pdb-mysql,jpa,auth-server-wildfly
|
mvn -f testsuite/integration-arquillian clean verify -Pdb-mysql,jpa,auth-server-quarkus
|
||||||
|
|
||||||
Note that you must always activate the `jpa` profile when using auth-server-wildfly.
|
Note that you must always activate the `jpa` profile when using auth-server-quarkus.
|
||||||
|
|
||||||
If the mvn command fails for any reason, it may also fail to remove the container which
|
If the mvn command fails for any reason, it may also fail to remove the container which
|
||||||
must be then removed manually.
|
must be then removed manually.
|
||||||
|
@ -102,11 +102,11 @@ the allocation and deallocation need to happen when building the `integration-ar
|
||||||
it happens in other cases).
|
it happens in other cases).
|
||||||
|
|
||||||
In order to use the DB Allocator Service, you must use the `jpa` profile with one of the `db-allocator-*`. Here's a full example to
|
In order to use the DB Allocator Service, you must use the `jpa` profile with one of the `db-allocator-*`. Here's a full example to
|
||||||
run JPA with Auth Server Wildfly and MSSQL 2016:
|
run JPA with Auth Server Quarkus and MSSQL 2016:
|
||||||
|
|
||||||
```
|
```
|
||||||
mvn -f testsuite/integration-arquillian/pom.xml clean verify \
|
mvn -f testsuite/integration-arquillian/pom.xml clean verify \
|
||||||
-Pjpa,auth-server-wildfly,db-allocator-db-mssql2016 \
|
-Pjpa,auth-server-quarkus,db-allocator-db-mssql2016 \
|
||||||
-Ddballocator.uri=<<db-allocator-servlet-url>> \
|
-Ddballocator.uri=<<db-allocator-servlet-url>> \
|
||||||
-Ddballocator.user=<<db-allocator-user>> \
|
-Ddballocator.user=<<db-allocator-user>> \
|
||||||
-Dmaven.test.failure.ignore=true
|
-Dmaven.test.failure.ignore=true
|
||||||
|
|
|
@ -34,12 +34,12 @@ And then re-run the LoginTest (or any other test you wish) and the changes shoul
|
||||||
If you use Intellij Idea, you don't even need to re-build anything with the maven. After doing any
|
If you use Intellij Idea, you don't even need to re-build anything with the maven. After doing any
|
||||||
change in the codebase, the change is immediately effective when running the test with Junit runner.
|
change in the codebase, the change is immediately effective when running the test with Junit runner.
|
||||||
|
|
||||||
### Running tests in the production mode (Keycloak on Wildfly)
|
### Running tests in the production mode (Keycloak on Quarkus)
|
||||||
|
|
||||||
For the "production" testing, it is possible to run the Keycloak server deployed on real Wildfly server.
|
For the "production" testing, it is possible to run the Keycloak server deployed on real Quarkus server.
|
||||||
This can be achieved by add the `auth-server-wildfly` profile when running the testsuite.
|
This can be achieved by add the `auth-server-quarkus` profile when running the testsuite.
|
||||||
|
|
||||||
mvn -f testsuite/integration-arquillian/pom.xml -Pauth-server-wildfly clean install
|
mvn -f testsuite/integration-arquillian/pom.xml -Pauth-server-quarkus clean install
|
||||||
|
|
||||||
Unlike the "development" setup described above, this requires re-build the whole distribution
|
Unlike the "development" setup described above, this requires re-build the whole distribution
|
||||||
after doing any change in the code.
|
after doing any change in the code.
|
||||||
|
@ -425,18 +425,6 @@ The setup includes:
|
||||||
* two clustered nodes of Keycloak server on Wildfly/EAP or on embedded undertow
|
* two clustered nodes of Keycloak server on Wildfly/EAP or on embedded undertow
|
||||||
* shared DB
|
* shared DB
|
||||||
|
|
||||||
### Cluster tests with Keycloak on Wildfly
|
|
||||||
|
|
||||||
After you build the distribution, you run this command to setup servers and run cluster tests using shared Docker database:
|
|
||||||
|
|
||||||
mvn -f testsuite/integration-arquillian/pom.xml \
|
|
||||||
-Pauth-server-wildfly,auth-server-cluster,db-mysql,jpa \
|
|
||||||
-Dsession.cache.owners=2 \
|
|
||||||
-Dbackends.console.output=true \
|
|
||||||
-Dauth.server.log.check=false \
|
|
||||||
-Dfrontend.console.output=true \
|
|
||||||
-Dtest=org.keycloak.testsuite.cluster.**.*Test clean install
|
|
||||||
|
|
||||||
### Cluster tests with Keycloak on Quarkus
|
### Cluster tests with Keycloak on Quarkus
|
||||||
|
|
||||||
Make sure the `testsuite/integration-arquillian/servers/auth-server/quarkus` module was built as follows:
|
Make sure the `testsuite/integration-arquillian/servers/auth-server/quarkus` module was built as follows:
|
||||||
|
@ -574,6 +562,8 @@ For Data Grid 7 and older use: `-Dfile=jboss-datagrid-${DATAGRID_VERSION}-server
|
||||||
|
|
||||||
### Run Cross-DC Tests from Maven
|
### Run Cross-DC Tests from Maven
|
||||||
|
|
||||||
|
Warning: The Cross-DC tests doesn't work with Quarkus distribution
|
||||||
|
|
||||||
Note: Profile `auth-servers-crossdc-undertow` currently doesn't work (see [KEYCLOAK-18335](https://issues.redhat.com/browse/KEYCLOAK-18335)).
|
Note: Profile `auth-servers-crossdc-undertow` currently doesn't work (see [KEYCLOAK-18335](https://issues.redhat.com/browse/KEYCLOAK-18335)).
|
||||||
Use `-Pauth-servers-crossdc-jboss,auth-server-wildfly` instead.
|
Use `-Pauth-servers-crossdc-jboss,auth-server-wildfly` instead.
|
||||||
|
|
||||||
|
@ -770,11 +760,11 @@ Then, before running the test, setup Keycloak Server distribution for the tests:
|
||||||
|
|
||||||
mvn -f testsuite/integration-arquillian/servers/pom.xml \
|
mvn -f testsuite/integration-arquillian/servers/pom.xml \
|
||||||
clean install \
|
clean install \
|
||||||
-Pauth-server-wildfly
|
-Pauth-server-quarkus
|
||||||
|
|
||||||
When running the test, add the following arguments to the command line:
|
When running the test, add the following arguments to the command line:
|
||||||
|
|
||||||
-Pauth-server-wildfly -Pauth-server-enable-disable-feature -Dfeature.name=docker -Dfeature.value=enabled
|
-Pauth-server-quarkus -Pauth-server-enable-disable-feature -Dfeature.name=docker -Dfeature.value=enabled
|
||||||
|
|
||||||
## Java 11 support
|
## Java 11 support
|
||||||
Java 11 requires some arguments to be passed to JVM. Those can be activated using `-Pjava11-auth-server` and
|
Java 11 requires some arguments to be passed to JVM. Those can be activated using `-Pjava11-auth-server` and
|
||||||
|
|
|
@ -16,24 +16,17 @@ Keycloak server is automatically started by the testsuite on the `BeforeSuite` e
|
||||||
|
|
||||||
By default the server runs in embedded Undertow.
|
By default the server runs in embedded Undertow.
|
||||||
|
|
||||||
#### Wildfly/EAP
|
|
||||||
|
|
||||||
Testsuite supports running server on Wildfly/EAP. For this it's necessary to:
|
|
||||||
- build the project including the `distribution` module
|
|
||||||
(artifact `keycloak-server-dist`/`-overlay` needs to be available before running the testsuite),
|
|
||||||
- activate profile `auth-server-wildfly` or `auth-server-eap7`.
|
|
||||||
|
|
||||||
[More details...](servers/auth-server/README.md)
|
[More details...](servers/auth-server/README.md)
|
||||||
|
|
||||||
#### Cluster Setup
|
#### Cluster Setup
|
||||||
|
|
||||||
The cluster setup for server can be enabled by activating profile `auth-server-cluster`.
|
The cluster setup for server can be enabled by activating profile `auth-server-cluster-quarkus`.
|
||||||
|
|
||||||
The cluster setup is not supported for server on Undertow. Profile `auth-server-wildfly` or `auth-server-eap` needs to be activated.
|
The cluster setup is not supported for server on Undertow.
