Merge remote-tracking branch 'gs/master'

.gitattributes

@@ -0,0 +1,20 @@
+* text=auto
+
+*.html text eol=lf
+*.java text eol=lf
+*.js text eol=lf
+*.json text eol=lf
+*.jsp text eol=lf
+*.md text eol=lf
+*.properties text eol=lf
+*.svg text auto
+*.xml text eol=lf
+*.xsl text eol=lf
+
+*.png binary
+*.jpg binary
+*.gif binary
+*.ttf binary
+*.eot binary
+*.otf binary
+*.woff binary

.gitignore

@@ -0,0 +1,50 @@
+node_modules
+_book
+
+# Intellij
+###################
+.idea
+*.iml
+
+# Eclipse #
+###########
+.project
+.settings
+.classpath
+
+# NetBeans #
+############
+nbactions.xml
+nb-configuration.xml
+catalog.xml
+
+# Compiled source #
+###################
+*.com
+*.class
+*.dll
+*.exe
+*.o
+*.so
+
+# Packages #
+############
+# it's better to unpack these files and commit the raw source
+# git has its own built in compression methods
+*.7z
+*.dmg
+*.gz
+*.iso
+*.jar
+*.rar
+*.tar
+*.zip
+
+# Logs and databases #
+######################
+*.log
+
+# Maven #
+#########
+target
+

README.adoc

@@ -0,0 +1,4 @@
+
+= Moved
+
+Moved to https://github.com/keycloak/keycloak-documentation

getting_started/README.adoc

@@ -0,0 +1,9 @@
+
+= Getting Started Guide
+
+image:images/keycloak_logo.png[alt="Keycloak"]
+
+{{book.project.name}} {{book.project.version}}
+
+http://www.keycloak.org
+

getting_started/SUMMARY.adoc

@@ -0,0 +1,24 @@
+= {{book.title}}
+
+ . link:topics/overview.adoc[Overview]
+ . link:topics/first-boot.adoc[Installing and Booting]
+{% if book.community %}
+ .. link:topics/first-boot/distribution-files-community.adoc[Installing the Server]
+{% endif %}
+{% if book.product %}
+ .. link:topics/first-boot/distribution-files-product.adoc[Installing the Server]
+{% endif %}
+ .. link:topics/first-boot/boot.adoc[Booting the Server]
+ .. link:topics/first-boot/initial-user.adoc[Creating the Admin Account]
+ .. link:topics/first-boot/admin-console.adoc[Logging in to the Admin Console]
+ . link:topics/first-realm.adoc[Creating Your First Realm and User]
+ .. link:topics/first-realm/before.adoc[Before You Start]
+ .. link:topics/first-realm/realm.adoc[Creating a New Realm]
+ .. link:topics/first-realm/user.adoc[Creating a New User]
+ .. link:topics/first-realm/account.adoc[User Account Service]
+ . link:topics/secure-jboss-app.adoc[Securing a JBoss Servlet Application]
+ .. link:topics/secure-jboss-app/before.adoc[Before You Start]
+ .. link:topics/secure-jboss-app/install-client-adapter.adoc[Installing the Client Adapter]
+ .. link:topics/secure-jboss-app/download-quickstarts.adoc[Downloading, Building, and Deploying Application Code]
+ .. link:topics/secure-jboss-app/create-client.adoc[Creating and Registering the Client]
+ .. link:topics/secure-jboss-app/subsystem.adoc[Configuring the Subsystem]

getting_started/book-product.json

@@ -0,0 +1,36 @@
+{
+  "gitbook": "2.x.x",
+  "structure": {
+    "readme": "README.adoc"
+  },
+  "plugins": [
+    "toggle-chapters",
+    "ungrey",
+    "splitter"
+  ],
+  "variables": {
+    "title": "Getting Started Guide",
+    "project": {
+      "name": "Red Hat Single Sign-On",
+      "version": "7.1.0",
+      "doc_base_url": "https://access.redhat.com/documentation/en/red-hat-single-sign-on/",
+      "doc_info_version_url": "7.1-Beta"
+    },
+    "community": false,
+    "product": true,
+    "images": "rhsso-images",
+
+    "installguide": {
+      "name": "Server Installation and Configuration Guide",
+      "link": "/single/server-installation-and-configuration-guide/"
+
+    },
+    "adminguide": {
+      "name": "Server Administration Guide",
+      "link": "/single/server-administration-guide/"
+    },
+    "clientadapter": "RH-SSO-{{book.project.version}}-eap7-adapter.zip",
+    "appServer": "JBoss EAP 7",
+    "quickstartRepo": "https://github.com/redhat-developer/redhat-sso-quickstarts"
+  }
+}

