libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

Add book-product.json and other fixes

Browse source
This commit is contained in:
Stian Thorgersen 2016-06-10 08:59:58 +02:00
parent 087a4553c5
commit e7cba649a3
11 changed files with 60 additions and 66 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
README.adoc
View file

@ -1,10 +1,9 @@
Keycloak Server Administration Guide Documentation
======================
= Server Administration Guide
image:images/keycloak_logo.png[alt="Keycloak"]
*Keycloak* _Documentation_ for {{book.versions.swarm}}
{{book.project.name}} {{book.project.version}}
http://www.keycloak.org

35
book-product.json Normal file
View file

@ -0,0 +1,35 @@
{
"gitbook": "2.x.x",
"structure": {
"readme": "README.adoc"
},
"plugins": [
"toggle-chapters",
"ungrey",
"splitter"
],
"variables": {
"title": "Server Administration Guide",
"project": {
"name": "Red Hat Single Sign-On",
"version": "7.0.0"
},
"community": false,
"product": true,
"images": "rhsso-images",
"developerguide": {
"name": "Server Developer Guide",
"link": "https://access.qa.redhat.com/documentation/en/red-hat-single-sign-on/7.0.0/server-developer-guide/"
},
"installguide": {
"name": "Server Installation and Configuration Guide",
"link": "https://access.qa.redhat.com/documentation/en/red-hat-single-sign-on/7.0.0/server-installation-and-configuration-guide/"
},
"adapterguide": {
"name": "Securing Applications and Services Guide",
"link": "https://access.qa.redhat.com/documentation/en/red-hat-single-sign-on/7.0.0/securing-applications-and-services-guide/"
}
}
}

61
book.json
View file

@ -9,76 +9,27 @@
"splitter"
],
"variables": {
"title": "Keycloak Administration Guide",
"title": "Server Administration Guide",
"project": {
"name": "Keycloak",
"version": "1.9.7.Final"
},
"community": true,
"product": false,
"images": "keycloak-images",
"appserver": {
"name": "Wildfly",
"version": "10",
"admindoc": {
"name": "JBoss EAP Administration and Configuration Guide",
"link": "https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.4/html/Administration_and_Configuration_Guide/"
},
"datasource": {
"name": "JBoss EAP Administration and Configuration Guide",
"link": "https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.4/html/Administration_and_Configuration_Guide/chap-Datasource_Management.html"
},
"network": {
"name": "JBoss EAP Administration and Configuration Guide",
"link": "https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.4/html/Administration_and_Configuration_Guide/chap-Network_and_Port_Configuration.html#Configure_interfaces"
},
"socket": {
"name": "JBoss EAP Administration and Configuration Guide",
"link": "https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.4/html/Administration_and_Configuration_Guide/sect-Socket_Binding_Groups.html"
},
"loadbalancer": {
"name": "JBoss EAP Administration and Configuration Guide",
"link": "https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.4/html/Administration_and_Configuration_Guide/sect-Web_HTTP_Connectors_and_HTTP_Clustering.html"
},
"jgroups": {
"name": "JBoss EAP Administration and Configuration Guide",
"link": "https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.4/html/Administration_and_Configuration_Guide/sect-JGroups.html"
}
},
"caching": {
"name": "JBoss Data Grid",
"version": "???",
"admindoc": {
"name": "JBoss Data Grid Administration and Configuration Guide",
"link": "https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Data_Grid/6.6/html/Administration_and_Configuration_Guide/index.html",
"eviction": "https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Data_Grid/7.0/html/Administration_and_Configuration_Guide/sect-Eviction_Strategies.html"
}
},
"jpa": {
"name": "Hibernate",
"version": "???",
"admindoc": {
"name": "JBoss Development Guide",
"link": "https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.4/html/Development_Guide/sect-Java_Persistence_API_JPA.html#sect-Configuration2"
}
},
"developerguide": {
"name": "Server Developer Guide",
"link": "https://keycloak.gitbooks.io/server-developer-guide/content/"
},
"adminguide": {
"name": "Server Administration Guide",
"link": "https://keycloak.gitbooks.io/server-adminstration-guide/content/"
},
"installguide": {
"name": "Server Installation and Configuration Guide",
"link": "https://keycloak.gitbooks.io/server-installation-and-configuration/content/"
},
"adapterguide": {
"name": "Securing Client Applications Guide",
"name": "Securing Applications and Services Guide",
"link": "https://keycloak.gitbooks.io/securing-client-applications-guide/content/"
},
"project": {
"name": "Keycloak",
"version": "1.9.7.Final"
}
}
}

7
build.sh Executable file
View file

@ -0,0 +1,7 @@
#!/bin/bash
cd $(readlink -f `dirname $0`)
python gitlab-conversion.py
cd target
asciidoctor master.adoc