|
||||||
|
|
||||||
The setup includes:
|
The setup includes:
|
||||||
- a `mod_cluster` load balancer on Wildfly
|
- a `mod_cluster` load balancer on Quarkus
|
||||||
- two clustered nodes of Keycloak server on Wildfly/EAP
|
- two clustered nodes of Keycloak server on Quarkus
|
||||||
|
|
||||||
Clustering tests require MULTICAST to be enabled on machine's `loopback` network interface.
|
Clustering tests require MULTICAST to be enabled on machine's `loopback` network interface.
|
||||||
This can be done by running the following commands under root privileges:
|
This can be done by running the following commands under root privileges:
|
||||||
|
|
|
@ -18,9 +18,6 @@ Submodules are enabled with profiles: `-Papp-server-MODULE`
|
||||||
* __`wildfly` Wildfly 11__
|
* __`wildfly` Wildfly 11__
|
||||||
* __`eap6` EAP 6__ Requires access to EAP product repo, or setting `-Deap6.version` to public EAP 6 Alpha.
|
* __`eap6` EAP 6__ Requires access to EAP product repo, or setting `-Deap6.version` to public EAP 6 Alpha.
|
||||||
* __`eap` EAP 7__ Requires access to EAP product repo.
|
* __`eap` EAP 7__ Requires access to EAP product repo.
|
||||||
* __`relative`__ Activate with `-Papp-server-relative`.
|
|
||||||
* __`wildfly` Relative Wildfly 10__ Based on [`auth-server/jboss/wildfly`](../auth-server/README.md). Activate with `-Pauth-server-wildfly`.
|
|
||||||
* __`eap` Relative EAP 7__ Based on [`auth-server/jboss/eap`](../auth-server/README.md). Activate with `-Pauth-server-eap`.
|
|
||||||
|
|
||||||
### Adapter Configs Location
|
### Adapter Configs Location
|
||||||
|
|
||||||
|
|
|
@ -759,18 +759,6 @@
|
||||||
<module>wildfly</module>
|
<module>wildfly</module>
|
||||||
</modules>
|
</modules>
|
||||||
</profile>
|
</profile>
|
||||||
<profile>
|
|
||||||
<id>app-server-relative</id>
|
|
||||||
<activation>
|
|
||||||
<property>
|
|
||||||
<name>app.server</name>
|
|
||||||
<value>relative</value>
|
|
||||||
</property>
|
|
||||||
</activation>
|
|
||||||
<modules>
|
|
||||||
<module>relative</module>
|
|
||||||
</modules>
|
|
||||||
</profile>
|
|
||||||
</profiles>
|
</profiles>
|
||||||
|
|
||||||
</project>
|
</project>
|
||||||
|
|
|
@ -1,37 +0,0 @@
|
||||||
<?xml version="1.0"?>
|
|
||||||
<!--
|
|
||||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
|
||||||
~ and other contributors as indicated by the @author tags.
|
|
||||||
~
|
|
||||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
~ you may not use this file except in compliance with the License.
|
|
||||||
~ You may obtain a copy of the License at
|
|
||||||
~
|
|
||||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
~
|
|
||||||
~ Unless required by applicable law or agreed to in writing, software
|
|
||||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
~ See the License for the specific language governing permissions and
|
|
||||||
~ limitations under the License.
|
|
||||||
-->
|
|
||||||
|
|
||||||
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
|
||||||
<parent>
|
|
||||||
<groupId>org.keycloak.testsuite</groupId>
|
|
||||||
<artifactId>integration-arquillian-servers-app-server-jboss-relative</artifactId>
|
|
||||||
<version>999-SNAPSHOT</version>
|
|
||||||
</parent>
|
|
||||||
<modelVersion>4.0.0</modelVersion>
|
|
||||||
|
|
||||||
<artifactId>integration-arquillian-servers-app-server-relative-eap</artifactId>
|
|
||||||
<packaging>pom</packaging>
|
|
||||||
<name>App Server - JBoss - Relative EAP</name>
|
|
||||||
|
|
||||||
<properties>
|
|
||||||
<auth.server.jboss>eap</auth.server.jboss>
|
|
||||||
<app.server.jboss.artifactId>integration-arquillian-servers-auth-server-eap</app.server.jboss.artifactId>
|
|
||||||
</properties>
|
|
||||||
|
|
||||||
</project>
|
|
|
@ -1 +0,0 @@
|
||||||
|
|
|
@ -1,61 +0,0 @@
|
||||||
<?xml version="1.0"?>
|
|
||||||
<!--
|
|
||||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
|
||||||
~ and other contributors as indicated by the @author tags.
|
|
||||||
~
|
|
||||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
~ you may not use this file except in compliance with the License.
|
|
||||||
~ You may obtain a copy of the License at
|
|
||||||
~
|
|
||||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
~
|
|
||||||
~ Unless required by applicable law or agreed to in writing, software
|
|
||||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
~ See the License for the specific language governing permissions and
|
|
||||||
~ limitations under the License.
|
|
||||||
-->
|
|
||||||
|
|
||||||
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
|
||||||
<parent>
|
|
||||||
<groupId>org.keycloak.testsuite</groupId>
|
|
||||||
<artifactId>integration-arquillian-servers-app-server-jboss</artifactId>
|
|
||||||
<version>999-SNAPSHOT</version>
|
|
||||||
</parent>
|
|
||||||
<modelVersion>4.0.0</modelVersion>
|
|
||||||
|
|
||||||
<artifactId>integration-arquillian-servers-app-server-jboss-relative</artifactId>
|
|
||||||
<packaging>pom</packaging>
|
|
||||||
<name>App Server - JBoss - Relative</name>
|
|
||||||
|
|
||||||
<properties>
|
|
||||||
<common.resources>${project.parent.parent.basedir}/common</common.resources>
|
|
||||||
<assembly.xml>${project.parent.parent.basedir}/assembly.xml</assembly.xml>
|
|
||||||
|
|
||||||
<app.server.jboss>relative-${auth.server.jboss}</app.server.jboss>
|
|
||||||
|
|
||||||
<app.server.jboss.groupId>org.keycloak.testsuite</app.server.jboss.groupId>
|
|
||||||
<app.server.jboss.version>${project.version}</app.server.jboss.version>
|
|
||||||
<app.server.jboss.unpacked.folder.name>auth-server-${auth.server.jboss}</app.server.jboss.unpacked.folder.name>
|
|
||||||
|
|
||||||
<app.server.oidc.adapter.artifactId>keycloak-wildfly-adapter-dist</app.server.oidc.adapter.artifactId>
|
|
||||||
<app.server.saml.adapter.artifactId>keycloak-saml-wildfly-adapter-dist</app.server.saml.adapter.artifactId>
|
|
||||||
</properties>
|
|
||||||
|
|
||||||
<profiles>
|
|
||||||
<profile>
|
|
||||||
<id>auth-server-wildfly</id>
|
|
||||||
<modules>
|
|
||||||
<module>wildfly</module>
|
|
||||||
</modules>
|
|
||||||
</profile>
|
|
||||||
<profile>
|
|
||||||
<id>auth-server-eap</id>
|
|
||||||
<modules>
|
|
||||||
<module>eap</module>
|
|
||||||
</modules>
|
|
||||||
</profile>
|
|
||||||
</profiles>
|
|
||||||
|
|
||||||
</project>
|
|
|
@ -1,37 +0,0 @@
|
||||||
<?xml version="1.0"?>
|
|
||||||
<!--
|
|
||||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
|
||||||
~ and other contributors as indicated by the @author tags.
|
|
||||||
~
|
|
||||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
~ you may not use this file except in compliance with the License.
|
|
||||||
~ You may obtain a copy of the License at
|
|
||||||
~
|
|
||||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
~
|
|
||||||
~ Unless required by applicable law or agreed to in writing, software
|
|
||||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
~ See the License for the specific language governing permissions and
|
|
||||||
~ limitations under the License.