getting_started/book.json

@@ -0,0 +1,34 @@
+{
+  "gitbook": "2.x.x",
+  "structure": {
+    "readme": "README.adoc"
+  },
+  "plugins": [
+    "toggle-chapters",
+    "ungrey",
+    "splitter"
+  ],
+  "variables": {
+    "title": "Getting Started Guide",
+    "project": {
+      "name": "Keycloak",
+      "version": "SNAPSHOT"
+    },
+    "community": true,
+    "product": false,
+    "images": "keycloak-images",
+
+    "installguide": {
+      "name": "Server Installation and Configuration Guide",
+      "link": "https://keycloak.gitbooks.io/server-installation-and-configuration/content/"
+
+    },
+    "adminguide": {
+      "name": "Server Administration Guide",
+      "link": "https://keycloak.gitbooks.io/server-adminstration-guide/content/"
+    },
+    "clientadapter": "RH-SSO-{{book.project.version}}-eap7-adapter.zip",
+    "appServer": "WildFly 10",
+    "quickstartRepo": "https://github.com/redhat-developer/redhat-sso-quickstarts"
+  }
+}

getting_started/build.sh

@@ -0,0 +1,7 @@
+#!/bin/bash
+
+cd $(readlink -f `dirname $0`)
+
+python gitlab-conversion.py
+cd target
+asciidoctor master.adoc

getting_started/buildGuide.sh

@@ -0,0 +1,69 @@
+# Build the guide
+
+# Find the directory name and full path
+CURRENT_GUIDE=${PWD##*/}
+CURRENT_DIRECTORY=$(pwd)
+
+usage(){
+  cat <<EOM
+USAGE: $0 [OPTION]
+
+DESCRIPTION: Build the documentation in this directory.
+
+OPTIONS:
+  -h       Print help.
+
+EOM
+}
+
+while getopts "ht:" c
+ do
+     case "$c" in
+       h)         usage
+                  exit 1;;
+       \?)        echo "Unknown option: -$OPTARG." >&2
+                  usage
+                  exit 1;;
+     esac
+done
+
+if [ ! -d target ]; then
+   echo "You must run 'python gitlab-conversion.py' to convert the content before you run this script."
+   exit
+fi
+
+# Remove the html and build directories and then recreate the html/images/ directory
+if [ -d target/html ]; then
+-   rm -r target/html/
+fi
+if [ -d target/html ]; then
+   rm -r target/html/
+fi
+
+mkdir -p html
+cp -r target/images/ target/html/
+
+echo ""
+echo "********************************************"
+echo " Building $CURRENT_GUIDE                "
+echo "********************************************"
+echo ""
+echo "Building an asciidoctor version of the guide"
+asciidoctor -t -dbook -a toc -o target/html/$CURRENT_GUIDE.html target/master.adoc
+
+echo ""
+echo "Building a ccutil version of the guide"
+ccutil compile --lang en_US --format html-single --main-file target/master.adoc
+
+cd ..
+
+echo "View the asciidoctor build here: " file://$CURRENT_DIRECTORY/target/html/$CURRENT_GUIDE.html
+
+if [ -d  $CURRENT_DIRECTORY/build/tmp/en-US/html-single/ ]; then
+  echo "View the ccutil build here: " file://$CURRENT_DIRECTORY/build/tmp/en-US/html-single/index.html
+  exit 0
+else
+  echo -e "${RED}Build using ccutil failed!"
+  echo -e "${BLACK}See the log above for details."
+  exit 1
+fi

