Skip to content

Instantly share code, notes, and snippets.

View dasniko's full-sized avatar

Niko Köbler dasniko

490 followers · 5 following
View GitHub Profile
@dasniko
dasniko / _keycloak-cluster-config.md
Last active April 16, 2024 17:29
How to configure a keycloak cluster properly (legacy Wildfly edition)

Keycloak Cluster Configuration (How to) - Legacy Wildfly Distribution!!!

This is a short and simple example on how to build a proper Keycloak cluster, using JDBC_PING as discovery protocol and an NGINX server as reverse proxy.

As this is for legacy Keycloak version (Wildfly based, up until version 17), you can find an example for more current and uptodate versions at this gist here: https://gist.github.com/dasniko/3a57913047af3ca1b6b0a83b294dc1a1

Please see also my video about Keycloak Clustering: http://www.youtube.com/watch?v=P96VQkBBNxU

@dasniko
dasniko / _keycloak-cluster-config.md
Last active March 11, 2024 06:55
How to configure a Keycloak cluster properly (Quarkus edition)

Keycloak Cluster Configuration (How to)

This is a short and simple example on how to build a proper Keycloak cluster, using DNS_PING as discovery protocol and an NGINX server as reverse proxy.

If you prefer to use JDBC_PING, see @xgp's example gist here: https://gist.github.com/xgp/768eea11f92806b9c83f95902f7f8f80

Please see also my video about Keycloak Clustering: http://www.youtube.com/watch?v=P96VQkBBNxU
NOTE: The video covers JDBC_PING protocol and uses the legacy Keycloak Wildfly distribution!

@dasniko
dasniko / upgrade_keycloak_database_settings.md
Created May 10, 2023 05:06
Upgrade Keycloak Database #settings

Because of Arjuna timeout / closing the connection after 5 mins, setting following additional JAVA_OPTS might help:

-Dquarkus.transaction-manager.default-transaction-timeout=3600
-Dkeycloak.migration.batch-enabled=true
-Dkeycloak.migration.batch-size=1000
@dasniko
dasniko / create_x509_certs.md
Last active January 9, 2024 14:49
Creating self signed tls certificates with self-signed root CA
@dasniko
dasniko / keycloak-stuff.md
Last active September 29, 2023 09:39
Various Keycloak stuff, like URLs, etc.

Keycloak Stuff / URLs

Required Actions

Generic

http(s)://{host}/realms/{realm}/protocol/openid-connect/auth?response_type=code&client_id={clientId}&scope=openid&redirect_uri={redirectUri}&kc_action={requiredActionId}

Example

@dasniko
dasniko / keycloak-events-logging-cli.md
Last active September 6, 2023 14:35
How to log Keycloak authentication related events...

Keycloak Events Logging CLI commands

The default Keycloak jboss-logging events listener logs the SUCCESS-events on level DEBUG and all ERROR-events on level WARN. The default logging level of the root logger is INFO, so the SUCCESS-events won't occur in the log output.

To change this and to be able to read all the events in the log output, there are 2 options (choose one of them!):

  1. Change log level of the org.keycloak.events category logger:
@dasniko
dasniko / keycloak-json-logging.cli
Created January 9, 2021 14:30
Log in JSON format for Keycloak/Wildfly server.
embed-server --server-config=standalone.xml --std-out=echo
/subsystem=logging/json-formatter=JSON/:add
/subsystem=logging/console-handler=CONSOLE/:write-attribute(name=named-formatter,value=JSON)
stop-embedded-server
@dasniko
dasniko / init_kc_in_body.html
Last active September 11, 2020 05:31
<html>
<head>
<script src="keycloak.js"></script>
</head>
<body>
<!-- your usual content goes here... -->
<script>
var keycloak = new Keycloak({
url: 'http://localhost:8080/auth',
realm: 'demo',
@dasniko
dasniko / ToStringUtil.java
Created September 25, 2019 11:13
package dasniko.util;
import java.lang.reflect.Field;
import java.lang.reflect.Modifier;
/**
* @author Niko Köbler, https://www.n-k.de, @dasniko
*/
public class ToStringUtil {
@dasniko
dasniko / nashorn-polyfill.js
Last active May 28, 2018 15:40
necessary JavaScript polyfills for working with Nashorn JS-engine
var global = this;
var window = this;
var process = {env: {}};
var console = {};
console.debug = print;
console.warn = print;
console.log = print;