47e751687a
"script" authenticators are called "scripts" when editing the profile.properties and looking at server info. They are not enabled by default. (at least not in 4.8.3.Final. I haven't had a chance to test today's release of 5.0.0)
111 lines
2.1 KiB
Text
111 lines
2.1 KiB
Text
[[profiles]]
|
|
|
|
== Profiles
|
|
|
|
There are features in {project_name} that are not enabled by default, these include features that are not fully
|
|
supported. In addition there are some features that are enabled by default, but that can be disabled.
|
|
|
|
The features that can be enabled and disabled are:
|
|
|
|
[cols="4*", options="header"]
|
|
|===
|
|
|Name
|
|
|Description
|
|
|Enabled by default
|
|
|Support level
|
|
|
|
ifeval::[{project_community}==true]
|
|
|account2
|
|
|New Account Management Console
|
|
|No
|
|
|Experimental
|
|
endif::[]
|
|
|
|
|account_api
|
|
|Account Management REST API
|
|
|No
|
|
|Preview
|
|
|
|
|admin_fine_grained_authz
|
|
|Fine-Grained Admin Permissions
|
|
|No
|
|
|Preview
|
|
|
|
|authz_drools_policy
|
|
|Drools Policy for Authorization Services
|
|
|No
|
|
|Preview
|
|
|
|
|docker
|
|
|Docker Registry protocol
|
|
|No
|
|
|Supported
|
|
|
|
|impersonation
|
|
|Ability for admins to impersonate users
|
|
|Yes
|
|
|Supported
|
|
|
|
|openshift_integration
|
|
|Extension to enable securing OpenShift
|
|
|No
|
|
|Preview
|
|
|
|
|scripts
|
|
|Write custom authenticators using JavaScript
|
|
|No
|
|
|Preview
|
|
|
|
|token_exchange
|
|
|Token Exchange Service
|
|
|No
|
|
|Preview
|
|
|===
|
|
|
|
To enable all preview features start the server with:
|
|
|
|
[source]
|
|
----
|
|
bin/standalone.sh|bat -Dkeycloak.profile=preview
|
|
----
|
|
|
|
You can set this permanently by creating the file `standalone/configuration/profile.properties`
|
|
(or `domain/servers/server-one/configuration/profile.properties` for `server-one` in domain mode). Add the following to
|
|
the file:
|
|
|
|
[source]
|
|
----
|
|
profile=preview
|
|
----
|
|
|
|
To enable a specific feature start the server with:
|
|
|
|
[source]
|
|
----
|
|
bin/standalone.sh|bat -Dkeycloak.profile.feature.<feature name>=enabled
|
|
----
|
|
|
|
For example to enable Docker use `-Dkeycloak.profile.feature.docker=enabled`.
|
|
|
|
You can set this permanently in the `profile.properties` file by adding:
|
|
|
|
[source]
|
|
----
|
|
feature.docker=enabled
|
|
----
|
|
|
|
To disable a specific feature start the server with:
|
|
|
|
[source]
|
|
----
|
|
bin/standalone.sh|bat -Dkeycloak.profile.feature.<feature name>=disabled
|
|
----
|
|
|
|
For example to disable Impersonation use `-Dkeycloak.profile.feature.impersonation=disabled`.
|
|
|
|
You can set this permanently in the `profile.properties` file by adding:
|
|
|
|
[source]
|
|
----
|
|
feature.impersonation=disabled
|
|
----
|