getting_started/gitlab-conversion.py

@@ -0,0 +1,113 @@
+import sys, os, re, json, shutil, errno
+
+def transform(root, f, targetdir):
+    full = os.path.join(root, f)
+    input = open(full, 'r').read()
+    dir = os.path.join(targetdir, root)
+    if not os.path.exists(dir):
+        os.makedirs(dir)
+    output = open(os.path.join(dir, f), 'w')
+    input = applyTransformation(input)
+    output.write(input)
+
+
+def applyTransformation(input):
+    for variable in re.findall(r"\{\{(.*?)\}\}", input):
+        tmp = variable.replace('.', '_')
+        input = input.replace(variable, tmp)
+    input = input.replace('{{', '{').replace('}}', '}')
+    input = re.sub(r"<<fake.+#", "<<", input)
+    for variable in re.findall(r"[ ]*{% if (.*?) %}", input):
+        tmp = variable.replace('.', '_')
+        input = input.replace(variable, tmp)
+    exp = re.compile("[ ]*{% if (.*?) %}(.*?)[ ]*{% endif %}", re.DOTALL)
+    input = re.sub(exp, "ifeval::[{\g<1>}==true]\g<2>endif::[]", input)
+    input = re.sub(r"image:(\.\./)*", "image:", input)
+    input = re.sub(r"image::(\.\./)*", "image::", input)
+    return input
+
+
+indir = 'topics'
+targetdir = 'target'
+if len(sys.argv) > 1:
+    targetdir = sys.argv[1]
+
+if os.path.exists(targetdir):
+    shutil.rmtree(targetdir)
+
+if os.path.isdir('images'):
+    shutil.copytree('images',os.path.join(targetdir, 'images'))
+if os.path.isdir('keycloak-images'):
+    shutil.copytree('keycloak-images',os.path.join(targetdir, 'keycloak-images'))
+if os.path.isdir('rhsso-images'):
+    shutil.copytree('rhsso-images',os.path.join(targetdir, 'rhsso-images'))
+
+shutil.copyfile('metadata.ini', os.path.join(targetdir, 'metadata.ini'));
+shutil.copyfile('master-docinfo.xml', os.path.join(targetdir, 'master-docinfo.xml'));
+
+tmp = os.path.join(targetdir, 'topics')
+if not os.path.exists(tmp):
+    os.makedirs(tmp)
+
+# transform files
+for root, dirs, filenames in os.walk(indir):
+    for f in filenames:
+        transform(root,f,targetdir)
+
+# Create master.doc includes
+input = open('SUMMARY.adoc', 'r').read()
+output = open(os.path.join(targetdir, 'master.adoc'), 'w')
+
+output.write("""
+:toc:
+:toclevels: 3
+:numbered:
+
+include::document-attributes.adoc[]
+""")
+
+input = re.sub(r"[ ]*\.+\s*link:(.*)\[(.*)\]", "include::\g<1>[]", input)
+input = applyTransformation(input)
+output.write(input)
+
+# parse book-product.json file and create document attributes
+with open('book-product.json') as data_file:
+    data = json.load(data_file)
+
+variables = data['variables']
+
+def makeAttributes(variables, variable, list):
+    for i in variables.keys():
+        if variable is None:
+            tmp = i
+        else:
+            tmp = variable + '_' + i
+        if isinstance(variables[i],dict):
+            makeAttributes(variables[i], tmp, list)
+        elif isinstance(variables[i],bool):
+            boolval = 'false'
+            if variables[i]:
+                boolval = 'true'
+            list.append({tmp: boolval})
+        else:
+            list.append({tmp: str(variables[i])})
+
+
+attributeList = []
+makeAttributes(variables, None, attributeList)
+
+output = open(os.path.join(targetdir, 'document-attributes.adoc'), 'w')
+for attribute in attributeList:
+    for k in attribute.keys():
+        output.write(':book_' + k + ": " + attribute[k] + "\n")
+
+print "Transformation complete!"
+
+
+
+
+
+
+
+
+

