Stian Thorgersen
commit
cc523ea356
12 changed files with 206 additions and 33 deletions
|
|
@ -4,6 +4,9 @@
|
|||
</dependencies>
|
||||
<config>
|
||||
<standalone template="configuration/standalone/template.xml" subsystems="configuration/standalone/subsystems.xml" output-file="standalone/configuration/standalone.xml" />
|
||||
<standalone template="configuration/standalone/template.xml" subsystems="configuration/standalone/subsystems-ha.xml" output-file="standalone/configuration/standalone-ha.xml">
|
||||
<property name="jgroups.supplement" value="" />
|
||||
</standalone>
|
||||
<domain template="configuration/domain/template.xml" subsystems="configuration/domain/subsystems.xml" output-file="domain/configuration/domain.xml" />
|
||||
</config>
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,36 @@
|
|||
<?xml version='1.0' encoding='UTF-8'?>
|
||||
<!-- See src/resources/configuration/ReadMe.txt for how the configuration assembly works -->
|
||||
<config>
|
||||
<subsystems>
|
||||
<subsystem>logging.xml</subsystem>
|
||||
<subsystem>batch.xml</subsystem>
|
||||
<subsystem>bean-validation.xml</subsystem>
|
||||
<subsystem>keycloak-datasources.xml</subsystem>
|
||||
<subsystem>ee.xml</subsystem>
|
||||
<subsystem supplement="ha">ejb3.xml</subsystem>
|
||||
<subsystem>io.xml</subsystem>
|
||||
<subsystem supplement="ha">keycloak-infinispan.xml</subsystem>
|
||||
<subsystem>jaxrs.xml</subsystem>
|
||||
<subsystem>jca.xml</subsystem>
|
||||
<subsystem>jdr.xml</subsystem>
|
||||
<subsystem>jgroups.xml</subsystem>
|
||||
<subsystem>jmx.xml</subsystem>
|
||||
<subsystem>jpa.xml</subsystem>
|
||||
<subsystem>jsf.xml</subsystem>
|
||||
<subsystem>mail.xml</subsystem>
|
||||
<subsystem>mod_cluster.xml</subsystem>
|
||||
<subsystem>naming.xml</subsystem>
|
||||
<subsystem>pojo.xml</subsystem>
|
||||
<subsystem>remoting.xml</subsystem>
|
||||
<subsystem>resource-adapters.xml</subsystem>
|
||||
<subsystem>request-controller.xml</subsystem>
|
||||
<subsystem>sar.xml</subsystem>
|
||||
<subsystem>security-manager.xml</subsystem>
|
||||
<subsystem>security.xml</subsystem>
|
||||
<subsystem>transactions.xml</subsystem>
|
||||
<subsystem supplement="ha">undertow.xml</subsystem>
|
||||
<subsystem>webservices.xml</subsystem>
|
||||
<subsystem>weld.xml</subsystem>
|
||||
<subsystem>keycloak-server.xml</subsystem>
|
||||
</subsystems>
|
||||
</config>
|
||||
|
|
@ -3,21 +3,32 @@
|
|||
<config>
|
||||
<subsystems>
|
||||
<subsystem>logging.xml</subsystem>
|
||||
<!-- resteasy complains if bean-validation is missing -->
|
||||
<subsystem>batch.xml</subsystem>
|
||||
<subsystem>bean-validation.xml</subsystem>
|
||||
<subsystem>keycloak-datasources.xml</subsystem>
|
||||
<subsystem supplement="web-build">ee.xml</subsystem>
|
||||
<subsystem>ee.xml</subsystem>
|
||||
<subsystem>ejb3.xml</subsystem>
|
||||
<subsystem>io.xml</subsystem>
|
||||
<subsystem>infinispan.xml</subsystem>
|
||||
<subsystem>keycloak-infinispan.xml</subsystem>
|
||||
<subsystem>jaxrs.xml</subsystem>
|
||||
<subsystem>jca.xml</subsystem>
|
||||
<subsystem>jdr.xml</subsystem>
|
||||
<subsystem>jmx.xml</subsystem>
|
||||
<subsystem>jpa.xml</subsystem>
|
||||
<subsystem supplement="web-build">naming.xml</subsystem>
