Merge remote-tracking branch 'gs/master'

This commit is contained in:
Stian Thorgersen 2017-02-14 09:55:29 +01:00
commit bcb01cfe4d
67 changed files with 807 additions and 0 deletions

20
.gitattributes vendored Normal file
View file

@ -0,0 +1,20 @@
* text=auto
*.html text eol=lf
*.java text eol=lf
*.js text eol=lf
*.json text eol=lf
*.jsp text eol=lf
*.md text eol=lf
*.properties text eol=lf
*.svg text auto
*.xml text eol=lf
*.xsl text eol=lf
*.png binary
*.jpg binary
*.gif binary
*.ttf binary
*.eot binary
*.otf binary
*.woff binary

50
.gitignore vendored Normal file
View file

@ -0,0 +1,50 @@
node_modules
_book
# Intellij
###################
.idea
*.iml
# Eclipse #
###########
.project
.settings
.classpath
# NetBeans #
############
nbactions.xml
nb-configuration.xml
catalog.xml
# Compiled source #
###################
*.com
*.class
*.dll
*.exe
*.o
*.so
# Packages #
############
# it's better to unpack these files and commit the raw source
# git has its own built in compression methods
*.7z
*.dmg
*.gz
*.iso
*.jar
*.rar
*.tar
*.zip
# Logs and databases #
######################
*.log
# Maven #
#########
target

4
README.adoc Executable file
View file

@ -0,0 +1,4 @@
= Moved
Moved to https://github.com/keycloak/keycloak-documentation

9
getting_started/README.adoc Executable file
View file

@ -0,0 +1,9 @@
= Getting Started Guide
image:images/keycloak_logo.png[alt="Keycloak"]
{{book.project.name}} {{book.project.version}}
http://www.keycloak.org

24
getting_started/SUMMARY.adoc Executable file
View file

@ -0,0 +1,24 @@
= {{book.title}}
. link:topics/overview.adoc[Overview]
. link:topics/first-boot.adoc[Installing and Booting]
{% if book.community %}
.. link:topics/first-boot/distribution-files-community.adoc[Installing the Server]
{% endif %}
{% if book.product %}
.. link:topics/first-boot/distribution-files-product.adoc[Installing the Server]
{% endif %}
.. link:topics/first-boot/boot.adoc[Booting the Server]
.. link:topics/first-boot/initial-user.adoc[Creating the Admin Account]
.. link:topics/first-boot/admin-console.adoc[Logging in to the Admin Console]
. link:topics/first-realm.adoc[Creating Your First Realm and User]
.. link:topics/first-realm/before.adoc[Before You Start]
.. link:topics/first-realm/realm.adoc[Creating a New Realm]
.. link:topics/first-realm/user.adoc[Creating a New User]
.. link:topics/first-realm/account.adoc[User Account Service]
. link:topics/secure-jboss-app.adoc[Securing a JBoss Servlet Application]
.. link:topics/secure-jboss-app/before.adoc[Before You Start]
.. link:topics/secure-jboss-app/install-client-adapter.adoc[Installing the Client Adapter]
.. link:topics/secure-jboss-app/download-quickstarts.adoc[Downloading, Building, and Deploying Application Code]
.. link:topics/secure-jboss-app/create-client.adoc[Creating and Registering the Client]
.. link:topics/secure-jboss-app/subsystem.adoc[Configuring the Subsystem]

View file

@ -0,0 +1,36 @@
{
"gitbook": "2.x.x",
"structure": {
"readme": "README.adoc"
},
"plugins": [
"toggle-chapters",
"ungrey",
"splitter"
],
"variables": {
"title": "Getting Started Guide",
"project": {
"name": "Red Hat Single Sign-On",
"version": "7.1.0",
"doc_base_url": "https://access.redhat.com/documentation/en/red-hat-single-sign-on/",
"doc_info_version_url": "7.1-Beta"
},
"community": false,
"product": true,
"images": "rhsso-images",
"installguide": {
"name": "Server Installation and Configuration Guide",
"link": "/single/server-installation-and-configuration-guide/"
},
"adminguide": {
"name": "Server Administration Guide",
"link": "/single/server-administration-guide/"
},
"clientadapter": "RH-SSO-{{book.project.version}}-eap7-adapter.zip",
"appServer": "JBoss EAP 7",
"quickstartRepo": "https://github.com/redhat-developer/redhat-sso-quickstarts"
}
}

