Merge pull request #889 from mposolda/master
Minor improvements/fixes in documentation
This commit is contained in:
commit
a3f5ace895
4 changed files with 24 additions and 2 deletions
|
@ -216,4 +216,25 @@
|
|||
</para>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>Troubleshooting</title>
|
||||
<para>
|
||||
Note that when you run cluster, you should see message similar to this in the log of both cluster nodes:
|
||||
<programlisting>
|
||||
<![CDATA[
|
||||
INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (Incoming-10,shared=udp)
|
||||
ISPN000094: Received new cluster view: [node1/keycloak|1] (2) [node1/keycloak, node2/keycloak]
|
||||
]]>
|
||||
</programlisting>
|
||||
If you see just one node mentioned, it's possible that your cluster hosts are not joined together.
|
||||
</para>
|
||||
<para>
|
||||
Usually it's best practice to have your cluster nodes on private network without firewall for communication among them.
|
||||
Firewall could be enabled just on public access point to your network instead. If for some reason you still need to have firewall
|
||||
enabled on cluster nodes, you will need to open some ports. Default values are UDP port 55200 and multicast port 45688
|
||||
with multicast address 230.0.0.4. Note that you may need more ports opened if you want to enable additional features like diagnostics for your JGroups stack.
|
||||
Keycloak delegates most of the clustering work to Infinispan/JGroups, so consult EAP or JGroups documentation for more info.
|
||||
</para>
|
||||
</section>
|
||||
|
||||
</chapter>
|
||||
|
|
|
@ -145,7 +145,7 @@ $ java -jar $JETTY_HOME/start.jar --add-to-startd=keycloak
|
|||
|
||||
<login-config>
|
||||
<auth-method>BASIC</auth-method>
|
||||
<realm-name>this is ignored currently/realm-name>
|
||||
<realm-name>this is ignored currently</realm-name>
|
||||
</login-config>
|
||||
|
||||
<security-role>
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
This chapter discusses possible security vulnerabilities Keycloak could have, how Keycloak mitigates those
|
||||
vulnerabilities, and what steps you need to do to configure Keycloak to mitigate some vulnerabilities. A good list
|
||||
of potential vulnerabilities and what security implementations should do to mitigate them can be found in the
|
||||
<ulink url="http://tools.ietf.org/html/rfc6819">OAuth 2.0 Thread Model</ulink> document put out by the IETF. Many of those vulnerabilities are discussed here.
|
||||
<ulink url="http://tools.ietf.org/html/rfc6819">OAuth 2.0 Threat Model</ulink> document put out by the IETF. Many of those vulnerabilities are discussed here.
|
||||
</para>
|
||||
<section>
|
||||
<title>SSL/HTTPS Requirement</title>
|
||||
|
|
|
@ -317,6 +317,7 @@ public class JaxrsFilterTest {
|
|||
// @Test
|
||||
public void testCxfExample() {
|
||||
String uri = "http://localhost:9000/customerservice/customers/123";
|
||||
//String uri = "http://localhost:8080/jax_rs_basic_servlet/services/service1/customerservice/customers/123";
|
||||
Response resp = client.target(uri).request()
|
||||
.get();
|
||||
Assert.assertEquals(resp.getStatus(), 401);
|
||||
|
|
Loading…
Reference in a new issue