Minor improvements/fixes in documentation

2014-12-16 14:04:04 +01:00 · 2014-12-16 14:04:04 +01:00 · fbe26e28f1
commit fbe26e28f1
parent 5ee0827a84
4 changed files with 24 additions and 2 deletions
--- a/docbook/reference/en/en-US/modules/clustering.xml
+++ b/docbook/reference/en/en-US/modules/clustering.xml
@ -216,4 +216,25 @@
        </para>
    </section>

+    <section>
+        <title>Troubleshooting</title>
+        <para>
+            Note that when you run cluster, you should see message similar to this in the log of both cluster nodes:
+<programlisting>
+<![CDATA[
+INFO  [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (Incoming-10,shared=udp)
+ISPN000094: Received new cluster view: [node1/keycloak|1] (2) [node1/keycloak, node2/keycloak]
+]]>
+</programlisting>
+            If you see just one node mentioned, it's possible that your cluster hosts are not joined together.
+        </para>
+        <para>
+            Usually it's best practice to have your cluster nodes on private network without firewall for communication among them.
+            Firewall could be enabled just on public access point to your network instead. If for some reason you still need to have firewall
+            enabled on cluster nodes, you will need to open some ports. Default values are UDP port 55200 and multicast port 45688
+            with multicast address 230.0.0.4. Note that you may need more ports opened if you want to enable additional features like diagnostics for your JGroups stack.
+            Keycloak delegates most of the clustering work to Infinispan/JGroups, so consult EAP or JGroups documentation for more info.
+        </para>
+    </section>
+
 </chapter>
--- a/docbook/reference/en/en-US/modules/jetty9-adapter.xml
+++ b/docbook/reference/en/en-US/modules/jetty9-adapter.xml
@ -145,7 +145,7 @@ $ java -jar $JETTY_HOME/start.jar --add-to-startd=keycloak

    <login-config>
        <auth-method>BASIC</auth-method>
-        <realm-name>this is ignored currently/realm-name>
+        <realm-name>this is ignored currently</realm-name>
    </login-config>

    <security-role>
--- a/docbook/reference/en/en-US/modules/security-vulnerabilities.xml
+++ b/docbook/reference/en/en-US/modules/security-vulnerabilities.xml
@ -4,7 +4,7 @@
        This chapter discusses possible security vulnerabilities Keycloak could have, how Keycloak mitigates those
        vulnerabilities, and what steps you need to do to configure Keycloak to mitigate some vulnerabilities.  A good list
        of potential vulnerabilities and what security implementations should do to mitigate them can be found in the
-        <ulink url="http://tools.ietf.org/html/rfc6819">OAuth 2.0 Thread Model</ulink> document put out by the IETF.  Many of those vulnerabilities are discussed here.
+        <ulink url="http://tools.ietf.org/html/rfc6819">OAuth 2.0 Threat Model</ulink> document put out by the IETF.  Many of those vulnerabilities are discussed here.
    </para>
    <section>
        <title>SSL/HTTPS Requirement</title>
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/jaxrs/JaxrsFilterTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/jaxrs/JaxrsFilterTest.java
@ -317,6 +317,7 @@ public class JaxrsFilterTest {
    // @Test
    public void testCxfExample() {
        String uri = "http://localhost:9000/customerservice/customers/123";
+        //String uri = "http://localhost:8080/jax_rs_basic_servlet/services/service1/customerservice/customers/123";
        Response resp = client.target(uri).request()
                .get();
        Assert.assertEquals(resp.getStatus(), 401);