34
getting_started/book.json Executable file
View file

@ -0,0 +1,34 @@
{
"gitbook": "2.x.x",
"structure": {
"readme": "README.adoc"
},
"plugins": [
"toggle-chapters",
"ungrey",
"splitter"
],
"variables": {
"title": "Getting Started Guide",
"project": {
"name": "Keycloak",
"version": "SNAPSHOT"
},
"community": true,
"product": false,
"images": "keycloak-images",
"installguide": {
"name": "Server Installation and Configuration Guide",
"link": "https://keycloak.gitbooks.io/server-installation-and-configuration/content/"
},
"adminguide": {
"name": "Server Administration Guide",
"link": "https://keycloak.gitbooks.io/server-adminstration-guide/content/"
},
"clientadapter": "RH-SSO-{{book.project.version}}-eap7-adapter.zip",
"appServer": "WildFly 10",
"quickstartRepo": "https://github.com/redhat-developer/redhat-sso-quickstarts"
}
}

7
getting_started/build.sh Executable file
View file

@ -0,0 +1,7 @@
#!/bin/bash
cd $(readlink -f `dirname $0`)
python gitlab-conversion.py
cd target
asciidoctor master.adoc

69
getting_started/buildGuide.sh Executable file
View file

@ -0,0 +1,69 @@
# Build the guide
# Find the directory name and full path
CURRENT_GUIDE=${PWD##*/}
CURRENT_DIRECTORY=$(pwd)
usage(){
cat <<EOM
USAGE: $0 [OPTION]
DESCRIPTION: Build the documentation in this directory.
OPTIONS:
-h Print help.
EOM
}
while getopts "ht:" c
do
case "$c" in
h) usage
exit 1;;
\?) echo "Unknown option: -$OPTARG." >&2
usage
exit 1;;
esac
done
if [ ! -d target ]; then
echo "You must run 'python gitlab-conversion.py' to convert the content before you run this script."
exit
fi
# Remove the html and build directories and then recreate the html/images/ directory
if [ -d target/html ]; then
- rm -r target/html/
fi
if [ -d target/html ]; then
rm -r target/html/
fi
mkdir -p html
cp -r target/images/ target/html/
echo ""
echo "********************************************"
echo " Building $CURRENT_GUIDE "
echo "********************************************"
echo ""
echo "Building an asciidoctor version of the guide"
asciidoctor -t -dbook -a toc -o target/html/$CURRENT_GUIDE.html target/master.adoc
echo ""
echo "Building a ccutil version of the guide"
ccutil compile --lang en_US --format html-single --main-file target/master.adoc
cd ..
echo "View the asciidoctor build here: " file://$CURRENT_DIRECTORY/target/html/$CURRENT_GUIDE.html
if [ -d $CURRENT_DIRECTORY/build/tmp/en-US/html-single/ ]; then
echo "View the ccutil build here: " file://$CURRENT_DIRECTORY/build/tmp/en-US/html-single/index.html
exit 0
else
echo -e "${RED}Build using ccutil failed!"
echo -e "${BLACK}See the log above for details."
exit 1
fi