getting_started/master-docinfo.xml

@@ -0,0 +1,12 @@
+<productname>{book_project_name}</productname>
+<productnumber>{book_project_doc_info_version_url}</productnumber>
+<subtitle>For Use with {book_project_name} {book_project_doc_info_version_url}</subtitle>
+<title>{book_title}</title>
+<release>{book_project_doc_info_version_url}</release>
+<abstract>
+	    <para>This guide consists of basic information and instruction to get started with {book_project_name} {book_project_doc_info_version_url}</para>
+    </abstract>
+<authorgroup>
+    <orgname>Red Hat Customer Content Services</orgname>
+</authorgroup>
+<xi:include href="Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />

getting_started/metadata.ini

@@ -0,0 +1,19 @@
+[source]
+language = en-US
+type = book
+markup = asciidoc
+
+[metadata]
+title = Getting Started Guide
+product = Red Hat Single Sign-On
+version = 7.1.0
+edition =
+subtitle =
+keywords =
+abstract =
+
+[bugs]
+reporting_url =
+type =
+product =
+component = Documentation

getting_started/topics/first-boot.adoc

@@ -0,0 +1,7 @@
+[[_install-boot]]
+
+== Installing and Booting
+
+This very short tutorial walks you through booting up the server in standalone mode, setting up the initial admin user,
+and logging into the {{book.project.name}} admin console.
+

getting_started/topics/first-boot/admin-console.adoc

@@ -0,0 +1,23 @@
+
+=== Logging in to the Admin Console
+
+After you create the initial admin account, you can log in to the Admin Console by completing the following steps:
+
+. At the bottom of the Welcome page click the _Administration Console_ link.
+Alternatively you can go to the console URL directly at http://localhost:8080/auth/admin/
++
+.Login Page
+image:../../{{book.images}}/login-page.png[]
+
+. Type the username and password you created on the Welcome page. The {{book.project.name}} Admin Console page opens.
++
+.Admin Console
+image:../../{{book.images}}/admin-console.png[]
+
+NOTE:  If you are curious about a certain feature, button, or field within the Admin Console, hover your mouse
+      over the question mark `?` icon.  This will pop up tooltip text to describe the area of the console you are interested in.
+      The image above shows the tooltip in action.
+
+
+
+

getting_started/topics/first-boot/boot.adoc

@@ -0,0 +1,22 @@
+
+=== Booting the Server
+
+To boot the {{book.project.name}} server, go to the _bin/_ directory of the server distribution.
+
+.Standalone Boot Scripts
+image:../../{{book.images}}/standalone-boot-files.png[]
+
+To boot the server:
+
+.Linux/Unix
+[source]
+----
+$ .../bin/standalone.sh
+----
+
+.Windows
+[source]
+----
+> ...\bin\standalone.bat
+----
+

getting_started/topics/first-boot/distribution-files-community.adoc

@@ -0,0 +1,17 @@
+
+=== Installing Distribution Files
+
+The {{book.project.name}} Server is contained in one distribution file:
+
+* 'keycloak-{{book.project.version}}.[zip|tar.gz]'
+
+The 'keycloak-{{book.project.version}}.[zip|tar.gz]' file is the server only distribution.  It contains nothing other than the scripts and binaries
+to run the {{book.project.name}} server.
+
+To unpack these files run the `unzip` or `gunzip` and `tar` utilities.
+
+
+
+
+
+

getting_started/topics/first-boot/distribution-files-product.adoc

@@ -0,0 +1,16 @@
+
+=== Installing the Server
+
+The {{book.project.name}} Server is contained in one distribution file:
+
+* 'RH-SSO-{{book.project.version}}.[zip|tar.gz]'
+
+The 'RH-SSO-{{book.project.version}}.[zip|tar.gz]' file is the server-only distribution. It contains only the scripts and binaries
+to run the {{book.project.name}} server.
+
+To unpack these files run the `unzip` or `gunzip` and `tar` utilities.
+
+
+
+
+

