Wildfly Swarm: Specific configuration of the Keycloak Backend environment

+5 votes

This is a JavaEE application on wildfly that used keycloak as auth backend. This was configured in project-stages.yml:

swarm:
  deployment:
    my.app.war:
      web:
        login-config:
          auth-method: KEYCLOAK

The application will be implemented in different environments using a Gitlab-CD-Pipeline. Therefore, keycloak must be configured per environment.

For now, the only work configuration I found is adding a keycloak.json like (the same file in each environment):

{
  "realm": "helsinki",
  "bearer-only": true,
  "auth-server-url": "http://localhost:8180/auth",
  "ssl-required": "external",
  "resource": "backend" 
}

According to the Wildfly-Swarm Documentation it should be possible to configure keycloak in project-stages.yml like:

swarm:      
  keycloak:
    secure-deployments:
      my-deployment:
        realm: keycloakrealmname
        bearer-only: true
        ssl-required: external
        resource: keycloakresource
        auth-server-url: http://localhost:8180/auth

But when I deploy the application, no configuration is read:

2018-03-08 06:29:03,540 DEBUG [org.keycloak.adapters.undertow.KeycloakServletExtension] (ServerService Thread Pool -- 12) KeycloakServletException initialization
2018-03-08 06:29:03,540 DEBUG [org.keycloak.adapters.undertow.KeycloakServletExtension] (ServerService Thread Pool -- 12) using /WEB-INF/keycloak.json
2018-03-08 06:29:03,542 WARN  [org.keycloak.adapters.undertow.KeycloakServletExtension] (ServerService Thread Pool -- 12) No adapter configuration.  Keycloak is unconfigured and will deny all requests.
2018-03-08 06:29:03,545 DEBUG [org.keycloak.adapters.undertow.KeycloakServletExtension] (ServerService Thread Pool -- 12) Keycloak is using a per-deployment configuration.

In the source of the above class, it seems like the only way to get around is to provide a KeycloakConfigResolver. Does Wildfly-Swarm provide a resolver that reads the project-stages.yml?

How can I configure environment-specific auth-server-urls?

or does it have a different workaround for keycloak.json-Files. I would rather use the project-stages.yml.

Mar 27, 2018 in DevOps & Agile by ajs3033
• 7,240 points
378 views

2 answers to this question.

+1 vote
Best answer

I worked on a swarm project which configures keycloak exclusively via project-defaults.yml: https://github.com/Ladicek/swarm-test-suite/tree/master/wildfly/keycloak

The only thing I see wrong is:

swarm:      
  keycloak:
    secure-deployments:
      my-deployment:

Your my-deployment name should be the actual deployment name. Same as you have here:

swarm:
  deployment:
    my.app.war:

If this is your current config, then I'll have to make a guess.

what's your wildfly swarm version and your keycloak version?

answered Mar 27, 2018 by shubham
• 6,870 points

selected Oct 12, 2018 by Kalgi
+1 vote
My deployment name should be the actual deployment name. try changing that and running. I totally agree with @Dean's answer.

Do let us know if that has worked!
answered Oct 12, 2018 by Hannah
• 14,080 points

Related Questions In DevOps & Agile

+5 votes
2 answers

How to program and get the Digital Ocean ID of the current Droplet from within the Droplet?

You can run curl http://169.254.169.254/metadata/v1/id within the ...READ MORE

answered Mar 26, 2018 in DevOps & Agile by Atul
• 10,240 points
177 views
0 votes
1 answer
0 votes
1 answer

Get the Ip of a docker container

Here is what you need to do.  Firstly, ...READ MORE

answered Dec 10, 2018 in DevOps & Agile by Damon Salvatore
• 5,490 points
54 views
0 votes
1 answer

How to fix the misconfiguration of DNS for python app?

Based on what you have mentioned in ...READ MORE

answered Dec 12, 2018 in DevOps & Agile by Damon Salvatore
• 5,490 points
72 views
+5 votes
7 answers

Docker swarm vs kubernetes

Swarm is easy handling while kn8 is ...READ MORE

answered Aug 27, 2018 in Docker by Mahesh Ajmeria
954 views
+13 votes
2 answers
0 votes
1 answer

Upgrading a service leads to Rancher losing persistence of environment variables

when you upgrade, what it will do ...READ MORE

answered Apr 27, 2018 in DevOps & Agile by shubham
• 6,870 points
73 views
+3 votes
5 answers

main roles of DevOps

Can you please brief about the roles ...READ MORE

answered Oct 16, 2018 in DevOps & Agile by Haider
67 views