View file

@ -0,0 +1,113 @@
import sys, os, re, json, shutil, errno
def transform(root, f, targetdir):
full = os.path.join(root, f)
input = open(full, 'r').read()
dir = os.path.join(targetdir, root)
if not os.path.exists(dir):
os.makedirs(dir)
output = open(os.path.join(dir, f), 'w')
input = applyTransformation(input)
output.write(input)
def applyTransformation(input):
for variable in re.findall(r"\{\{(.*?)\}\}", input):
tmp = variable.replace('.', '_')
input = input.replace(variable, tmp)
input = input.replace('{{', '{').replace('}}', '}')
input = re.sub(r"<<fake.+#", "<<", input)
for variable in re.findall(r"[ ]*{% if (.*?) %}", input):
tmp = variable.replace('.', '_')
input = input.replace(variable, tmp)
exp = re.compile("[ ]*{% if (.*?) %}(.*?)[ ]*{% endif %}", re.DOTALL)
input = re.sub(exp, "ifeval::[{\g<1>}==true]\g<2>endif::[]", input)
input = re.sub(r"image:(\.\./)*", "image:", input)
input = re.sub(r"image::(\.\./)*", "image::", input)
return input
indir = 'topics'
targetdir = 'target'
if len(sys.argv) > 1:
targetdir = sys.argv[1]
if os.path.exists(targetdir):
shutil.rmtree(targetdir)
if os.path.isdir('images'):
shutil.copytree('images',os.path.join(targetdir, 'images'))
if os.path.isdir('keycloak-images'):
shutil.copytree('keycloak-images',os.path.join(targetdir, 'keycloak-images'))
if os.path.isdir('rhsso-images'):
shutil.copytree('rhsso-images',os.path.join(targetdir, 'rhsso-images'))
shutil.copyfile('metadata.ini', os.path.join(targetdir, 'metadata.ini'));
shutil.copyfile('master-docinfo.xml', os.path.join(targetdir, 'master-docinfo.xml'));
tmp = os.path.join(targetdir, 'topics')
if not os.path.exists(tmp):
os.makedirs(tmp)
# transform files
for root, dirs, filenames in os.walk(indir):
for f in filenames:
transform(root,f,targetdir)
# Create master.doc includes
input = open('SUMMARY.adoc', 'r').read()
output = open(os.path.join(targetdir, 'master.adoc'), 'w')
output.write("""
:toc:
:toclevels: 3
:numbered:
include::document-attributes.adoc[]
""")
input = re.sub(r"[ ]*\.+\s*link:(.*)\[(.*)\]", "include::\g<1>[]", input)
input = applyTransformation(input)
output.write(input)
# parse book-product.json file and create document attributes
with open('book-product.json') as data_file:
data = json.load(data_file)
variables = data['variables']
def makeAttributes(variables, variable, list):
for i in variables.keys():
if variable is None:
tmp = i
else:
tmp = variable + '_' + i
if isinstance(variables[i],dict):
makeAttributes(variables[i], tmp, list)
elif isinstance(variables[i],bool):
boolval = 'false'
if variables[i]:
boolval = 'true'
list.append({tmp: boolval})
else:
list.append({tmp: str(variables[i])})
attributeList = []
makeAttributes(variables, None, attributeList)
output = open(os.path.join(targetdir, 'document-attributes.adoc'), 'w')
for attribute in attributeList:
for k in attribute.keys():
output.write(':book_' + k + ": " + attribute[k] + "\n")
print "Transformation complete!"

Binary file not shown.

After

Width:  |  Height:  |  Size: 18 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 169 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 94 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 97 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 98 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 108 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 137 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 248 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 166 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 206 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 70 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 97 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 95 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 218 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 101 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 6.5 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 211 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 82 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 86 KiB

View file

@ -0,0 +1,12 @@
<productname>{book_project_name}</productname>
<productnumber>{book_project_doc_info_version_url}</productnumber>
<subtitle>For Use with {book_project_name} {book_project_doc_info_version_url}</subtitle>
<title>{book_title}</title>
<release>{book_project_doc_info_version_url}</release>
<abstract>
<para>This guide consists of basic information and instruction to get started with {book_project_name} {book_project_doc_info_version_url}</para>
</abstract>
<authorgroup>
<orgname>Red Hat Customer Content Services</orgname>
</authorgroup>
<xi:include href="Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />

View file

@ -0,0 +1,19 @@
[source]
language = en-US
type = book
markup = asciidoc
[metadata]
title = Getting Started Guide
product = Red Hat Single Sign-On
version = 7.1.0
edition =
subtitle =
keywords =
abstract =
[bugs]
reporting_url =
type =
product =
component = Documentation

Binary file not shown.

After

Width:  |  Height:  |  Size: 158 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 102 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 95 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 92 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 108 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 137 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 235 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 154 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 204 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 70 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 95 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 74 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 79 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 92 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 6.1 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 88 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 82 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 81 KiB

View file

@ -0,0 +1,7 @@
[[_install-boot]]
== Installing and Booting
This very short tutorial walks you through booting up the server in standalone mode, setting up the initial admin user,
and logging into the {{book.project.name}} admin console.