|
|
||||||
-->
|
|
||||||
|
|
||||||
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
|
||||||
<parent>
|
|
||||||
<groupId>org.keycloak.testsuite</groupId>
|
|
||||||
<artifactId>integration-arquillian-servers-app-server-jboss-relative</artifactId>
|
|
||||||
<version>999-SNAPSHOT</version>
|
|
||||||
</parent>
|
|
||||||
<modelVersion>4.0.0</modelVersion>
|
|
||||||
|
|
||||||
<artifactId>integration-arquillian-servers-app-server-relative-wildfly</artifactId>
|
|
||||||
<packaging>pom</packaging>
|
|
||||||
<name>App Server - JBoss - Relative Wildfly</name>
|
|
||||||
|
|
||||||
<properties>
|
|
||||||
<auth.server.jboss>wildfly</auth.server.jboss>
|
|
||||||
<app.server.jboss.artifactId>integration-arquillian-servers-auth-server-wildfly</app.server.jboss.artifactId>
|
|
||||||
</properties>
|
|
||||||
|
|
||||||
</project>
|
|
|
@ -1 +0,0 @@
|
||||||
|
|
|
@ -5,42 +5,18 @@
|
||||||
- Keycloak Arquillian Integration TestSuite - Test Servers - Auth Server
|
- Keycloak Arquillian Integration TestSuite - Test Servers - Auth Server
|
||||||
- [Keycloak Arquillian Integration TestSuite - Test Servers - App Servers](../app-server/README.md)
|
- [Keycloak Arquillian Integration TestSuite - Test Servers - App Servers](../app-server/README.md)
|
||||||
|
|
||||||
## Auth Server - JBoss
|
### Common directory
|
||||||
|
- Contains all necessary files for all Auth servers
|
||||||
|
|
||||||
Common configurations of Keycloak server on JBoss-based container (Wildfly/EAP).
|
### Auth Server Services
|
||||||
|
- Contains usually test providers and its associated factories used in the testsuite
|
||||||
|
|
||||||
### Submodules
|
## Auth servers
|
||||||
|
|
||||||
#### `wildfly` Wildfly latest
|
### Undertow
|
||||||
- Builds keycloak server on top of latest Wildfly.
|
- Arquillian extension for running Keycloak server in embedded Undertow.
|
||||||
- Activated by __`-Pauth-server-wildfly`__
|
- Activated by default, or explicitly by __`-Pauth-server-undertow`__
|
||||||
|
|
||||||
#### `eap` EAP 7
|
### Quarkus
|
||||||
- Builds keycloak server on top of latest EAP.
|
- Builds keycloak server on top of used Quarkus with a particular version.
|
||||||
- Activated by __`-Pauth-server-eap`__
|
- Activated by __`-Pauth-server-quarkus`__
|
||||||
- Requires access to product repo.
|
|
||||||
- Requires additional properties:
|
|
||||||
- `product.version`
|
|
||||||
- `product.unpacked.folder.name` (optional; the default value is based on the POM versions)
|
|
||||||
- `product` to activate the product profile; NOT required if `product.unpacked.folder.name` is specified
|
|
||||||
|
|
||||||
### Server dist vs overlay
|
|
||||||
|
|
||||||
By default `keycloak-server-dist` artifact is used for the build.
|
|
||||||
By setting `-Dserver-overlay=true` you can switch to server overlay instead. See profile `server-overlay`.
|
|
||||||
|
|
||||||
### JPA
|
|
||||||
|
|
||||||
Configures Keycloak JDBC datasource in `standalone.xml`. See profile `jpa`.
|
|
||||||
|
|
||||||
### Cluster
|
|
||||||
|
|
||||||
Configures in `standalone-ha.xml`:
|
|
||||||
- h2 datasource over TCP (if not executed together with jpa)
|
|
||||||
- parameters of Keycloak Infinispan caches
|
|
||||||
|
|
||||||
See profile `auth-server-cluster`.
|
|
||||||
|
|
||||||
## Auth Server - Undertow
|
|
||||||
|
|
||||||
Arquillian extension for running Keycloak server in embedded Undertow.
|
|
||||||
|
|
|
@ -1,46 +0,0 @@
|
||||||
<!--
|
|
||||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
|
||||||
~ and other contributors as indicated by the @author tags.
|
|
||||||
~
|
|
||||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
~ you may not use this file except in compliance with the License.
|
|
||||||
~ You may obtain a copy of the License at
|
|
||||||
~
|
|
||||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
~
|
|
||||||
~ Unless required by applicable law or agreed to in writing, software
|
|
||||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
~ See the License for the specific language governing permissions and
|
|
||||||
~ limitations under the License.
|
|
||||||
-->
|
|
||||||
|
|
||||||
<assembly>
|
|
||||||
|
|
||||||
<id>${auth.server.jboss}</id>
|
|
||||||
|
|
||||||
<formats>
|
|
||||||
<format>zip</format>
|
|
||||||
</formats>
|
|
||||||
|
|
||||||
<includeBaseDirectory>false</includeBaseDirectory>
|
|
||||||
|
|
||||||
<fileSets>
|
|
||||||
<fileSet>
|
|
||||||
<directory>${auth.server.home}</directory>
|
|
||||||
<outputDirectory>auth-server-${auth.server.jboss}</outputDirectory>
|
|
||||||
<excludes>
|
|
||||||
<exclude>**/*.sh</exclude>
|
|
||||||
</excludes>
|
|
||||||
</fileSet>
|
|
||||||
<fileSet>
|
|
||||||
<directory>${auth.server.home}</directory>
|
|
||||||
<outputDirectory>auth-server-${auth.server.jboss}</outputDirectory>
|
|
||||||
<includes>
|
|
||||||
<include>**/*.sh</include>
|
|
||||||
</includes>
|
|
||||||
<fileMode>0755</fileMode>
|
|
||||||
</fileSet>
|
|
||||||
</fileSets>
|
|
||||||
|
|
||||||
</assembly>
|
|
|
@ -1,274 +0,0 @@
|
||||||
<project xmlns:if="ant:if">
|
|
||||||
|
|
||||||
<property name="cli.tmp.dir" value="${project.build.directory}/cli" />
|
|
||||||
|
|
||||||
<target name="set-server-config">
|
|
||||||
<condition property="server.config" value="standalone.xml">
|
|
||||||
<equals arg1="${ant.scenario}" arg2="scenario-standalone"/>
|
|
||||||
</condition>
|
|
||||||
<condition property="server.config" value="standalone-ha.xml">
|
|
||||||
<or>
|
|
||||||
<equals arg1="${ant.scenario}" arg2="scenario-cluster"/>
|
|
||||||
<equals arg1="${ant.scenario}" arg2="scenario-crossdc"/>
|
|
||||||
</or>
|
|
||||||
</condition>
|
|
||||||
<fail message="Property $${ant.scenario} must be set.">
|
|
||||||
<condition>
|
|
||||||
<not>
|
|
||||||
<isset property="server.config" />
|
|
||||||
</not>
|
|
||||||
</condition>
|
|
||||||
</fail>
|
|
||||||
<echo>server.config: ${server.config}</echo>
|
|
||||||
</target>
|
|
||||||
|
|
||||||
<macrodef name="bin-chmod">
|
|
||||||
<sequential>
|
|
||||||
<chmod perm="ug+x">
|
|
||||||
<fileset dir="${auth.server.home}/bin">
|
|
||||||
<include name="*.sh"/>
|
|
||||||
</fileset>
|
|
||||||
</chmod>
|
|
||||||
</sequential>
|
|
||||||
</macrodef>
|
|
||||||
|
|
||||||
<macrodef name="cleanup">
|
|
||||||
<sequential>
|
|
||||||
<delete dir="${auth.server.home}/standalone/configuration/standalone_xml_history"/>
|
|
||||||
<delete dir="${auth.server.home}/standalone/log"/>
|
|
||||||
<delete dir="${auth.server.home}/standalone/data"/>
|
|
||||||
<delete dir="${auth.server.home}/standalone/tmp"/>
|
|
||||||
</sequential>
|
|
||||||
</macrodef>
|
|
||||||
|
|
||||||
<target name="apply-cli-scripts" depends="set-server-config">
|
|
||||||
<concat destfile="${cli.tmp.dir}/result.cli" fixlastline="true">
|
|
||||||
<header filtering="no" trimleading="yes">
|
|
||||||
embed-server --server-config=${server.config}
