Added doc for OpenShift cartridge

This commit is contained in:
Stian Thorgersen 2014-01-21 14:01:03 +00:00
parent e92980b776
commit a5fbde222f
4 changed files with 89 additions and 7 deletions

View file

@ -4,6 +4,7 @@
<!ENTITY License SYSTEM "modules/License.xml">
<!ENTITY Overview SYSTEM "modules/Overview.xml">
<!ENTITY Installation SYSTEM "modules/server-installation.xml">
<!ENTITY OpenShift SYSTEM "modules/openshift.xml">
<!ENTITY AdapterConfig SYSTEM "modules/adapter-config.xml">
<!ENTITY WildflyAdapter SYSTEM "modules/wildfly-adapter.xml">
<!ENTITY EAP6Adapter SYSTEM "modules/eap6-adapter.xml">
@ -49,6 +50,7 @@
&License;
&Overview;
&Installation;
&OpenShift;
<chapter>
<title>Adapters</title>
<para>

View file

@ -0,0 +1,71 @@
<chapter id="openshift">
<title>Running Keycloak Server on OpenShift</title>
<para>
Keycloak provides a OpenShift cartridge to make it easy to get it running on OpenShift. If you don't already
have
an account or don't know how to create applications go to
<ulink url="https://www.openshift.com/"/>
first. You can
create the Keycloak instance either with the web tool or the command line tool, both approaches are described
below.
</para>
<warning>
<para>
It's important that immediately after creating a Keycloak instance you open the <literal>Administration Console</literal>
and login to reset the password. If this is not done anyone can easily gain admin rights to your Keycloak instance.
</para>
</warning>
<section>
<title>Create Keycloak instance with the web tool</title>
<para>
Open
<ulink url="https://openshift.redhat.com/app/console/applications"/>
and click on<literal>Add Application</literal>.
Scroll down to the bottom of the page to find the
<literal>Code Anything</literal>
section. Insert
<literal>https://raw.github.com/stianst/openshift-keycloak-cartridge/master/metadata/manifest.yml</literal>
into the
<literal>URL to a cartridge definition</literal>
field and click on<literal>Next</literal>. Fill in the
following form and click on<literal>Create Application</literal>.
</para>
<para>
Click on <literal>Continue to the application overview page</literal>. Under the list of applications you should
find your Keycloak instance and the status should be <literal>Started</literal>. Click on it to open the Keycloak
servers homepage.
</para>
</section>
<section>
<title>Create Keycloak instance with the web tool</title>
<para>
Run the following command from a terminal:
<programlisting>rhc app create &lt;APPLICATION NAME&gt; https://raw.github.com/stianst/openshift-keycloak-cartridge/master/metadata/manifest.yml</programlisting>
Replace <literal>&lt;APPLICATION NAME&gt;</literal> with the name you want (for example keycloak).
</para>
<para>
Once the instance is created the rhc tool outputs details about it. Open the returned <literal>URL</literal> in a
browser to open the Keycloak servers homepage.
</para>
</section>
<section>
<title>Next steps</title>
<para>
The Keycloak servers homepage should show the Keycloak logo and <literal>Welcome to Keycloak</literal>.
There should also be a link to the <literal>Administration Console</literal>. Open that and log in using username
<literal>admin</literal> and password <literal>admin</literal>. On the first login you should be asked
to reset the password.
</para>
<tip>
<para>
On OpenShift Keycloak has been configured to only accept requests over https. If you try to use http
you should be redirected to https.
</para>
</tip>
</section>
</chapter>

View file

@ -21,9 +21,7 @@
Once the app has been created click on <literal>Settings</literal> in sidebar on the left. Then click
on <literal>Advanced</literal>. Under <literal>Security</literal> make sure
<literal>Client OAuth Login</literal> is enabled. In <literal>Valid OAuth redirect URIs</literal> insert
the <link linkend="social-callbackurl">social callback url</link>. Facebook doesn't allow
<literal>localhost</literal> in the redirect URI, so if you are testing on a local server replace
<literal>localhost</literal> with <literal>127.0.0.1</literal>. Scroll down and click on the
the <link linkend="social-callbackurl">social callback url</link>. Scroll down and click on the
<literal>Save Changes</literal> button.
</para>
</listitem>
@ -42,4 +40,10 @@
</para>
</listitem>
</orderedlist>
<tip>
<para>
Facebook doesn't allow <literal>localhost</literal> in the redirect URI. To test on a local server
replace <literal>localhost</literal> with <literal>127.0.0.1</literal>.
</para>
</tip>
</section>

View file

@ -11,10 +11,7 @@
Log in to the <ulink url="https://dev.twitter.com/apps">Twitter Developer Console</ulink>. Click the
<literal>Create a new application</literal> button. Use any value for <literal>Name</literal>,
<literal>Description</literal> and <literal>Website</literal> you want. Insert the social callback url
in <literal>Callback URL</literal>. Twitter doesn't allow <literal>localhost</literal> in the redirect URI,
so if you are testing on a local server replace <literal>localhost</literal> with <literal>127.0.0.1</literal>.
Twitter also restricts connection to TLS/SSL connections only, this means that you have to use HTTPS to
access Keycloak in order to log in via Twitter. Then click <literal>Create your Twitter application</literal>.
in <literal>Callback URL</literal>. Then click <literal>Create your Twitter application</literal>.
</para>
</listitem>
<listitem>
@ -32,4 +29,12 @@
</para>
</listitem>
</orderedlist>
<tip>
<para>
Twitter doesn't allow <literal>localhost</literal> in the redirect URI. To test on a local server
replace <literal>localhost</literal> with <literal>127.0.0.1</literal>.
Twitter also restricts connection to TLS/SSL connections only, so you are required to use HTTPS to access
Keycloak to enable log in with Twitter.
</para>
</tip>
</section>