View file

@ -0,0 +1,23 @@
=== Logging in to the Admin Console
After you create the initial admin account, you can log in to the Admin Console by completing the following steps:
. At the bottom of the Welcome page click the _Administration Console_ link.
Alternatively you can go to the console URL directly at http://localhost:8080/auth/admin/
+
.Login Page
image:../../{{book.images}}/login-page.png[]
. Type the username and password you created on the Welcome page. The {{book.project.name}} Admin Console page opens.
+
.Admin Console
image:../../{{book.images}}/admin-console.png[]
NOTE: If you are curious about a certain feature, button, or field within the Admin Console, hover your mouse
over the question mark `?` icon. This will pop up tooltip text to describe the area of the console you are interested in.
The image above shows the tooltip in action.

View file

@ -0,0 +1,22 @@
=== Booting the Server
To boot the {{book.project.name}} server, go to the _bin/_ directory of the server distribution.
.Standalone Boot Scripts
image:../../{{book.images}}/standalone-boot-files.png[]
To boot the server:
.Linux/Unix
[source]
----
$ .../bin/standalone.sh
----
.Windows
[source]
----
> ...\bin\standalone.bat
----

View file

@ -0,0 +1,17 @@
=== Installing Distribution Files
The {{book.project.name}} Server is contained in one distribution file:
* 'keycloak-{{book.project.version}}.[zip|tar.gz]'
The 'keycloak-{{book.project.version}}.[zip|tar.gz]' file is the server only distribution. It contains nothing other than the scripts and binaries
to run the {{book.project.name}} server.
To unpack these files run the `unzip` or `gunzip` and `tar` utilities.

View file

@ -0,0 +1,16 @@
=== Installing the Server
The {{book.project.name}} Server is contained in one distribution file:
* 'RH-SSO-{{book.project.version}}.[zip|tar.gz]'
The 'RH-SSO-{{book.project.version}}.[zip|tar.gz]' file is the server-only distribution. It contains only the scripts and binaries
to run the {{book.project.name}} server.
To unpack these files run the `unzip` or `gunzip` and `tar` utilities.

View file

@ -0,0 +1,17 @@
=== Creating the Admin Account
After the server boots, open your browser and go to the http://localhost:8080/auth URL. The page should look like this:
.Welcome Page
image:../../{{book.images}}/initial-welcome-page.png[]
{{book.project.name}} does not have a configured admin account by default. You must create one on the Welcome page.
This account will allow you to create an admin that can log into the _master_ realm's administration console so that
you can start creating realms and users and registering applications to be secured by {{book.project.name}}.
NOTE: You can only create an initial admin user on the Welcome Page if you connect using `localhost`. This is a security
precaution. You can also create the initial admin user at the command line with the `add-user-keycloak.sh` script. For more details see
link:{{book.project.doc_base_url}}{{book.project.doc_info_version_url}}{{book.installguide.link}}[{{book.installguide.name}}] and link:{{book.project.doc_base_url}}{{book.project.doc_info_version_url}}{{book.adminguide.link}}[{{book.adminguide.name}}].

View file

@ -0,0 +1,6 @@
== Creating a Realm and User
This short tutorial walks you through creating a new realm within the {{book.project.name}} Admin Console and adding
a new user to that realm. With that new user you will log into your new realm and visit the built-in User Account
service that all users have access to.

View file

@ -0,0 +1,23 @@
=== User Account Service
. After creating the user, log out of the management console by clicking the right dropdown menu and selecting *Sign Off*.
. Log in to the User Account Service of your `demo` realm with the user you just created by clicking this link:
User Account Link::
http://localhost:8080/auth/realms/demo/account
. Type the username and password you created previously. You must create a permanent password after you successfully log in if you didn't toggle the Temporary switch to *Off* previously.
+
.Update Password
image:../../{{book.images}}/update-password.png[]
The User Account Service page opens. Every user in a realm has access to this Account Service by default.
You can update profile information and change or add additional credentials. For more information on this service see the link:{{book.project.doc_base_url}}{{book.project.doc_info_version_url}}{{book.adminguide.link}}[{{book.adminguide.name}}].

View file

@ -0,0 +1,6 @@
=== Before You Start
Before you can participate in this tutorial, you need to complete the installation of {{book.project.name}} and create the
initial admin user as shown in the <<fake/../../first-boot.adoc#_install-boot, Installing and Booting>> tutorial.

