Let's discuss on how to install keycloak server and configure it in wildfly server.
Downloads
Download
keycloak-1.6.0.Final.tar.gz from the
belowurl
Download
keycloak-wf9-adapter-dist-1.6.0.Final.tar.gz
from the following url
Installation of Keycloak on the server
·
Extract
the file keycloak-1.6.0.Final.tar.gz into the
server path.
·
Modify
the port numbers in Keycloak server(if the server is running in the same box as
that of wildfly server)
·
Change
the port numbers in the file standalone.xml present in
/usr/local/keycloak-1.6.0.Final/standalone/configuration
The
below screenshot contains the socket binding port numbers present in the
default standalone.xml
The
below screenshot contains the socket binding port number after modification
Mysql Database Creation and configuration
in Keycloak server
·
Create
a database named “keycloak” in the mysql database server.
·
Create
a recursive folders mysql/main inside
/usr/local/keycloak-1.6.0.Final/modules/system/layers/base/com/mysql/main
path
·
Create
a module.xml file
·
Place
the file mysql-connector-java-5.1.18-bin.jar inside this folder/usr/local/keycloak-1.6.0.Final/modules/system/layers/base/com/mysql/main
·
Modify
jboss-cli.sh with the port number updated in standalone.xml file
Set
JAVA_HOME path:/opt/jdk1.8.0_60
Starting Keycloak server
Locate
the folder /usr/local/keycloak-1.6.0.Final/bin
– execute the shell script standalone.sh
./standalone.sh
Adding database driver and datasource to
Keycloak server
·
Execute
the file jboss-cli.sh present inside the folder /usr/local/keycloak-1.6.0.Final/bin.
·
Execute
the commands given in the below screenshot. This command will create mysql
driver and datasource in Keycloak server. (changes will appear in
standalone.xml file)
Modify keycloak-server.json
·
modifyKeycloak-server.json
file present inside configuration folder/usr/local/keycloak-1.6.0.Final/standalone/configuration.
·
connectionsJpafield
should be updated with the new datasource created
Enabling
SSL/HTTPS connection in Keycloak
·
Place
the ssl certificate in the path /usr/local/keycloak-1.6.0.Final/standalone/configuration
·
Edit
standalone/configuration/standalone.xml to enable SSL/HTTPS.
·
To
the security-realms element add the below security-realm element:
·
Add
the below element to <server name="default-server"> (it's a child
element of <subsystem xmlns="urn:jboss:domain:undertow:2.0">):
Now we can access the admin console of Keycloak server
http://<host_name>:<port_number>/auth/
for example : http://127.0.0.1:8081/auth/
Configuration changes to be done in
wildfly server
Extract the adapter file into WILDFLY_HOME directory. Bin
and modules folder will get updated with adapter files.
Add extension for Keycloak in standalone.xml of wildfly
server under <extensions> element
Add security domain under <subsystem> –
<security-domains>
Add subsystem Keycloak under <profile> tag
Troubleshooting
Problem
When invoking the admin console of Keycloak server for the
first time, we get exception saying
WE'RE SORRY ...
HTTPS required
Solution
Enable HTTPS/SSL connection in Keycloak server(The same will
be handled in the next posts)
No comments:
Post a Comment