|
||||
<subsystem>jsf.xml</subsystem>
|
||||
<subsystem>mail.xml</subsystem>
|
||||
<subsystem>naming.xml</subsystem>
|
||||
<subsystem>pojo.xml</subsystem>
|
||||
<subsystem>remoting.xml</subsystem>
|
||||
<subsystem>resource-adapters.xml</subsystem>
|
||||
<subsystem>request-controller.xml</subsystem>
|
||||
<subsystem>sar.xml</subsystem>
|
||||
<subsystem>security-manager.xml</subsystem>
|
||||
<subsystem>security.xml</subsystem>
|
||||
<subsystem>transactions.xml</subsystem>
|
||||
<subsystem>undertow.xml</subsystem>
|
||||
<subsystem>webservices.xml</subsystem>
|
||||
<subsystem>weld.xml</subsystem>
|
||||
<subsystem>keycloak-server.xml</subsystem>
|
||||
</subsystems>
|
||||
</config>
|
||||
|
|
|
|||
|
|
@ -8,6 +8,7 @@
|
|||
exclude-result-prefixes="xalan j ds k sec">
|
||||
|
||||
<xsl:param name="config"/>
|
||||
<xsl:variable name="log" select="'urn:jboss:domain:logging:'"/>
|
||||
|
||||
<xsl:output method="xml" version="1.0" encoding="UTF-8" indent="yes" xalan:indent-amount="4" standalone="no"/>
|
||||
<xsl:strip-space elements="*"/>
|
||||
|
|
@ -59,6 +60,15 @@
|
|||
</xsl:copy>
|
||||
</xsl:template>
|
||||
|
||||
<xsl:template match="//*[local-name()='subsystem' and starts-with(namespace-uri(), $log)]">
|
||||
<xsl:copy>
|
||||
<xsl:apply-templates select="node()|@*"/>
|
||||
<logger category="org.jboss.resteasy.resteasy_jaxrs.i18n">
|
||||
<level name="ERROR"/>
|
||||
</logger>
|
||||
</xsl:copy>
|
||||
</xsl:template>
|
||||
|
||||
<xsl:template match="@*|node()">
|
||||
<xsl:copy>
|
||||
<xsl:apply-templates select="@*|node()" />
|
||||
|
|
|
|||
|
|
@ -8,9 +8,9 @@
|
|||
<relativePath>../../pom.xml</relativePath>
|
||||
</parent>
|
||||
|
||||
<artifactId>keycloak-server-overlay</artifactId>
|
||||
<artifactId>keycloak-server-overlay-parent</artifactId>
|
||||
<packaging>pom</packaging>
|
||||
<name>Keycloak Server Overlay Distributions</name>
|
||||
<name>Keycloak Server Overlay Parent</name>
|
||||
<description/>
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -8,9 +8,9 @@
|
|||
<relativePath>../../../pom.xml</relativePath>
|
||||
</parent>
|
||||
|
||||
<artifactId>keycloak-wf9-server-overlay</artifactId>
|
||||
<artifactId>keycloak-server-overlay</artifactId>
|
||||
<packaging>pom</packaging>
|
||||
<name>Keycloak Wildfly 9 Server Overlay Distribution</name>
|
||||
<name>Keycloak Server Overlay Distribution</name>
|
||||
<description/>
|
||||
|
||||
<dependencies>
|
||||
|
|
|
|||
|
|
@ -15,6 +15,18 @@
|
|||
<name>Keycloak Subsystem Server WAR</name>
|
||||
<description/>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.jboss.msc</groupId>
|
||||
<artifactId>jboss-msc</artifactId>
|
||||
<version>1.2.6.Final</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-core</artifactId>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
<build>
|
||||
<finalName>auth-server</finalName>
|
||||
<plugins>
|
||||
|
|
|
|||
|
|
@ -0,0 +1,29 @@
|
|||
package org.keycloak.provider.wildfly;
|
||||
|
||||
import org.jboss.msc.service.*;
|
||||
import org.keycloak.Config;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* Used to add a dependency on Infinispan caches to make sure they are started.