View file

@ -0,0 +1,27 @@
[[_create-realm]]
=== Creating a New Realm
To create a new realm, complete the following steps:
. Log in to the {{book.project.name}} Admin Console using the account you created in the
<<fake/../../first-boot.adoc#_install-boot, Install and Boot>> tutorial.
Admin Console Link::
http://localhost:8080/auth/admin/
. In the top left corner dropdown menu that is titled `Master`, click *Add Realm*. If you are logged in to the master realm this dropdown menu lists all the realms created. The Add Realm page opens.
+
.Add Realm Menu
image:../../{{book.images}}/add-realm-menu.png[]
. You will be creating a brand new realm from scratch so
type `demo` for the realm name and click `Create`.
+
.Create Realm
image:../../{{book.images}}/create-realm.png[]
After creating the realm the main Admin Console page opens. The current realm is now set to `demo`. You can switch between managing the `master` realm and the realm you just created by clicking the top left corner dropdown menu.

View file

@ -0,0 +1,32 @@
[[_create-new-user]]
=== Creating a New User
To create a new user in the `demo` realm as well as a temporary password for that account, complete the following steps:
. In the left menu bar click *Users*. The user list page opens.
+
.Users
image:../../{{book.images}}/users.png[]
. On the right side of the empty user list, click *Add User*.
+
.Add User
image:../../{{book.images}}/add-user.png[]
. The only required field is `Username`. When you are finished, click *Save*. The management page for your new user opens.
. The next step is to define a temporary password for your new user. Click the *Credentials* tab.
+
.Set Temporary Password
image:../../{{book.images}}/credentials.png[]
. Type a new password and confirm it. A red *Reset Password* button is displayed.
. Click *Reset Password* to reset the user password to the new one you specified.
NOTE: This password is temporary and the user will be required to change it after first login. You can make it permanent
by flipping the *Temporary* switch from *On* to *Off* before clicking *Reset Password*.

View file

@ -0,0 +1,7 @@
== Overview
The purpose of this guide is to get you up and running as quickly as possible so that you can
play with and test-drive various features that {{book.project.name}} has. It relies heavily on the default database
and server configuration and does not cover any complex deployment options. If you want a more
in-depth discussion of any features or configuration options, consult the various reference guides available.

View file

@ -0,0 +1,7 @@
== Securing a JBoss Servlet Application
In this section you will learn how to secure a Java Servlet application on the {{book.appServer}} application server. You will learn how to install the
{{book.project.name}} Client Adapter onto a {{book.appServer}} application server distribution. You will create and register a client application in the
{{book.project.name}} Admin Console. Finally, you will configure the application to be secured by {{book.project.name}}.

View file

@ -0,0 +1,28 @@
=== Before You Start
Before you can participate in this tutorial, you need to complete the installation of {{book.project.name}} and create the
initial admin user as shown in the <<fake/../../first-boot.adoc#_install-boot, Installing and Booting>> tutorial. There is one
caveat to this. You have to run a separate {{book.appServer}} instance on the same machine as the
{{book.project.name}} server. This separate instance will run your Java Servlet application. Because of this you will
have to run the {{book.project.name}} under a different port so that there are no port conflicts when running on the
same machine. Use the `jboss.socket.binding.port-offset` system property on the command line. The value of this property
is a number that will be added to the base value of every port opened by the {{book.project.name}} server.
To boot the {{book.project.name}} server:
.Linux/Unix
[source]
----
$ .../bin/standalone.sh -Djboss.socket.binding.port-offset=100
----
.Windows
[source]
----
> ...\bin\standalone.bat -Djboss.socket.binding.port-offset=100
----
After booting up {{book.project.name}}, you can then access the admin console at http://localhost:8180/auth/admin/

View file

@ -0,0 +1,36 @@
=== Creating and Registering the Client
The next step you have to do is to define and register the client in the {{book.project.name}} Admin Console.
. Log into
the Admin Console with your admin account as you did in previous tutorials.
. In the top left dropdown menu select and manage
the `demo` realm. Click `Clients` in the left side menu. The Clients page opens.
+
.Clients
image:../../{{book.images}}/clients.png[]
. On the right click *Create*.
. Complete the fields as shown below:
+
.Add Client
image:../../{{book.images}}/add-client.png[]
. After clicking the `Save` button your client application entry will be created. You now have to go back to the {{book.appServer}}
instance that the application is deployed on and configure it so that this app is secured by {{book.project.name}}. You can obtain
a template for the configuration you need by going to the `Installation` tab in the client entry in the {{book.project.name}} Admin Console.
+
.Installation Tab
image:../../{{book.images}}/client-installation.png[]
. Select *Keycloak OIDC JBoss Subsystem XML*. An XML template is generated that you'll need to cut and paste.
+
.Template XML
image:../../{{book.images}}/client-install-selected.png[]