|
|
||||||
</header>
|
|
||||||
<fileset dir="${cli.tmp.dir}" includes="*.cli"/>
|
|
||||||
</concat>
|
|
||||||
<bin-chmod/>
|
|
||||||
<!-- Workaround for WFCORE-5335 issue -->
|
|
||||||
<exec osfamily="unix" dir="${auth.server.home}/bin" executable="bash" failonerror="true">
|
|
||||||
<arg value="${jboss.cli.executable}"/>
|
|
||||||
<arg value="--file=${cli.tmp.dir}/result.cli"/>
|
|
||||||
</exec>
|
|
||||||
<exec osfamily="windows" executable="powershell" failonerror="true">
|
|
||||||
<arg value="${auth.server.home}/bin/${jboss.cli.executable}"/>
|
|
||||||
<arg value="--file=${cli.tmp.dir}/result.cli"/>
|
|
||||||
</exec>
|
|
||||||
<cleanup/>
|
|
||||||
</target>
|
|
||||||
|
|
||||||
<target name="scenario-standalone-generate" depends="io-worker-threads,
|
|
||||||
inject-provider,
|
|
||||||
inject-truststore,
|
|
||||||
log-level">
|
|
||||||
<echo>cli scripts for standalone prepared</echo>
|
|
||||||
</target>
|
|
||||||
|
|
||||||
<target name="scenario-cluster-generate" depends="io-worker-threads,
|
|
||||||
inject-provider,
|
|
||||||
inject-truststore,
|
|
||||||
undertow-subsystem-cluster,
|
|
||||||
ispn-cache-owners,
|
|
||||||
log-level">
|
|
||||||
<echo>cli scripts for cluster prepared</echo>
|
|
||||||
</target>
|
|
||||||
|
|
||||||
<target name="scenario-crossdc-generate" depends="io-worker-threads,
|
|
||||||
inject-provider,
|
|
||||||
inject-truststore,
|
|
||||||
cross-dc-setup,
|
|
||||||
log-level">
|
|
||||||
<echo>cli scripts for crossdc prepared</echo>
|
|
||||||
</target>
|
|
||||||
|
|
||||||
<target name="io-worker-threads">
|
|
||||||
<copy todir="${cli.tmp.dir}">
|
|
||||||
<resources>
|
|
||||||
<file file="${common.resources}/jboss-cli/io.cli"/>
|
|
||||||
</resources>
|
|
||||||
<filterset>
|
|
||||||
<filter token="IO_WORKER_IO_THREADS" value="${auth.server.worker.io-threads}"/>
|
|
||||||
<filter token="IO_WORKER_TASK_MAX_THREADS" value="${auth.server.worker.task-max-threads}"/>
|
|
||||||
</filterset>
|
|
||||||
</copy>
|
|
||||||
</target>
|
|
||||||
|
|
||||||
<target name="inject-provider">
|
|
||||||
<copy todir="${cli.tmp.dir}">
|
|
||||||
<resources>
|
|
||||||
<file file="${common.resources}/jboss-cli/keycloak-server-subsystem.cli"/>
|
|
||||||
</resources>
|
|
||||||
</copy>
|
|
||||||
</target>
|
|
||||||
|
|
||||||
<target name="inject-truststore">
|
|
||||||
<copy todir="${cli.tmp.dir}">
|
|
||||||
<resources>
|
|
||||||
<file file="${common.resources}/jboss-cli/truststore.cli"/>
|
|
||||||
</resources>
|
|
||||||
</copy>
|
|
||||||
</target>
|
|
||||||
|
|
||||||
<target name="set-manual-migration-strategy">
|
|
||||||
<copy todir="${cli.tmp.dir}">
|
|
||||||
<resources>
|
|
||||||
<file file="${common.resources}/jboss-cli/set-manual-migration-strategy.cli"/>
|
|
||||||
</resources>
|
|
||||||
</copy>
|
|
||||||
</target>
|
|
||||||
|
|
||||||
<target name="configure-server-jpa" depends="update-jpa-schema">
|
|
||||||
<!-- I'm intentionally leaving this here. This shows up environment variables that are used during the build.
|
|
||||||
If anything goes wrong, this is the first place to look at -->
|
|
||||||
<echoproperties/>
|
|
||||||
<copy todir="${cli.tmp.dir}">
|
|
||||||
<resources>
|
|
||||||
<file file="${common.resources}/jboss-cli/configure-server-jpa.cli"/>
|
|
||||||
</resources>
|
|
||||||
<filterset>
|
|
||||||
<filter token="DATABASE" value="${jdbc.mvn.artifactId}"/>
|
|
||||||
<filter token="DRIVER_VERSION" value="${jdbc.mvn.version}"/>
|
|
||||||
<filter token="DRIVER_TMP_DIR" value="${jdbc.driver.tmp.dir}"/>
|
|
||||||
<filter token="JDBC_URL" value="${keycloak.connectionsJpa.url}"/>
|
|
||||||
<filter token="USER" value="${keycloak.connectionsJpa.user}"/>
|
|
||||||
<filter token="PASSWORD" value="${keycloak.connectionsJpa.password}"/>
|
|
||||||
</filterset>
|
|
||||||
</copy>
|
|
||||||
</target>
|
|
||||||
|
|
||||||
<target name="update-jpa-schema" if="update.schema" depends="schema-update-required">
|
|
||||||
<copy todir="${cli.tmp.dir}">
|
|
||||||
<resources>
|
|
||||||
<file file="${common.resources}/jboss-cli/update-jpa-schema.cli"/>
|
|
||||||
</resources>
|
|
||||||
<filterset>
|
|
||||||
<filter token="SCHEMA" value="${keycloak.connectionsJpa.schema}"/>
|
|
||||||
</filterset>
|
|
||||||
</copy>
|
|
||||||
</target>
|
|
||||||
|
|
||||||
<target name="schema-update-required">
|
|
||||||
<condition property="update.schema">
|
|
||||||
<not>
|
|
||||||
<equals arg1="${keycloak.connectionsJpa.schema}" arg2="DEFAULT"/>
|
|
||||||
</not>
|
|
||||||
</condition>
|
|
||||||
<echo>Updating schema?: ${update.schema}</echo>
|
|
||||||
<echo>keycloak.connectionsJpa.schema: ${keycloak.connectionsJpa.schema}</echo>
|
|
||||||
</target>
|
|
||||||
|
|
||||||
<target name="undertow-subsystem-cluster">
|
|
||||||
<copy todir="${cli.tmp.dir}">
|
|
||||||
<resources>
|
|
||||||
<file file="${common.resources}/jboss-cli/undertow-subsystem-cluster-setup.cli"/>
|
|
||||||
</resources>
|
|
||||||
</copy>
|
|
||||||
</target>
|
|
||||||
|
|
||||||
<target name="ispn-cache-owners">
|
|
||||||
<copy todir="${cli.tmp.dir}">
|
|
||||||
<resources>
|
|
||||||
<file file="${common.resources}/jboss-cli/ispn-cache-owners.cli"/>
|
|
||||||
</resources>
|
|
||||||
<filterset>
|
|
||||||
<filter token="SESSION_CACHE_OWNERS" value="${session.cache.owners}"/>
|
|
||||||
<filter token="OFFLINE_SESSION_CACHE_OWNERS" value="${offline.session.cache.owners}"/>
|
|
||||||
<filter token="LOGIN_FAILURE_CACHE_OWNERS" value="${login.failure.cache.owners}"/>
|
|
||||||
</filterset>
|
|
||||||
</copy>
|
|
||||||
</target>
|
|
||||||
|
|
||||||
<target name="log-level" if="set.log.level" depends="log-level-update-required">
|
|
||||||
<copy todir="${cli.tmp.dir}">
|
|
||||||
<resources>
|
|
||||||
<file file="${common.resources}/jboss-cli/add-log-level.cli"/>
|
|
||||||
</resources>
|
|
||||||
<filterset>
|
|
||||||
<filter token="INFINISPAN_LOG_LEVEL" value="${infinispan.log.level}"/>
|
|
||||||
<filter token="SCHEDULED_TASKS_LOG_LEVEL" value="${scheduled.tasks.log.level}"/>
|
|
||||||
</filterset>
|
|
||||||
</copy>
|
|
||||||
</target>
|
|
||||||
|
|
||||||
<target name="log-level-update-required">
|
|
||||||
<!-- Default log levels -->
|
|
||||||
<property name="infinispan.log.level" value="INFO"/>
|
|
||||||
<property name="scheduled.tasks.log.level" value="INFO"/>
|
|
||||||
|
|
||||||
<condition property="set.log.level">
|
|
||||||
<or>
|
|
||||||
<equals arg1="${infinispan.log.level}" arg2="DEBUG"/>
|
|
||||||
<equals arg1="${infinispan.log.level}" arg2="TRACE"/>
|
|
||||||
<equals arg1="${scheduled.tasks.log.level}" arg2="DEBUG"/>
|
|
||||||
<equals arg1="${scheduled.tasks.log.level}" arg2="TRACE"/>
|
|
||||||
</or>
|
|
||||||
</condition>
|
|
||||||
<echo>Updating log level?: ${set.log.level}</echo>
|
|
||||||
<echo>infinispan.log.level: ${infinispan.log.level}</echo>
|
|
||||||
