dasniko

Keycloak Cluster Configuration (How to)

This is a short and simple example on how to build a proper Keycloak cluster, using DNS_PING as discovery protocol and an NGINX server as reverse proxy.

To get it working properly, just enable Docker Swarm mode with docker swarm init and just run it as it were a regular Docker Compose deployment. So, just docker compose up is enough, don't deploy a swarm stack! (This would cause trouble and extra complexity with networking)
Afterwards, you can disable Swarm again with docker swarm leave -f, if needed.

---

dasniko

Create X.509 certificates

(Steps taken from: https://www.baeldung.com/x-509-authentication-in-spring-security)

All passwords: changeit

RootCA

openssl req -x509 -sha256 -days 3650 -newkey rsa:4096 -keyout rootCA.key -out rootCA.crt

dasniko

Keycloak Cluster Configuration (How to) - Legacy Wildfly Distribution!!!

This is a short and simple example on how to build a proper Keycloak cluster, using JDBC_PING as discovery protocol and an NGINX server as reverse proxy.

Please see also my video about Keycloak Clustering: http://www.youtube.com/watch?v=P96VQkBBNxU

dasniko

embed-server --server-config=standalone.xml --std-out=echo

/subsystem=logging/json-formatter=JSON/:add
/subsystem=logging/console-handler=CONSOLE/:write-attribute(name=named-formatter,value=JSON)

stop-embedded-server

dasniko

Keycloak Events Logging CLI commands

The default Keycloak jboss-logging events listener logs the SUCCESS-events on level DEBUG and all ERROR-events on level WARN. The default logging level of the root logger is INFO, so the SUCCESS-events won't occur in the log output.

To change this and to be able to read all the events in the log output, there are 2 options (choose one of them!):

1. Change log level of the org.keycloak.events category logger:

dasniko

<html>
<head>
    <script src="keycloak.js"></script>
</head>
<body>
  <!-- your usual content goes here... -->
  <script>
      var keycloak = new Keycloak({
          url: 'http://localhost:8080/auth',
          realm: 'demo',

dasniko

package dasniko.util;

import java.lang.reflect.Field;
import java.lang.reflect.Modifier;

/**
 * @author Niko Köbler, https://www.n-k.de, @dasniko
 */
public class ToStringUtil {

dasniko

Keybase proof

I hereby claim:

• I am dasniko on github.
• I am dasniko (https://keybase.io/dasniko) on keybase.
• I have a public key ASAIPZokcnTYoxb9pRpue-YRXawuvDpwpX7mc_Qp_6gLuQo

To claim this, I am signing this object:

dasniko

My favourite JavaScript tools

This list is subject to change at any time, just as tools an my personal view changes.
Additionally, these are just my the ones I prefer, does not mean that I don't know nor like others!

Programming Languages

• JavaScript in ECMAScript 2015 (ES6) or higher
  • ES5 only if really needed, as you always can use Babel
• TypeScript

dasniko

var global = this;
var window = this;
var process = {env: {}};

var console = {};
console.debug = print;
console.warn = print;
console.log = print;