View file

@ -0,0 +1,39 @@
=== Downloading, Building, and Deploying Application Code
The project and code for the application you are going to secure is available in link:{{book.quickstartRepo}}[Red Hat Developers GitHub]. You will need the following
installed on your machine and available in your PATH before you can continue:
* Java JDK 8
* Apache Maven 3.1.1 or higher
* Git
You can obtain the code by cloning the repository at {{book.quickstartRepo}}. Use the branch matching the version of Red Hat Single Sign-On in use. Follow these steps to download the code, build it,
and deploy it. Make sure your {{book.appServer}} application server is started before you run these steps.
.Clone Project
[source, subs="attributes"]
----
$ git clone {{book.quickstartRepo}}
$ cd redhat-sso-quickstarts/app-profile-jee-vanilla
$ mvn clean wildfly:deploy
----
You should see some text scroll down in the application server console window. After the application is successfully deployed go to:
http://localhost:8080/vanilla
.Application Login Page
image:../../{{book.images}}/app-login-page.png[]
If you open up the application's _web.xml_ file you would see that the application is secured via `BASIC` authentication.
If you click on the login button on the login page, the browser
will pop up a BASIC auth login dialog.
.Application Login Dialog
image:../../{{book.images}}/client-auth-required.png[]
The application is not secured by any identity provider, so anything you enter in the dialog box will result in a `Forbidden` message being
sent back by the server. The next section describes how you can take this deployed application and secure it.

View file

@ -0,0 +1,46 @@
=== Installing the Client Adapter
Download the {{book.appServer}} distribution and unzip
it into a directory on your machine.
{% if book.community %}
Next download the keycloak-wildfly-adapter-dist-{{book.project.version}}.zip distribution.
{% endif %}
{% if book.product %}
Next download the RH-SSO-{{book.project.version}}-eap7-adapter.zip distribution.
{% endif %}
Unzip this file into the root directory of your {{book.appServer}} distribution.
Next perform the following actions:
.Linux/Unix
[source]
----
$ cd bin
$ ./jboss-cli.sh --file=adapter-install-offline.cli
----
.Windows
[source]
----
> cd bin
> jboss-cli.bat --file=adapter-install-offline.cli
----
This script will make the appropriate edits to the _.../standalone/configuration/standalone.xml_ file of your app
server distribution. Finally, boot the application server.
.Linux/Unix
[source]
----
$ .../bin/standalone.sh
----
.Windows
[source]
----
> ...\bin\standalone.bat
----

View file

@ -0,0 +1,51 @@
=== Configuring the Subsystem
Now that you have copied the XML template from the Installation page, you need to paste this into the _standalone.xml_ file
that resides in the _standalone/configuration_ directory of the application server instance on which your application is deployed.
. Open the standalone/configuration/standalone.xml file and search for the following text:
+
[source,xml]
----
<subsystem xmlns="urn:jboss:domain:keycloak:1.1"/>
----
. Modify this to prepare it for pasting in your template from the Installation page:
+
[source,xml]
----
<subsystem xmlns="urn:jboss:domain:keycloak:1.1">
</subsystem>
----
. Within the <subsystem> element, paste in the template. It will look something like this:
+
[source,xml]
----
<subsystem xmlns="urn:jboss:domain:keycloak:1.1">
<secure-deployment name="WAR MODULE NAME.war">
<realm>demo</realm>
<auth-server-url>http://localhost:8180/auth</auth-server-url>
<public-client>true</public-client>
<ssl-required>EXTERNAL</ssl-required>
<resource>vanilla</resource>
</secure-deployment>
</subsystem>
----
. Change the *WAR MODULE NAME* text to *vanilla* as follows:
+
[source,xml]
----
<subsystem xmlns="urn:jboss:domain:keycloak:1.1">
<secure-deployment name="vanilla.war">
...
</subsystem>
----
. Reboot your application server.
. Go to http://localhost:8080/vanilla and click *login*. The {{book.project.name}} login page opens. You can log in using the user you created in the <<fake/../../first-realm/user.adoc#_create-new-user, Creating a New User>> chapter.