<echo>sheduled.tasks.log.level: ${scheduled.tasks.log.level}</echo>
|
|
||||||
</target>
|
|
||||||
|
|
||||||
<target name="replace-jdbc-url">
|
|
||||||
<copy todir="${cli.tmp.dir}">
|
|
||||||
<resources>
|
|
||||||
<file file="${common.resources}/jboss-cli/replace-jdbc-url.cli"/>
|
|
||||||
</resources>
|
|
||||||
<filterset>
|
|
||||||
<filter token="JDBC_URL" value="${h2.jdbc.url}"/>
|
|
||||||
</filterset>
|
|
||||||
</copy>
|
|
||||||
</target>
|
|
||||||
|
|
||||||
<target name="cross-dc-setup">
|
|
||||||
<copy todir="${cli.tmp.dir}">
|
|
||||||
<resources>
|
|
||||||
<file file="${common.resources}/jboss-cli/cross-dc-setup.cli"/>
|
|
||||||
<file file="${common.resources}/jboss-cli/cross-dc-setup_cache-auth.cli" if:true="${crossdc.cache.auth}" />
|
|
||||||
</resources>
|
|
||||||
<filterset>
|
|
||||||
<filter token="HOTROD_SASL_MECHANISM" value="${hotrod.sasl.mechanism}"/>
|
|
||||||
<filter token="PRELOADING_ENABLED" value="${keycloak.userSessions.infinispan.preloadOfflineSessionsFromDatabase}"/>
|
|
||||||
</filterset>
|
|
||||||
</copy>
|
|
||||||
<copy todir="${auth.server.home}/standalone/configuration">
|
|
||||||
<resources>
|
|
||||||
<file file="${common.resources}/keystore/hotrod-client-truststore.jks"/>
|
|
||||||
</resources>
|
|
||||||
</copy>
|
|
||||||
</target>
|
|
||||||
|
|
||||||
<!--following target is used by testsuite/integration-arquillian/servers/migration-->
|
|
||||||
<target name="configure-server-jpa-legacy">
|
|
||||||
<copy todir="${cli.tmp.dir}">
|
|
||||||
<resources>
|
|
||||||
<file file="${common.resources}/jboss-cli/migration/configure-server-jpa-legacy.cli"/>
|
|
||||||
</resources>
|
|
||||||
<filterset>
|
|
||||||
<filter token="DATABASE" value="${jdbc.mvn.artifactId}"/>
|
|
||||||
<filter token="DRIVER_VERSION" value="${jdbc.mvn.version}"/>
|
|
||||||
<filter token="DRIVER_TMP_DIR" value="${jdbc.driver.tmp.dir}"/>
|
|
||||||
<filter token="JDBC_URL" value="${keycloak.connectionsJpa.url}"/>
|
|
||||||
<filter token="USER" value="${keycloak.connectionsJpa.user}"/>
|
|
||||||
<filter token="PASSWORD" value="${keycloak.connectionsJpa.password}"/>
|
|
||||||
</filterset>
|
|
||||||
</copy>
|
|
||||||
</target>
|
|
||||||
|
|
||||||
<!-- Needed on Java 15 and later -->
|
|
||||||
<target name="deploy-nashorn-module">
|
|
||||||
<copy todir="${cli.tmp.dir}">
|
|
||||||
<resources>
|
|
||||||
<file file="${common.resources}/jboss-cli/deploy-nashorn-module.cli"/>
|
|
||||||
</resources>
|
|
||||||
<filterset>
|
|
||||||
<filter token="NASHORN_JAR" value="${project.build.directory}/nashorn/nashorn-core-${nashorn.version}.jar"/>
|
|
||||||
</filterset>
|
|
||||||
</copy>
|
|
||||||
<echo>Nashorn module deployed</echo>
|
|
||||||
</target>
|
|
||||||
|
|
||||||
</project>
|
|
|
@ -1,9 +0,0 @@
|
||||||
set NOPAUSE=true
|
|
||||||
|
|
||||||
call %JBOSS_HOME%\bin\jboss-cli.bat --file=keycloak-install.cli
|
|
||||||
call %JBOSS_HOME%\bin\jboss-cli.bat --file=keycloak-install-ha.cli
|
|
||||||
|
|
||||||
if %ERRORLEVEL% neq 0 set ERROR=%ERRORLEVEL%
|
|
||||||
|
|
||||||
exit /b %ERROR%
|
|
||||||
|
|
|
@ -1,17 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
echo "JBOSS_HOME=$JBOSS_HOME"
|
|
||||||
|
|
||||||
if [ ! -d "$JBOSS_HOME/bin" ] ; then
|
|
||||||
>&2 echo "JBOSS_HOME/bin doesn't exist"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
cd $JBOSS_HOME/bin
|
|
||||||
|
|
||||||
RESULT=0
|
|
||||||
./jboss-cli.sh --file=keycloak-install.cli
|
|
||||||
if [ $? -ne 0 ]; then exit 1; fi
|
|
||||||
./jboss-cli.sh --file=keycloak-install-ha.cli
|
|
||||||
if [ $? -ne 0 ]; then exit 1; fi
|
|
||||||
|
|
||||||
exit 0
|
|
|
@ -1,14 +0,0 @@
|
||||||
set NOPAUSE=true
|
|
||||||
setlocal EnableDelayedExpansion
|
|
||||||
|
|
||||||
for %%a in (%AUTH_PATCH_ZIPS%) do (
|
|
||||||
set patch=%%a
|
|
||||||
if "!patch:~0,4!"=="http" (
|
|
||||||
powershell -command "& { iwr %%a -OutFile %cd%\patch.zip }"
|
|
||||||
call %JBOSS_HOME%\bin\jboss-cli.bat --command="patch apply %cd%\patch.zip
|
|
||||||
) else (
|
|
||||||
call %JBOSS_HOME%\bin\jboss-cli.bat --command="patch apply %%a"
|
|
||||||
)
|
|
||||||
if %ERRORLEVEL% neq 0 set ERROR=%ERRORLEVEL%
|
|
||||||
)
|
|
||||||
exit /b %ERROR%
|
|
|
@ -1,23 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
echo "JBOSS_HOME=$JBOSS_HOME"
|
|
||||||
|
|
||||||
if [ ! -d "$JBOSS_HOME/bin" ] ; then
|
|
||||||
>&2 echo "JBOSS_HOME/bin doesn't exist"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
cd $JBOSS_HOME/bin
|
|
||||||
|
|
||||||
RESULT=0
|
|
||||||
patches=$(echo $AUTH_PATCH_ZIPS | tr "," "\n")
|
|
||||||
for patch in $patches
|
|
||||||
do
|
|
||||||
if [[ $patch == http* ]];
|
|
||||||
then
|
|
||||||
wget -O ./patch.zip $patch >/dev/null 2>&1
|
|
||||||
patch=./patch.zip
|
|
||||||
fi
|
|
||||||
./jboss-cli.sh --command="patch apply $patch"
|
|
||||||
if [ $? -ne 0 ]; then exit 1; fi
|
|
||||||
done
|
|
||||||
exit 0
|
|
|
@ -1,10 +0,0 @@
|
||||||
|
|
||||||
echo *** Adding infinispan logger ***
|
|
||||||
/subsystem=logging/logger=org.infinispan:add(level=@INFINISPAN_LOG_LEVEL@)
|
|
||||||
|
|
||||||
echo *** Adding scheduled tasks logger ***
|
|
||||||
/subsystem=logging/logger=org.keycloak.services.scheduled:add(level=@SCHEDULED_TASKS_LOG_LEVEL@)
|
|
||||||
|
|
||||||
echo *** Switching console handler logger to TRACE ***
|
|
||||||
/subsystem=logging/console-handler=CONSOLE:change-log-level(level=TRACE)
|
|
||||||
|
|
|
@ -1,23 +0,0 @@
|
||||||
|
|
||||||
echo *** Creating module.xml in modules ***
|
|
||||||
module add --module-root-dir=../modules/system/layers/base/ \
|
|
||||||
--name=test.jdbc.@DATABASE@ \
|
|
||||||
--resources=@DRIVER_TMP_DIR@/@DATABASE@-@DRIVER_VERSION@.jar \
|
|
||||||
--dependencies=javax.api,javax.transaction.api,javax.xml.bind.api
|
|
||||||
|
|
||||||
echo *** Updating datasource subsystem ***
|
|
||||||
echo ** Adding driver definition **
|
|
||||||
/subsystem=datasources/jdbc-driver=@DATABASE@:add(driver-name=@DATABASE@,driver-module-name=test.jdbc.@DATABASE@)
|
|
||||||
|
|
||||||
echo ** Updating connection properties **
|
|
||||||
/subsystem=datasources/data-source=KeycloakDS/:write-attribute(name=connection-url,value="@JDBC_URL@")
|
|
||||||
/subsystem=datasources/data-source=KeycloakDS/:write-attribute(name=driver-name,value="@DATABASE@")
|
|
||||||
/subsystem=datasources/data-source=KeycloakDS/:write-attribute(name=user-name,value="@USER@")
|
|
||||||
/subsystem=datasources/data-source=KeycloakDS/:write-attribute(name=password,value="@PASSWORD@")
|
|
||||||
/subsystem=datasources/data-source=KeycloakDS/:write-attribute(name=min-pool-size,value="10")
|
|
||||||
/subsystem=datasources/data-source=KeycloakDS/:write-attribute(name=max-pool-size,value="50")
|
|
||||||
/subsystem=datasources/data-source=KeycloakDS/:write-attribute(name=pool-prefill,value="true")
|
|
||||||
/subsystem=datasources/data-source=KeycloakDS/:write-attribute(name=idle-timeout-minutes,value="5")