getting_started/topics/first-boot/initial-user.adoc

@@ -0,0 +1,17 @@
+
+=== Creating the Admin Account
+
+After the server boots, open your browser and go to the http://localhost:8080/auth URL. The page should look like this:
+
+.Welcome Page
+image:../../{{book.images}}/initial-welcome-page.png[]
+
+{{book.project.name}} does not have a configured admin account by default. You must create one on the Welcome page.
+This account will allow you to create an admin that can log into the _master_ realm's administration console so that
+you can start creating realms and users and registering applications to be secured by {{book.project.name}}.
+
+NOTE:  You can only create an initial admin user on the Welcome Page if you connect using `localhost`. This is a security
+       precaution. You can also create the initial admin user at the command line with the `add-user-keycloak.sh` script. For more details see
+       link:{{book.project.doc_base_url}}{{book.project.doc_info_version_url}}{{book.installguide.link}}[{{book.installguide.name}}] and link:{{book.project.doc_base_url}}{{book.project.doc_info_version_url}}{{book.adminguide.link}}[{{book.adminguide.name}}].
+
+

getting_started/topics/first-realm.adoc

@@ -0,0 +1,6 @@
+
+== Creating a Realm and User
+
+This short tutorial walks you through creating a new realm within the {{book.project.name}} Admin Console and adding
+a new user to that realm. With that new user you will log into your new realm and visit the built-in User Account
+service that all users have access to.

getting_started/topics/first-realm/account.adoc

@@ -0,0 +1,23 @@
+
+=== User Account Service
+
+. After creating the user, log out of the management console by clicking the right dropdown menu and selecting *Sign Off*.
+
+. Log in to the User Account Service of your `demo` realm with the user you just created by clicking this link:
+
+User Account Link::
+  http://localhost:8080/auth/realms/demo/account
+
+. Type the username and password you created previously. You must create a permanent password after you successfully log in if you didn't toggle the Temporary switch to *Off* previously.
++
+.Update Password
+image:../../{{book.images}}/update-password.png[]
+
+The User Account Service page opens. Every user in a realm has access to this Account Service by default.
+You can update profile information and change or add additional credentials. For more information on this service see the link:{{book.project.doc_base_url}}{{book.project.doc_info_version_url}}{{book.adminguide.link}}[{{book.adminguide.name}}].
+
+
+
+
+
+

getting_started/topics/first-realm/before.adoc

@@ -0,0 +1,6 @@
+
+=== Before You Start
+
+Before you can participate in this tutorial, you need to complete the installation of {{book.project.name}} and create the
+initial admin user as shown in the <<fake/../../first-boot.adoc#_install-boot, Installing and Booting>> tutorial.
+

getting_started/topics/first-realm/realm.adoc

@@ -0,0 +1,27 @@
+[[_create-realm]]
+
+=== Creating a New Realm
+
+To create a new realm, complete the following steps:
+
+. Log in to the {{book.project.name}} Admin Console using the account you created in the
+<<fake/../../first-boot.adoc#_install-boot, Install and Boot>> tutorial.
+
+Admin Console Link::
+  http://localhost:8080/auth/admin/
+
+. In the top left corner dropdown menu that is titled `Master`, click *Add Realm*.  If you are logged in to the master realm this dropdown menu lists all the realms created. The Add Realm page opens. 
++
+.Add Realm Menu
+image:../../{{book.images}}/add-realm-menu.png[]
+
+. You will be creating a brand new realm from scratch so
+type `demo` for the realm name and click `Create`.
++
+.Create Realm
+image:../../{{book.images}}/create-realm.png[]
+
+After creating the realm the main Admin Console page opens. The current realm is now set to `demo`. You can switch between managing the `master` realm and the realm you just created by clicking the top left corner dropdown menu.
+
+
+

getting_started/topics/first-realm/user.adoc

@@ -0,0 +1,32 @@
+[[_create-new-user]]
+
+=== Creating a New User
+
+To create a new user in the `demo` realm as well as a temporary password for that account, complete the following steps:
+
+. In the left menu bar click *Users*. The user list page opens.
++
+.Users
+image:../../{{book.images}}/users.png[]
+
+. On the right side of the empty user list, click *Add User*.
+
++
+.Add User
+image:../../{{book.images}}/add-user.png[]
+
+. The only required field is `Username`.  When you are finished, click *Save*.  The management page for your new user opens.
+
+. The next step is to define a temporary password for your new user. Click the *Credentials* tab.
++
+.Set Temporary Password
+image:../../{{book.images}}/credentials.png[]
+
+. Type a new password and confirm it. A red *Reset Password* button is displayed.
+. Click *Reset Password* to reset the user password to the new one you specified.  
+
+NOTE: This password is temporary and the user will be required to change it after first login. You can make it permanent
+by flipping the *Temporary* switch from *On* to *Off* before clicking *Reset Password*.
+
+
+

getting_started/topics/overview.adoc

@@ -0,0 +1,7 @@
+
+== Overview
+
+The purpose of this guide is to get you up and running as quickly as possible so that you can
+play with and test-drive various features that {{book.project.name}} has. It relies heavily on the default database
+and server configuration and does not cover any complex deployment options. If you want a more
+in-depth discussion of any features or configuration options, consult the various reference guides available.

