Merge pull request #889 from mposolda/master

Minor improvements/fixes in documentation
This commit is contained in:
Marek Posolda 2014-12-16 14:22:25 +01:00
commit a3f5ace895
4 changed files with 24 additions and 2 deletions

View file

@ -216,4 +216,25 @@
</para>
</section>
<section>
<title>Troubleshooting</title>
<para>
Note that when you run cluster, you should see message similar to this in the log of both cluster nodes:
<programlisting>
<![CDATA[
INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (Incoming-10,shared=udp)
ISPN000094: Received new cluster view: [node1/keycloak|1] (2) [node1/keycloak, node2/keycloak]
]]>
</programlisting>
If you see just one node mentioned, it's possible that your cluster hosts are not joined together.
</para>
<para>
Usually it's best practice to have your cluster nodes on private network without firewall for communication among them.
Firewall could be enabled just on public access point to your network instead. If for some reason you still need to have firewall
enabled on cluster nodes, you will need to open some ports. Default values are UDP port 55200 and multicast port 45688
with multicast address 230.0.0.4. Note that you may need more ports opened if you want to enable additional features like diagnostics for your JGroups stack.
Keycloak delegates most of the clustering work to Infinispan/JGroups, so consult EAP or JGroups documentation for more info.
</para>
</section>
</chapter>

View file

@ -145,7 +145,7 @@ $ java -jar $JETTY_HOME/start.jar --add-to-startd=keycloak
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>this is ignored currently/realm-name>
<realm-name>this is ignored currently</realm-name>
</login-config>
<security-role>

View file

@ -4,7 +4,7 @@
This chapter discusses possible security vulnerabilities Keycloak could have, how Keycloak mitigates those
vulnerabilities, and what steps you need to do to configure Keycloak to mitigate some vulnerabilities. A good list
of potential vulnerabilities and what security implementations should do to mitigate them can be found in the
<ulink url="http://tools.ietf.org/html/rfc6819">OAuth 2.0 Thread Model</ulink> document put out by the IETF. Many of those vulnerabilities are discussed here.
<ulink url="http://tools.ietf.org/html/rfc6819">OAuth 2.0 Threat Model</ulink> document put out by the IETF. Many of those vulnerabilities are discussed here.
</para>
<section>
<title>SSL/HTTPS Requirement</title>

View file

@ -317,6 +317,7 @@ public class JaxrsFilterTest {
// @Test
public void testCxfExample() {
String uri = "http://localhost:9000/customerservice/customers/123";
//String uri = "http://localhost:8080/jax_rs_basic_servlet/services/service1/customerservice/customers/123";
Response resp = client.target(uri).request()
.get();
Assert.assertEquals(resp.getStatus(), 401);