|
|
||||||
|
|
||||||
echo *** Adding dialect logger ***
|
|
||||||
/subsystem=logging/logger=org.hibernate.dialect:add(level=${org.hibernate.dialect.Dialect:ALL})
|
|
|
@ -1,151 +0,0 @@
|
||||||
|
|
||||||
echo *** Update jgroups subsystem ***
|
|
||||||
/subsystem=jgroups/stack=udp/transport=UDP:write-attribute(name=site, value=${jboss.site.name})
|
|
||||||
|
|
||||||
echo *** Update infinispan subsystem ***
|
|
||||||
/subsystem=infinispan/cache-container=keycloak:write-attribute(name=module, value=org.keycloak.keycloak-model-infinispan)
|
|
||||||
|
|
||||||
echo ** Add remote socket binding to infinispan server **
|
|
||||||
/socket-binding-group=standard-sockets/remote-destination-outbound-socket-binding=remote-cache:add(host=${remote.cache.host:localhost}, port=${remote.cache.port:11222})
|
|
||||||
|
|
||||||
echo ** Update replicated-cache work element **
|
|
||||||
/subsystem=infinispan/cache-container=keycloak/replicated-cache=work/store=remote:add( \
|
|
||||||
passivation=false, \
|
|
||||||
fetch-state=false, \
|
|
||||||
purge=false, \
|
|
||||||
preload=false, \
|
|
||||||
shared=true, \
|
|
||||||
remote-servers=["remote-cache"], \
|
|
||||||
cache=work, \
|
|
||||||
properties={ \
|
|
||||||
rawValues=true, \
|
|
||||||
marshaller=org.keycloak.cluster.infinispan.KeycloakHotRodMarshallerFactory, \
|
|
||||||
protocolVersion=${keycloak.connectionsInfinispan.hotrodProtocolVersion} \
|
|
||||||
} \
|
|
||||||
)
|
|
||||||
|
|
||||||
/subsystem=infinispan/cache-container=keycloak/replicated-cache=work:write-attribute(name=statistics-enabled,value=true)
|
|
||||||
|
|
||||||
echo ** Update distributed-cache sessions element **
|
|
||||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=sessions/store=remote:add( \
|
|
||||||
passivation=false, \
|
|
||||||
fetch-state=false, \
|
|
||||||
purge=false, \
|
|
||||||
preload=false, \
|
|
||||||
shared=true, \
|
|
||||||
remote-servers=["remote-cache"], \
|
|
||||||
cache=sessions, \
|
|
||||||
properties={ \
|
|
||||||
rawValues=true, \
|
|
||||||
marshaller=org.keycloak.cluster.infinispan.KeycloakHotRodMarshallerFactory, \
|
|
||||||
protocolVersion=${keycloak.connectionsInfinispan.hotrodProtocolVersion} \
|
|
||||||
} \
|
|
||||||
)
|
|
||||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=sessions:write-attribute(name=statistics-enabled,value=true)
|
|
||||||
|
|
||||||
echo ** Update distributed-cache offlineSessions element **
|
|
||||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=offlineSessions/store=remote:add( \
|
|
||||||
passivation=false, \
|
|
||||||
fetch-state=false, \
|
|
||||||
purge=false, \
|
|
||||||
preload=false, \
|
|
||||||
shared=true, \
|
|
||||||
remote-servers=["remote-cache"], \
|
|
||||||
cache=offlineSessions, \
|
|
||||||
properties={ \
|
|
||||||
rawValues=true, \
|
|
||||||
marshaller=org.keycloak.cluster.infinispan.KeycloakHotRodMarshallerFactory, \
|
|
||||||
protocolVersion=${keycloak.connectionsInfinispan.hotrodProtocolVersion} \
|
|
||||||
} \
|
|
||||||
)
|
|
||||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=offlineSessions:write-attribute(name=statistics-enabled,value=true)
|
|
||||||
|
|
||||||
echo ** Update distributed-cache clientSessions element **
|
|
||||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=clientSessions/store=remote:add( \
|
|
||||||
passivation=false, \
|
|
||||||
fetch-state=false, \
|
|
||||||
purge=false, \
|
|
||||||
preload=false, \
|
|
||||||
shared=true, \
|
|
||||||
remote-servers=["remote-cache"], \
|
|
||||||
cache=clientSessions, \
|
|
||||||
properties={ \
|
|
||||||
rawValues=true, \
|
|
||||||
marshaller=org.keycloak.cluster.infinispan.KeycloakHotRodMarshallerFactory, \
|
|
||||||
protocolVersion=${keycloak.connectionsInfinispan.hotrodProtocolVersion} \
|
|
||||||
} \
|
|
||||||
)
|
|
||||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=clientSessions:write-attribute(name=statistics-enabled,value=true)
|
|
||||||
|
|
||||||
echo ** Update distributed-cache offlineClientSessions element **
|
|
||||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=offlineClientSessions/store=remote:add( \
|
|
||||||
passivation=false, \
|
|
||||||
fetch-state=false, \
|
|
||||||
purge=false, \
|
|
||||||
preload=false, \
|
|
||||||
shared=true, \
|
|
||||||
remote-servers=["remote-cache"], \
|
|
||||||
cache=offlineClientSessions, \
|
|
||||||
properties={ \
|
|
||||||
rawValues=true, \
|
|
||||||
marshaller=org.keycloak.cluster.infinispan.KeycloakHotRodMarshallerFactory, \
|
|
||||||
protocolVersion=${keycloak.connectionsInfinispan.hotrodProtocolVersion} \
|
|
||||||
} \
|
|
||||||
)
|
|
||||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=offlineClientSessions:write-attribute(name=statistics-enabled,value=true)
|
|
||||||
|
|
||||||
echo ** Update distributed-cache loginFailures element **
|
|
||||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=loginFailures/store=remote:add( \
|
|
||||||
passivation=false, \
|
|
||||||
fetch-state=false, \
|
|
||||||
purge=false, \
|
|
||||||
preload=false, \
|
|
||||||
shared=true, \
|
|
||||||
remote-servers=["remote-cache"], \
|
|
||||||
cache=loginFailures, \
|
|
||||||
properties={ \
|
|
||||||
rawValues=true, \
|
|
||||||
marshaller=org.keycloak.cluster.infinispan.KeycloakHotRodMarshallerFactory, \
|
|
||||||
protocolVersion=${keycloak.connectionsInfinispan.hotrodProtocolVersion} \
|
|
||||||
} \
|
|
||||||
)
|
|
||||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=loginFailures:write-attribute(name=statistics-enabled,value=true)
|
|
||||||
|
|
||||||
echo ** Update distributed-cache actionTokens element **
|
|
||||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=actionTokens/store=remote:add( \
|
|
||||||
passivation=false, \
|
|
||||||
fetch-state=false, \
|
|
||||||
purge=false, \
|
|
||||||
preload=false, \
|
|
||||||
shared=true, \
|
|
||||||
cache=actionTokens, \
|
|
||||||
remote-servers=["remote-cache"], \
|
|
||||||
properties={ \
|
|
||||||
rawValues=true, \
|
|
||||||
marshaller=org.keycloak.cluster.infinispan.KeycloakHotRodMarshallerFactory, \
|
|
||||||
protocolVersion=${keycloak.connectionsInfinispan.hotrodProtocolVersion} \
|
|
||||||
} \
|
|
||||||
)
|
|
||||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=actionTokens:write-attribute(name=statistics-enabled,value=true)
|
|
||||||
|
|
||||||
echo ** Update distributed-cache authenticationSessions element **
|
|
||||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=authenticationSessions:write-attribute(name=statistics-enabled,value=true)
|
|
||||||
|
|
||||||
echo *** Enable debug logging ***
|
|
||||||
/subsystem=logging/logger=org.keycloak.cluster.infinispan:add(level=DEBUG)
|
|
||||||
|
|
||||||
/subsystem=logging/logger=org.keycloak.connections.infinispan:add(level=DEBUG)
|
|
||||||
|
|
||||||