getting_started/topics/secure-jboss-app.adoc

@@ -0,0 +1,7 @@
+
+== Securing a JBoss Servlet Application
+
+In this section you will learn how to secure a Java Servlet application on the {{book.appServer}} application server.  You will learn how to install the
+{{book.project.name}} Client Adapter onto a {{book.appServer}} application server distribution.  You will create and register a client application in the
+{{book.project.name}} Admin Console.  Finally, you will configure the application to be secured by {{book.project.name}}.
+

getting_started/topics/secure-jboss-app/before.adoc

@@ -0,0 +1,28 @@
+
+=== Before You Start
+
+Before you can participate in this tutorial, you need to complete the installation of {{book.project.name}} and create the
+initial admin user as shown in the <<fake/../../first-boot.adoc#_install-boot, Installing and Booting>> tutorial.  There is one
+caveat to this.  You have to run a separate {{book.appServer}} instance on the same machine as the
+{{book.project.name}} server.  This separate instance will run your Java Servlet application.  Because of this you will
+have to run the {{book.project.name}} under a different port so that there are no port conflicts when running on the
+same machine.  Use the `jboss.socket.binding.port-offset` system property on the command line.  The value of this property
+is a number that will be added to the base value of every port opened by the {{book.project.name}} server.
+
+To boot the {{book.project.name}} server:
+
+.Linux/Unix
+[source]
+----
+$ .../bin/standalone.sh -Djboss.socket.binding.port-offset=100
+----
+
+.Windows
+[source]
+----
+> ...\bin\standalone.bat -Djboss.socket.binding.port-offset=100
+----
+
+After booting up {{book.project.name}}, you can then access the admin console at http://localhost:8180/auth/admin/
+
+

getting_started/topics/secure-jboss-app/create-client.adoc

@@ -0,0 +1,36 @@
+
+=== Creating and Registering the Client
+
+The next step you have to do is to define and register the client in the {{book.project.name}} Admin Console.  
+
+. Log into
+the Admin Console with your admin account as you did in previous tutorials.  
+
+. In the top left dropdown menu select and manage
+the `demo` realm.  Click `Clients` in the left side menu.  The Clients page opens.
++
+.Clients
+image:../../{{book.images}}/clients.png[]
+
+. On the right click *Create*.  
+
+. Complete the fields as shown below:
++
+.Add Client
+image:../../{{book.images}}/add-client.png[]
+
+. After clicking the `Save` button your client application entry will be created.  You now have to go back to the {{book.appServer}}
+instance that the application is deployed on and configure it so that this app is secured by {{book.project.name}}.  You can obtain
+a template for the configuration you need by going to the `Installation` tab in the client entry in the {{book.project.name}} Admin Console.
++
+.Installation Tab
+image:../../{{book.images}}/client-installation.png[]
+
+. Select *Keycloak OIDC JBoss Subsystem XML*.  An XML template is generated that you'll need to cut and paste.
++
+.Template XML
+image:../../{{book.images}}/client-install-selected.png[]
+
+
+
+