|
||||
*
|
||||
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
||||
*/
|
||||
public class InfinispanCacheActivator implements ServiceActivator {
|
||||
|
||||
private static final ServiceName cacheContainerService = ServiceName.of("jboss", "infinispan", "keycloak");
|
||||
|
||||
@Override
|
||||
public void activate(ServiceActivatorContext context) throws ServiceRegistryException {
|
||||
if (context.getServiceRegistry().getService(cacheContainerService) != null) {
|
||||
ServiceTarget st = context.getServiceTarget();
|
||||
st.addDependency(cacheContainerService);
|
||||
st.addDependency(cacheContainerService.append("realms"));
|
||||
st.addDependency(cacheContainerService.append("users"));
|
||||
st.addDependency(cacheContainerService.append("sessions"));
|
||||
st.addDependency(cacheContainerService.append("loginFailures"));
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -0,0 +1 @@
|
|||
org.keycloak.provider.wildfly.InfinispanCacheActivator
|
||||
|
|
@ -56,6 +56,8 @@
|
|||
<module name="org.jboss.resteasy.resteasy-jackson-provider" services="import"/>
|
||||
<module name="org.jboss.resteasy.resteasy-multipart-provider" services="import"/>
|
||||
<module name="org.jboss.resteasy.resteasy-jaxrs"/>
|
||||
|
||||
<module name="org.jboss.msc"/>
|
||||
</dependencies>
|
||||
<exclusions>
|
||||
<module name="org.jboss.resteasy.resteasy-jackson2-provider"/>
|
||||
|
|
|
|||
|
|
@ -57,31 +57,7 @@
|
|||
cache.
|
||||
</para>
|
||||
<para>
|
||||
To configure the required Infinspan caches open <literal>standalone/configuration/standalone-ha.xml</literal> and add:
|
||||
<programlisting>
|
||||
<![CDATA[
|
||||
<subsystem xmlns="urn:jboss:domain:infinispan:2.0">
|
||||
<cache-container name="keycloak" jndi-name="infinispan/Keycloak" start="EAGER">
|
||||
<transport lock-timeout="60000"/>
|
||||
<invalidation-cache name="realms" mode="SYNC" start="EAGER"/>
|
||||
<invalidation-cache name="users" mode="SYNC" start="EAGER"/>
|
||||
<distributed-cache name="sessions" mode="SYNC" owners="1" start="EAGER"/>
|
||||
<distributed-cache name="loginFailures" mode="SYNC" owners="1" start="EAGER"/>
|
||||
</cache-container>
|
||||
...
|
||||
</subsystem>
|
||||
]]>
|
||||
</programlisting>
|
||||
</para>
|
||||
<para>
|
||||
For more advanced options refer to the
|
||||
<ulink url="http://docs.jboss.org/author/display/WFLY8/Infinispan+Subsystem">Infinispan Subsystem</ulink>
|
||||
and
|
||||
<ulink url="http://www.infinispan.org/docs/6.0.x/user_guide/user_guide.html">Infinispan</ulink>
|
||||
documentation.
|
||||
</para>
|
||||
<para>
|
||||
Next open <literal>standalone/configuration/keycloak-server.json</literal> and add:
|
||||
To enable clustering in Keycloak open <literal>standalone/configuration/keycloak-server.json</literal> and add:
|
||||
<programlisting>
|
||||
"connectionsInfinispan": {
|
||||
"default" : {
|
||||
|
|
|
|||
|
|
@ -0,0 +1,93 @@
|
|||
<?xml version='1.0' encoding='UTF-8'?>
|
||||
<!-- See src/resources/configuration/ReadMe.txt for how the configuration assembly works -->
|
||||
<config default-supplement="default">
|
||||
<extension-module>org.jboss.as.clustering.infinispan</extension-module>
|
||||
<subsystem xmlns="urn:jboss:domain:infinispan:3.0">
|
||||
<?CACHE-CONTAINERS?>
|
||||
</subsystem>
|
||||
<supplement name="default">
|
||||
<replacement placeholder="CACHE-CONTAINERS">
|
||||
<cache-container name="server" default-cache="default" module="org.wildfly.clustering.server">
|
||||
<local-cache name="default">
|
||||
<transaction mode="BATCH"/>
|
||||
</local-cache>
|
||||
</cache-container>
|
||||