/subsystem=logging/logger=org.keycloak.models.cache.infinispan:add(level=DEBUG)
|
|
||||||
|
|
||||||
/subsystem=logging/logger=org.keycloak.models.sessions.infinispan:add(level=DEBUG)
|
|
||||||
|
|
||||||
echo *** Update undertow subsystem ***
|
|
||||||
/subsystem=undertow/server=default-server/http-listener=default:write-attribute(name=proxy-address-forwarding,value=true)
|
|
||||||
|
|
||||||
echo *** Update keycloak-server subsystem, infinispan remoteStoreSecurity ***
|
|
||||||
/subsystem=keycloak-server/spi=connectionsInfinispan/provider=default:map-put(name=properties,key=remoteStoreSecurityEnabled,value=${keycloak.connectionsInfinispan.default.remoteStoreSecurityEnabled:true})
|
|
||||||
|
|
||||||
echo *** Enable offline user session preloading ***
|
|
||||||
/subsystem=keycloak-server/spi=userSessions:add(default-provider=infinispan)
|
|
||||||
/subsystem=keycloak-server/spi=userSessions/provider=infinispan:add(properties={preloadOfflineSessionsFromDatabase => @PRELOADING_ENABLED@},enabled=true)
|
|
|
@ -1,125 +0,0 @@
|
||||||
echo ** Update replicated-cache work element **
|
|
||||||
/subsystem=infinispan/cache-container=keycloak/replicated-cache=work/store=remote:write-attribute( \
|
|
||||||
name=properties, \
|
|
||||||
value={ \
|
|
||||||
infinispan.client.hotrod.auth_username=myuser, \
|
|
||||||
infinispan.client.hotrod.auth_password=qwer1234!, \
|
|
||||||
infinispan.client.hotrod.auth_realm=default, \
|
|
||||||
infinispan.client.hotrod.auth_server_name=infinispan, \
|
|
||||||
infinispan.client.hotrod.sasl_mechanism=@HOTROD_SASL_MECHANISM@, \
|
|
||||||
infinispan.client.hotrod.trust_store_file_name=${jboss.server.config.dir}/hotrod-client-truststore.jks, \
|
|
||||||
infinispan.client.hotrod.trust_store_type=JKS, \
|
|
||||||
infinispan.client.hotrod.trust_store_password=password, \
|
|
||||||
rawValues=true, \
|
|
||||||
marshaller=org.keycloak.cluster.infinispan.KeycloakHotRodMarshallerFactory, \
|
|
||||||
protocolVersion=${keycloak.connectionsInfinispan.hotrodProtocolVersion} \
|
|
||||||
} \
|
|
||||||
)
|
|
||||||
|
|
||||||
echo ** Update distributed-cache sessions element **
|
|
||||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=sessions/store=remote:write-attribute( \
|
|
||||||
name=properties, \
|
|
||||||
value={ \
|
|
||||||
infinispan.client.hotrod.auth_username=myuser, \
|
|
||||||
infinispan.client.hotrod.auth_password=qwer1234!, \
|
|
||||||
infinispan.client.hotrod.auth_realm=default, \
|
|
||||||
infinispan.client.hotrod.auth_server_name=infinispan, \
|
|
||||||
infinispan.client.hotrod.sasl_mechanism=@HOTROD_SASL_MECHANISM@, \
|
|
||||||
infinispan.client.hotrod.trust_store_file_name=${jboss.server.config.dir}/hotrod-client-truststore.jks, \
|
|
||||||
infinispan.client.hotrod.trust_store_type=JKS, \
|
|
||||||
infinispan.client.hotrod.trust_store_password=password, \
|
|
||||||
rawValues=true, \
|
|
||||||
marshaller=org.keycloak.cluster.infinispan.KeycloakHotRodMarshallerFactory, \
|
|
||||||
protocolVersion=${keycloak.connectionsInfinispan.hotrodProtocolVersion} \
|
|
||||||
} \
|
|
||||||
)
|
|
||||||
|
|
||||||
echo ** Update distributed-cache offlineSessions element **
|
|
||||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=offlineSessions/store=remote:write-attribute( \
|
|
||||||
name=properties, \
|
|
||||||
value={ \
|
|
||||||
infinispan.client.hotrod.auth_username=myuser, \
|
|
||||||
infinispan.client.hotrod.auth_password=qwer1234!, \
|
|
||||||
infinispan.client.hotrod.auth_realm=default, \
|
|
||||||
infinispan.client.hotrod.auth_server_name=infinispan, \
|
|
||||||
infinispan.client.hotrod.sasl_mechanism=@HOTROD_SASL_MECHANISM@, \
|
|
||||||
infinispan.client.hotrod.trust_store_file_name=${jboss.server.config.dir}/hotrod-client-truststore.jks, \
|
|
||||||
infinispan.client.hotrod.trust_store_type=JKS, \
|
|
||||||
infinispan.client.hotrod.trust_store_password=password, \
|
|
||||||
rawValues=true, \
|
|
||||||
marshaller=org.keycloak.cluster.infinispan.KeycloakHotRodMarshallerFactory, \
|
|
||||||
protocolVersion=${keycloak.connectionsInfinispan.hotrodProtocolVersion} \
|
|
||||||
} \
|
|
||||||
)
|
|
||||||
|
|
||||||
echo ** Update distributed-cache clientSessions element **
|
|
||||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=clientSessions/store=remote:write-attribute( \
|
|
||||||
name=properties, \
|
|
||||||
value={ \
|
|
||||||
infinispan.client.hotrod.auth_username=myuser, \
|
|
||||||
infinispan.client.hotrod.auth_password=qwer1234!, \
|
|
||||||
infinispan.client.hotrod.auth_realm=default, \
|
|
||||||
infinispan.client.hotrod.auth_server_name=infinispan, \
|
|
||||||
infinispan.client.hotrod.sasl_mechanism=@HOTROD_SASL_MECHANISM@, \
|
|
||||||
infinispan.client.hotrod.trust_store_file_name=${jboss.server.config.dir}/hotrod-client-truststore.jks, \
|
|
||||||
infinispan.client.hotrod.trust_store_type=JKS, \
|
|
||||||
infinispan.client.hotrod.trust_store_password=password, \
|
|
||||||
rawValues=true, \
|
|
||||||
marshaller=org.keycloak.cluster.infinispan.KeycloakHotRodMarshallerFactory, \
|
|
||||||
protocolVersion=${keycloak.connectionsInfinispan.hotrodProtocolVersion} \
|
|
||||||
} \
|
|
||||||
)
|
|
||||||
|
|
||||||
echo ** Update distributed-cache offlineClientSessions element **
|
|
||||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=offlineClientSessions/store=remote:write-attribute( \
|
|
||||||
name=properties, \
|
|
||||||
value={ \
|
|
||||||
infinispan.client.hotrod.auth_username=myuser, \
|
|
||||||
infinispan.client.hotrod.auth_password=qwer1234!, \
|
|
||||||
infinispan.client.hotrod.auth_realm=default, \
|
|
||||||
infinispan.client.hotrod.auth_server_name=infinispan, \
|
|
||||||
infinispan.client.hotrod.sasl_mechanism=@HOTROD_SASL_MECHANISM@, \
|
|
||||||
infinispan.client.hotrod.trust_store_file_name=${jboss.server.config.dir}/hotrod-client-truststore.jks, \
|
|
||||||
infinispan.client.hotrod.trust_store_type=JKS, \
|
|
||||||
infinispan.client.hotrod.trust_store_password=password, \
|
|
||||||
rawValues=true, \
|
|
||||||
marshaller=org.keycloak.cluster.infinispan.KeycloakHotRodMarshallerFactory, \
|
|
||||||
protocolVersion=${keycloak.connectionsInfinispan.hotrodProtocolVersion} \
|
|
||||||
} \
|
|
||||||
)
|
|
||||||
|
|
||||||
echo ** Update distributed-cache loginFailures element **
|
|
||||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=loginFailures/store=remote:write-attribute( \
|
|
||||||
name=properties, \
|
|
||||||
value={ \
|
|
||||||
infinispan.client.hotrod.auth_username=myuser, \
|
|
||||||
infinispan.client.hotrod.auth_password=qwer1234!, \
|
|
||||||
infinispan.client.hotrod.auth_realm=default, \
|
|
||||||
infinispan.client.hotrod.auth_server_name=infinispan, \
|
|
||||||
infinispan.client.hotrod.sasl_mechanism=@HOTROD_SASL_MECHANISM@, \
|
|
||||||
infinispan.client.hotrod.trust_store_file_name=${jboss.server.config.dir}/hotrod-client-truststore.jks, \
