libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions
keycloak-scim/testsuite/integration-arquillian/servers/auth-server
History
Torsten Juergeleit 6005503a3d Namespace support to group-ldap-mapper 
Previously, Keycloak did only support syncing groups from LDAP federation provider as top-level KC groups.

This approach has some limitations:
- If using multiple group mappers then there’s no way to isolate the KC groups synched by each group mapper.
- If the option "Drop non-existing groups during sync” is activated then all KC groups (including the manually created ones) are deleted.
- There’s no way to inherit roles from a parent KC group.

This patch introduces support to specify a prefix for the resulting group path, which effectively serves as a namespace for a group.

A path prefix can be specified via the newly introduced `Groups Path` config option on the mapper. This groups path defaults to `/` for top-level groups.

This also enables to have multiple `group-ldap-mapper`'s which can manage groups within their own namespace.

An `group-ldap-mapper` with a `Group Path` configured as `/Applications/App1` will only manage groups under that path. Other groups, either manually created or managed by other `group-ldap-mapper` are not affected.
2020-05-26 17:37:29 +02:00
..
jboss Set version to 11.0.0-SNAPSHOT 2020-04-29 12:57:55 +02:00
quarkus Set version to 11.0.0-SNAPSHOT 2020-04-29 12:57:55 +02:00
services Namespace support to group-ldap-mapper 2020-05-26 17:37:29 +02:00
undertow [KEYCLOAK-11719] - Remove need for servlets/undertow from Quarkus dist 2020-05-13 09:28:58 +02:00
pom.xml Set version to 11.0.0-SNAPSHOT 2020-04-29 12:57:55 +02:00
README.md KEYCLOAK-10337 Default value for product.unpacked.folder.name 2019-05-21 09:52:24 -03:00

README.md

Keycloak Arquillian Integration TestSuite - Test Servers - Auth Server

Auth Server - JBoss

Common configurations of Keycloak server on JBoss-based container (Wildfly/EAP).

Submodules

wildfly Wildfly latest

  • Builds keycloak server on top of latest Wildfly.
  • Activated by -Pauth-server-wildfly

eap EAP 7

  • Builds keycloak server on top of latest EAP.
  • Activated by -Pauth-server-eap
  • Requires access to product repo.
  • Requires additional properties:
    • product.version
    • product.unpacked.folder.name (optional; the default value is based on the POM versions)
    • product to activate the product profile; NOT required if product.unpacked.folder.name is specified

Server dist vs overlay

By default keycloak-server-dist artifact is used for the build. By setting -Dserver-overlay=true you can switch to server overlay instead. See profile server-overlay.

JPA

Configures Keycloak JDBC datasource in standalone.xml. See profile jpa.

Cluster

Configures in standalone-ha.xml:

  • h2 datasource over TCP (if not executed together with jpa)
  • parameters of Keycloak Infinispan caches

See profile auth-server-cluster.

Auth Server - Undertow

Arquillian extension for running Keycloak server in embedded Undertow.