pedro-hos

~~~
curl --location 'http://localhost:8080/realms/dashbuilder/protocol/openid-connect/token' \
--header 'content-type: application/x-www-form-urlencoded' \
--data-urlencode 'username=pesilva' \
--data-urlencode 'password=q1w2e3r4!' \
--data-urlencode 'grant_type=password' \
--data-urlencode 'client_id=admin-cli'
~~~

---

pedro-hos

1. Getting Token

```
curl --location 'https://dashbuilder-sso-rhn-support-pesilva-dev.apps.sandbox-m2.ll9k.p1.openshiftapps.com/auth/realms/master/protocol/openid-connect/token' \
--header 'content-type: application/x-www-form-urlencoded' \
--header 'Cookie: 70631fcbb1a8832ba7d5833205d84965=1140aed367e8abe28bedc5c147300344' \
--data-urlencode 'username={CHANGE}' \
--data-urlencode 'password={CHANGE}' \
--data-urlencode 'grant_type=password' \
--data-urlencode 'client_id=admin-cli'

pedro-hos

[
    {
        "time": 1676905112483,
        "type": "LOGIN",
        "realmId": "911c23cc-32e0-47c3-9127-ba20a9a32560",
        "clientId": "admin-cli",
        "userId": "c1a3c6f2-26df-4da3-adf6-c2514e1237b0",
        "sessionId": "7c43ddbb-8669-4581-aa33-f098cb60b31c",
        "ipAddress": "127.0.0.1",
        "details": {

pedro-hos

This project should be an extra layer for the "quarkus-file-vault" and encrypt the keystore secret and mask it. As output, you'd see all the parameters necessary for the "quarkus-file-vault".

Build the Quarkus File Vault

1. Fork and Clone the https://github.com/pedro-hos/quarkus-file-vault/tree/encrypt-secret with the changes. The changes are on encrypt-secret branch

1.1 Clone the project from my git profile:

git clone https://github.com/pedro-hos/quarkus-file-vault.git

pedro-hos

import javax.enterprise.context.ApplicationScoped;
import javax.enterprise.inject.Instance;
import javax.enterprise.inject.se.SeContainer;
import javax.enterprise.inject.se.SeContainerInitializer;

@ApplicationScoped
public class CDIApplication {
	
	public static void main(String[] args) {
		SeContainerInitializer newInstance = SeContainerInitializer.newInstance();

pedro-hos

Common OpenSSL Commands with Keys and Certificates

SSL Info

Generate RSA private key with certificate in a single command

openssl req -x509 -newkey rsa:4096 -sha256 -keyout example.key -out example.crt -subj "/CN=example.com" -days 3650 -passout pass:foobar

Generate Certificate Signing Request (CSR) from private key with passphrase

openssl x509 -x509toreq -in example.crt -out example.csr -signkey example.key -passin pass:foobar

pedro-hos

Rh-SSO with EAP7 Cluster setup guide.

This installation and configuration guide is intended to use as the main concept of integrating RedHat SSO with mod_cluster only. The guide doesn’t cover full brown cluster setup. For more advanced cluster setup, please refer here.

Requirement

• Red Hat JBoss Core Services Apache HTTP Server 2.4.23 for RHEL 7 x86_64
• EAP 7
• BPMS
• RH-SSO

pedro-hos

import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import java.io.*;

/** Establish a SSL connection to a host and port, writes a byte and
 * prints the response. See
 * http://confluence.atlassian.com/display/JIRA/Connecting+to+SSL+services
 */
public class SSLPoke {
    public static void main(String[] args) {

pedro-hos

# Script for increasing deployment-related timeouts on WildFly to 15 minutes.
# Run with: $WILDFLY_HOME/bin/jboss-cli.sh --connect --file=deployment-timeout.cli

batch
/system-property=jboss.as.management.blocking.timeout:add(value=900)
/subsystem=deployment-scanner/scanner=default:write-attribute(name=deployment-timeout,value=900)
run-batch

pedro-hos

$ sudo firewall-cmd --zone=public --add-port=80/tcp --permanent
$ sudo firewall-cmd --reload 
$ firewall-cmd --list-all