<cache-container name="web" default-cache="passivation" module="org.wildfly.clustering.web.infinispan">
|
||||
<local-cache name="passivation">
|
||||
<transaction mode="BATCH"/>
|
||||
<file-store passivation="true" purge="false"/>
|
||||
</local-cache>
|
||||
<local-cache name="persistent">
|
||||
<transaction mode="BATCH"/>
|
||||
<file-store passivation="false" purge="false"/>
|
||||
</local-cache>
|
||||
</cache-container>
|
||||
<cache-container name="ejb" aliases="sfsb" default-cache="passivation" module="org.wildfly.clustering.ejb.infinispan">
|
||||
<local-cache name="passivation">
|
||||
<transaction mode="BATCH"/>
|
||||
<file-store passivation="true" purge="false"/>
|
||||
</local-cache>
|
||||
<local-cache name="persistent">
|
||||
<transaction mode="BATCH"/>
|
||||
<file-store passivation="false" purge="false"/>
|
||||
</local-cache>
|
||||
</cache-container>
|
||||
<cache-container name="hibernate" default-cache="local-query" module="org.hibernate.infinispan">
|
||||
<local-cache name="entity">
|
||||
<transaction mode="NON_XA"/>
|
||||
<eviction strategy="LRU" max-entries="10000"/>
|
||||
<expiration max-idle="100000"/>
|
||||
</local-cache>
|
||||
<local-cache name="local-query">
|
||||
<eviction strategy="LRU" max-entries="10000"/>
|
||||
<expiration max-idle="100000"/>
|
||||
</local-cache>
|
||||
<local-cache name="timestamps"/>
|
||||
</cache-container>
|
||||
</replacement>
|
||||
</supplement>
|
||||
<supplement name="ha">
|
||||
<replacement placeholder="CACHE-CONTAINERS">
|
||||
<cache-container name="keycloak" jndi-name="infinispan/Keycloak">
|
||||
<transport lock-timeout="60000"/>
|
||||
<invalidation-cache name="realms" mode="SYNC"/>
|
||||
<invalidation-cache name="users" mode="SYNC"/>
|
||||
<distributed-cache name="sessions" mode="SYNC" owners="1"/>
|
||||
<distributed-cache name="loginFailures" mode="SYNC" owners="1"/>
|
||||
</cache-container>
|
||||
<cache-container name="server" aliases="singleton cluster" default-cache="default" module="org.wildfly.clustering.server">
|
||||
<transport lock-timeout="60000"/>
|
||||
<replicated-cache name="default" mode="SYNC">
|
||||
<transaction mode="BATCH"/>
|
||||
</replicated-cache>
|
||||
</cache-container>
|
||||
<cache-container name="web" default-cache="dist" module="org.wildfly.clustering.web.infinispan">
|
||||
<transport lock-timeout="60000"/>
|
||||
<distributed-cache name="dist" mode="ASYNC" l1-lifespan="0" owners="2">
|
||||
<transaction mode="BATCH"/>
|
||||
<file-store/>
|
||||
</distributed-cache>
|
||||
</cache-container>
|
||||
<cache-container name="ejb" aliases="sfsb" default-cache="dist" module="org.wildfly.clustering.ejb.infinispan">
|
||||
<transport lock-timeout="60000"/>
|
||||
<distributed-cache name="dist" mode="ASYNC" l1-lifespan="0" owners="2">
|
||||
<transaction mode="BATCH"/>
|
||||
<file-store/>
|
||||
</distributed-cache>
|
||||
</cache-container>
|
||||
<cache-container name="hibernate" default-cache="local-query" module="org.hibernate.infinispan">
|
||||
<transport lock-timeout="60000"/>
|
||||
<invalidation-cache name="entity" mode="SYNC">
|
||||
<transaction mode="NON_XA"/>
|
||||
<eviction strategy="LRU" max-entries="10000"/>
|
||||
<expiration max-idle="100000"/>
|
||||
</invalidation-cache>
|
||||
<local-cache name="local-query">
|
||||
<eviction strategy="LRU" max-entries="10000"/>
|
||||
<expiration max-idle="100000"/>
|
||||
</local-cache>
|
||||
<replicated-cache name="timestamps" mode="ASYNC"/>
|
||||
</cache-container>
|
||||
</replacement>
|
||||
</supplement>
|
||||
</config>
|
||||
Loading…
Reference in a new issue