getting_started/topics/secure-jboss-app/download-quickstarts.adoc

@@ -0,0 +1,39 @@
+
+=== Downloading, Building, and Deploying Application Code
+
+The project and code for the application you are going to secure is available in link:{{book.quickstartRepo}}[Red Hat Developers GitHub].  You will need the following
+installed on your machine and available in your PATH before you can continue:
+
+* Java JDK 8
+* Apache Maven 3.1.1 or higher
+* Git
+
+You can obtain the code by cloning the repository at {{book.quickstartRepo}}. Use the branch matching the version of Red Hat Single Sign-On in use. Follow these steps to download the code, build it,
+and deploy it. Make sure your {{book.appServer}} application server is started before you run these steps.
+
+.Clone Project
+[source, subs="attributes"]
+----
+$ git clone {{book.quickstartRepo}}
+$ cd redhat-sso-quickstarts/app-profile-jee-vanilla
+$ mvn clean wildfly:deploy
+----
+
+You should see some text scroll down in the application server console window.  After the application is successfully deployed go to:
+
+http://localhost:8080/vanilla
+
+.Application Login Page
+image:../../{{book.images}}/app-login-page.png[]
+
+If you open up the application's _web.xml_ file you would see that the application is secured via `BASIC` authentication.
+If you click on the login button on the login page, the browser
+will pop up a BASIC auth login dialog.
+
+
+.Application Login Dialog
+image:../../{{book.images}}/client-auth-required.png[]
+
+
+The application is not secured by any identity provider, so anything you enter in the dialog box will result in a `Forbidden` message being
+sent back by the server.  The next section describes how you can take this deployed application and secure it.

getting_started/topics/secure-jboss-app/install-client-adapter.adoc

@@ -0,0 +1,46 @@
+
+=== Installing the Client Adapter
+
+Download the {{book.appServer}} distribution and unzip
+it into a directory on your machine.
+
+{% if book.community %}
+Next download the keycloak-wildfly-adapter-dist-{{book.project.version}}.zip distribution.
+{% endif %}
+
+{% if book.product %}
+Next download the RH-SSO-{{book.project.version}}-eap7-adapter.zip distribution.
+{% endif %}
+
+Unzip this file into the root directory of your {{book.appServer}} distribution.
+
+Next perform the following actions:
+
+.Linux/Unix
+[source]
+----
+$ cd bin
+$ ./jboss-cli.sh --file=adapter-install-offline.cli
+----
+
+.Windows
+[source]
+----
+> cd bin
+> jboss-cli.bat --file=adapter-install-offline.cli
+----
+
+This script will make the appropriate edits to the _.../standalone/configuration/standalone.xml_ file of your app
+server distribution.  Finally, boot the application server.
+
+.Linux/Unix
+[source]
+----
+$ .../bin/standalone.sh
+----
+
+.Windows
+[source]
+----
+> ...\bin\standalone.bat
+----

getting_started/topics/secure-jboss-app/subsystem.adoc

@@ -0,0 +1,51 @@
+
+=== Configuring the Subsystem
+
+Now that you have copied the XML template from the Installation page, you need to paste this into the _standalone.xml_ file
+that resides in the _standalone/configuration_ directory of the application server instance on which your application is deployed.
+
+. Open the standalone/configuration/standalone.xml file and search for the following text:
++
+[source,xml]
+----
+<subsystem xmlns="urn:jboss:domain:keycloak:1.1"/>
+----
+
+. Modify this to prepare it for pasting in your template from the Installation page:
++
+[source,xml]
+----
+<subsystem xmlns="urn:jboss:domain:keycloak:1.1">
+</subsystem>
+----
+
+. Within the <subsystem> element, paste in the template. It will look something like this:
++
+[source,xml]
+----
+<subsystem xmlns="urn:jboss:domain:keycloak:1.1">
+  <secure-deployment name="WAR MODULE NAME.war">
+    <realm>demo</realm>
+    <auth-server-url>http://localhost:8180/auth</auth-server-url>
+    <public-client>true</public-client>
+    <ssl-required>EXTERNAL</ssl-required>
+    <resource>vanilla</resource>
+  </secure-deployment>
+</subsystem>
+----
+
+. Change the *WAR MODULE NAME* text to *vanilla* as follows:
++
+[source,xml]
+----
+<subsystem xmlns="urn:jboss:domain:keycloak:1.1">
+  <secure-deployment name="vanilla.war">
+  ...
+</subsystem>
+----
+
+. Reboot your application server.  
+
+. Go to http://localhost:8080/vanilla and click *login*. The {{book.project.name}} login page opens. You can log in using the user you created in the <<fake/../../first-realm/user.adoc#_create-new-user, Creating a New User>> chapter.
+
+