|
|
||||||
infinispan.client.hotrod.trust_store_type=JKS, \
|
|
||||||
infinispan.client.hotrod.trust_store_password=password, \
|
|
||||||
rawValues=true, \
|
|
||||||
marshaller=org.keycloak.cluster.infinispan.KeycloakHotRodMarshallerFactory, \
|
|
||||||
protocolVersion=${keycloak.connectionsInfinispan.hotrodProtocolVersion} \
|
|
||||||
} \
|
|
||||||
)
|
|
||||||
|
|
||||||
echo ** Update distributed-cache actionTokens element **
|
|
||||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=actionTokens/store=remote:write-attribute( \
|
|
||||||
name=properties, \
|
|
||||||
value={ \
|
|
||||||
infinispan.client.hotrod.auth_username=myuser, \
|
|
||||||
infinispan.client.hotrod.auth_password=qwer1234!, \
|
|
||||||
infinispan.client.hotrod.auth_realm=default, \
|
|
||||||
infinispan.client.hotrod.auth_server_name=infinispan, \
|
|
||||||
infinispan.client.hotrod.sasl_mechanism=@HOTROD_SASL_MECHANISM@, \
|
|
||||||
infinispan.client.hotrod.trust_store_file_name=${jboss.server.config.dir}/hotrod-client-truststore.jks, \
|
|
||||||
infinispan.client.hotrod.trust_store_type=JKS, \
|
|
||||||
infinispan.client.hotrod.trust_store_password=password, \
|
|
||||||
rawValues=true, \
|
|
||||||
marshaller=org.keycloak.cluster.infinispan.KeycloakHotRodMarshallerFactory, \
|
|
||||||
protocolVersion=${keycloak.connectionsInfinispan.hotrodProtocolVersion} \
|
|
||||||
} \
|
|
||||||
)
|
|
|
@ -1,5 +0,0 @@
|
||||||
echo *** Installing nashorn-core module ***
|
|
||||||
module add --module-root-dir=../modules/system/layers/keycloak/ \
|
|
||||||
--name=org.openjdk.nashorn.nashorn-core \
|
|
||||||
--resources=@NASHORN_JAR@ \
|
|
||||||
--dependencies=asm.asm,jdk.dynalink
|
|
|
@ -1,4 +0,0 @@
|
||||||
|
|
||||||
echo *** Update io subsystem ***
|
|
||||||
/subsystem=io/worker=default:write-attribute(name=io-threads,value=@IO_WORKER_IO_THREADS@)
|
|
||||||
/subsystem=io/worker=default:write-attribute(name=task-max-threads,value=@IO_WORKER_TASK_MAX_THREADS@)
|
|
|
@ -1,10 +0,0 @@
|
||||||
|
|
||||||
echo *** Updating infinispan cache owners ***
|
|
||||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=sessions:write-attribute(name=owners, value=@SESSION_CACHE_OWNERS@)
|
|
||||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=authenticationSessions:write-attribute(name=owners, value=@SESSION_CACHE_OWNERS@)
|
|
||||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=clientSessions:write-attribute(name=owners, value=@SESSION_CACHE_OWNERS@)
|
|
||||||
|
|
||||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=offlineSessions:write-attribute(name=owners, value=@OFFLINE_SESSION_CACHE_OWNERS@)
|
|
||||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=offlineClientSessions:write-attribute(name=owners, value=@OFFLINE_SESSION_CACHE_OWNERS@)
|
|
||||||
|
|
||||||
/subsystem=infinispan/cache-container=keycloak/distributed-cache=loginFailures:write-attribute(name=owners, value=@LOGIN_FAILURE_CACHE_OWNERS@)
|
|
|
@ -1,28 +0,0 @@
|
||||||
|
|
||||||
echo *** Updating keycloak-server subsystem ***
|
|
||||||
echo ** Adding login-protocol spi **
|
|
||||||
/subsystem=keycloak-server/spi=login-protocol/:add
|
|
||||||
/subsystem=keycloak-server/spi=login-protocol/provider=saml/:add(enabled=true,properties={knownProtocols => "[\"http=${auth.server.http.port}\",\"https=${auth.server.https.port}\"]"})
|
|
||||||
|
|
||||||
echo ** Adding theme modules **
|
|
||||||
/subsystem=keycloak-server/theme=defaults/:write-attribute(name=modules,value=[org.keycloak.testsuite.integration-arquillian-testsuite-providers])
|
|
||||||
|
|
||||||
echo ** Adding provider **
|
|
||||||
/subsystem=keycloak-server/:write-attribute(name=providers, \
|
|
||||||
value=[ classpath:${jboss.home.dir}/providers/*, \
|
|
||||||
module:org.keycloak.testsuite.integration-arquillian-testsuite-providers \
|
|
||||||
] \
|
|
||||||
)
|
|
||||||
|
|
||||||
echo ** Adding max-detail-length to eventsStore spi **
|
|
||||||
/subsystem=keycloak-server/spi=eventsStore/provider=jpa/:write-attribute(name=properties.max-detail-length,value=${keycloak.eventsStore.maxDetailLength:1000})
|
|
||||||
|
|
||||||
echo ** Adding spi=userProfile with default provider and legacy-user-profile configuration of read-only attributes **
|
|
||||||
/subsystem=keycloak-server/spi=userProfile/:add(default-provider="declarative-user-profile")
|
|
||||||
/subsystem=keycloak-server/spi=userProfile/provider=declarative-user-profile/:add(properties={},enabled=true)
|
|
||||||
/subsystem=keycloak-server/spi=userProfile/provider=declarative-user-profile/:map-put(name=properties,key=read-only-attributes,value="[\"deniedFoo\",\"deniedBar*\",\"deniedSome/thing\",\"deniedsome*thing\"]")
|
|
||||||
/subsystem=keycloak-server/spi=userProfile/provider=declarative-user-profile/:map-put(name=properties,key=admin-read-only-attributes,value="[\"deniedSomeAdmin\"]")
|
|
||||||
|
|
||||||
echo ** Do not reuse connections for HttpClientProvider within testsuite **
|
|
||||||
/subsystem=keycloak-server/spi=connectionsHttpClient/provider=default/:map-put(name=properties,key=reuse-connections,value=false)
|
|
||||||
|
|
|
@ -1,21 +0,0 @@
|
||||||
|
|
||||||
echo *** Creating module.xml in modules ***
|
|
||||||
module add --name=test.jdbc.@DATABASE@ \
|
|
||||||
--resources=@DRIVER_TMP_DIR@/@DATABASE@-@DRIVER_VERSION@.jar \
|
|
||||||
--dependencies=javax.api,javax.transaction.api,javax.xml.bind.api
|
|
||||||
|
|
||||||
echo *** Updating datasource subsystem ***
|
|
||||||
echo ** Adding driver definition **
|
|
||||||
/subsystem=datasources/jdbc-driver=@DATABASE@:add(driver-name=@DATABASE@,driver-module-name=test.jdbc.@DATABASE@)
|
|
||||||
|
|
||||||
echo ** Updating connection properties **
|
|
||||||
/subsystem=datasources/data-source=KeycloakDS/:write-attribute(name=connection-url,value="@JDBC_URL@")
|
|
||||||
/subsystem=datasources/data-source=KeycloakDS/:write-attribute(name=driver-name,value="@DATABASE@")
|
|
||||||
/subsystem=datasources/data-source=KeycloakDS/:write-attribute(name=user-name,value="@USER@")
|
|
||||||
/subsystem=datasources/data-source=KeycloakDS/:write-attribute(name=password,value="@PASSWORD@")
|
|
||||||
/subsystem=datasources/data-source=KeycloakDS/:write-attribute(name=min-pool-size,value="10")
|
|
||||||
/subsystem=datasources/data-source=KeycloakDS/:write-attribute(name=max-pool-size,value="50")
|
|
||||||
/subsystem=datasources/data-source=KeycloakDS/:write-attribute(name=pool-prefill,value="true")
|
|
||||||
|
|
||||||
echo *** Adding dialect logger ***
|
|
||||||
/subsystem=logging/logger=org.hibernate.dialect:add(level=${org.hibernate.dialect.Dialect:ALL})
|
|
|
@ -1,3 +0,0 @@
|
||||||
|
|
||||||
echo ** Updating jdbc url properties **
|
|
||||||
/subsystem=datasources/data-source=KeycloakDS/:write-attribute(name=connection-url,value="@JDBC_URL@")
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue