libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

Fix project name

Browse source
This commit is contained in:
Stian Thorgersen 2016-06-09 14:41:13 +02:00
parent 7911e5fcf0
commit cab9b0a21c
5 changed files with 10 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
topics/oidc/java/fuse/servlet-whiteboard.adoc
View file

@ -7,7 +7,7 @@ https://ops4j1.jira.com/wiki/display/ops4j/Pax+Web+Extender+-+Whiteboard[Pax Web
The needed steps to secure your servlet with {{book.project.name}} are: The needed steps to secure your servlet with {{book.project.name}} are:
* Keycloak provides PaxWebIntegrationService, which allows to inject jetty-web.xml and configure security constraints for your application. * {{book.project.name}} provides PaxWebIntegrationService, which allows to inject jetty-web.xml and configure security constraints for your application.
You need to declare such service in `OSGI-INF/blueprint/blueprint.xml` inside your application. Note that your servlet needs to depend on it. You need to declare such service in `OSGI-INF/blueprint/blueprint.xml` inside your application. Note that your servlet needs to depend on it.
The example configuration can look like this: The example configuration can look like this:
[source,xml] [source,xml]

6
topics/oidc/java/jboss-adapter.adoc
View file

@ -68,7 +68,7 @@ Install on JBoss EAP 7:
[source] [source]
---- ----
$ cd $EAP_HOME $ cd $EAP_HOME
$ unzip RH-SSO-{{book.project.version}}-eap7-adapter.zip $ unzip rh-sso-{{book.project.version}}-eap7-adapter.zip
---- ----
Install on JBoss EAP 6: Install on JBoss EAP 6:
@ -76,7 +76,7 @@ Install on JBoss EAP 6:
[source] [source]
---- ----
$ cd $EAP_HOME $ cd $EAP_HOME
$ unzip RH-SSO-{{book.project.version}}-eap6-adapter.zip $ unzip rh-sso-{{book.project.version}}-eap6-adapter.zip
---- ----
{% endif %} {% endif %}
@ -231,7 +231,7 @@ Here's an example:
</web-app> </web-app>
---- ----
==== Securing WARs via Keycloak Subsystem ==== Securing WARs via Adapter Subsystem
You do not have to modify your WAR to secure it with {{book.project.name}}. Instead you can externally secure it via the {{book.project.name}} Adapter Subsystem. You do not have to modify your WAR to secure it with {{book.project.name}}. Instead you can externally secure it via the {{book.project.name}} Adapter Subsystem.
While you don't have to specify KEYCLOAK as an `auth-method`, you still have to define the `security-constraints` in `web.xml`. While you don't have to specify KEYCLOAK as an `auth-method`, you still have to define the `security-constraints` in `web.xml`.

4
topics/oidc/javascript-adapter.adoc
View file

@ -239,10 +239,10 @@ Options is an Object, where:
* token - Set an initial value for the token. * token - Set an initial value for the token.
* refreshToken - Set an initial value for the refresh token. * refreshToken - Set an initial value for the refresh token.
* idToken - Set an initial value for the id token (only together with token or refreshToken). * idToken - Set an initial value for the id token (only together with token or refreshToken).
* timeSkew - Set an initial value for skew between local time and Keycloak server in seconds (only together with token or refreshToken). * timeSkew - Set an initial value for skew between local time and {{book.project.name}} server in seconds (only together with token or refreshToken).
* checkLoginIframe - Set to enable/disable monitoring login state (default is true). * checkLoginIframe - Set to enable/disable monitoring login state (default is true).
* checkLoginIframeInterval - Set the interval to check login state (default is 5 seconds). * checkLoginIframeInterval - Set the interval to check login state (default is 5 seconds).
* responseMode - Set the OpenID Connect response mode send to Keycloak server at login request. Valid values are query or fragment . Default value is fragment, which means that after successful authentication will Keycloak redirect to javascript application with OpenID Connect parameters added in URL fragment. This is generally safer and recommended over query. * responseMode - Set the OpenID Connect response mode send to {{book.project.name}} server at login request. Valid values are query or fragment . Default value is fragment, which means that after successful authentication will {{book.project.name}} redirect to javascript application with OpenID Connect parameters added in URL fragment. This is generally safer and recommended over query.
* flow - Set the OpenID Connect flow. Valid values are standard, implicit or hybrid. * flow - Set the OpenID Connect flow. Valid values are standard, implicit or hybrid.
Returns promise to set functions to be invoked on success or error. Returns promise to set functions to be invoked on success or error.

2
topics/oidc/oidc-generic.adoc
View file

@ -188,6 +188,6 @@ There's also a few special redirect URIs:
`urn:ietf:wg:oauth:2.0:oob`:: `urn:ietf:wg:oauth:2.0:oob`::
If its not possible to start a web server in the client (or a browser is not available) it is possible to use the special `urn:ietf:wg:oauth:2.0:oob` redirect uri. If its not possible to start a web server in the client (or a browser is not available) it is possible to use the special `urn:ietf:wg:oauth:2.0:oob` redirect uri.
When this redirect uri is used Keycloak displays a page with the code in the title and in a box on the page. When this redirect uri is used {{book.project.name}} displays a page with the code in the title and in a box on the page.
The application can either detect that the browser title has changed, or the user can copy/paste the code manually to the application. The application can either detect that the browser title has changed, or the user can copy/paste the code manually to the application.
With this redirect uri it is also possible for a user to use a different device to obtain a code to paste back to the application. With this redirect uri it is also possible for a user to use a different device to obtain a code to paste back to the application.

6
topics/saml/java/jboss-adapter/jboss_adapter_installation.adoc
View file

@ -32,7 +32,7 @@ Install on JBoss EAP 6.x:
---- ----
$ cd $JBOSS_HOME $ cd $JBOSS_HOME
$ unzip RH-SSO-saml-eap6-adapter.zip $ unzip rh-sso-saml-eap6-adapter.zip
---- ----
Install on JBoss EAP 7.x: Install on JBoss EAP 7.x:
@ -40,12 +40,12 @@ Install on JBoss EAP 7.x:
---- ----
$ cd $JBOSS_HOME $ cd $JBOSS_HOME
$ unzip RH-SSO-saml-eap7-adapter.zip $ unzip rh-sso-saml-eap7-adapter.zip
---- ----
{% endif %} {% endif %}
These zip files create new JBoss Modules specific to the Wildfly/JBoss EPKeycloak SAML Adapter within your Wildfly or JBoss EAP distro. These zip files create new JBoss Modules specific to the Wildfly/JBoss EAP SAML Adapter within your Wildfly or JBoss EAP distro.
After adding the modules, you must then enable the {{book.project.name}} SAML Subsystem within your app server's server configuration: `domain.xml` or `standalone.xml`. After adding the modules, you must then enable the {{book.project.name}} SAML Subsystem within your app server's server configuration: `domain.xml` or `standalone.xml`.