7
gitlab-conversion.py
View file

@ -42,6 +42,9 @@ if os.path.isdir('keycloak-images'):
if os.path.isdir('rhsso-images'):
shutil.copytree('rhsso-images',os.path.join(targetdir, 'rhsso-images'))
shutil.copyfile('metadata.ini', os.path.join(targetdir, 'metadata.ini'));
shutil.copyfile('master-docinfo.xml', os.path.join(targetdir, 'master-docinfo.xml'));
tmp = os.path.join(targetdir, 'topics')
if not os.path.exists(tmp):
os.makedirs(tmp)
@ -67,8 +70,8 @@ input = re.sub(r"[ ]*\.+\s*link:(.*)\[(.*)\]", "include::\g<1>[]", input)
input = applyTransformation(input)
output.write(input)
# parse book.json file and create document attributes
with open('book.json') as data_file:
# parse book-product.json file and create document attributes
with open('book-product.json') as data_file:
data = json.load(data_file)
variables = data['variables']

2
topics/account.adoc
View file

@ -23,7 +23,7 @@ The QR code you see in the screen shot can be scanned into the FreeOTP or Google
.OTP Authenticator
image:../{{book.images}}/account-service-authenticator.png[]
The `Federated Identity` menu item allows the user to link their account with an <<fake/../identity-broker.adoc#_identity-broker, identity broker>> (this is usually used to link social provier
The `Federated Identity` menu item allows the user to link their account with an <<fake/../identity-broker.adoc#_identity_broker, identity broker>> (this is usually used to link social provier
accounts together). This will show the list of external identity providers you have configured for your realm.
.Federated Identity

1
topics/identity-broker.adoc
View file

@ -1,5 +1,4 @@
[[_identity_broker]]
== Identity Brokering
An Identity Broker is an intermediary service that connects multiple service providers with different identity providers.

2
topics/sessions/administering.adoc
View file

@ -12,7 +12,7 @@ users in the realm by clicking the `Logout all` button on the right side of this
==== Logout All Limitations
Any SSO cookies set will now be invalid and clients that request authentication in active browser sessions will now have to
re-login. Only certain clients are notified of this logout event, specifically clients that are using the {{book.projec.name}}
re-login. Only certain clients are notified of this logout event, specifically clients that are using the {{book.project.name}}
OIDC client adapter. Other client types (i.e. SAML) will not receive a backchannel logout request.
It is important to note that any outstanding access tokens are not revoked by clicking `Logout all`. They have to

2
topics/sessions/offline.adoc
View file

@ -26,5 +26,5 @@ Clients also need to have that role in their scope.
The client can request an offline token by adding the parameter `scope=offline_access` when sending authorization request to {{book.project.name}}.
The {{book.project.name}} OIDC client adapter automatically adds this parameter when you use it to access secured URL of your application (i.e.
http://localhost:8080/customer-portal/secured?scope=offline_access ). The Direct Access Grant and Service Accounts also
$$http://localhost:8080/customer-portal/secured?scope=offline_access$$). The Direct Access Grant and Service Accounts also
support offline tokens if you include `scope=offline_access` in the body of the authentication request.

2
topics/sso-protocols/oidc.adoc
View file

@ -90,7 +90,7 @@ More info together with example is in <<fake/../../clients/oidc/service-accounts
Here's a list of OIDC endpoints that the {{book.project.name}} publishes. These URLs are useful if you are using a non-{{book.project.name}} client adapter to
talk OIDC with the auth server. These are all relative URLs and the root of the URL being the HTTP(S) protocol, hostname, and usually path prefixed with
_/auth_: i.e. https://localhost:8080/auth
_/auth_: i.e. $$https://localhost:8080/auth$$
/realms/\{realm-name}/protocol/openid-connect/token::
This is the URL endpoint for obtaining a temporary code in the Authorization Code Flow or for obtaining tokens via the

2
topics/threat/brute-force.adoc
View file

@ -22,7 +22,7 @@ The downside of {{book.project.name}} brute force detection is that the server b
An attacker can simply try to guess passwords for as many accounts it knows and these account will be disabled. Eventually
Eventually we will expand this functionality to take client IP address into account when deciding whether to block a user.
A better option might be a tool like http://fail2ban.org[Fail2Ban]. You can point this service at the {{book.project.name}} server's log file.
A better option might be a tool like http://www.fail2ban.org[Fail2Ban]. You can point this service at the {{book.project.name}} server's log file.
{{book.project.name}} logs every login failure and client IP address that had the failure. Fail2Ban can be used to modify
firewalls after it detects an attack to block connections from specific IP addresses.