http(s)://{host}/realms/{realm}/protocol/openid-connect/auth?response_type=code&client_id={clientId}&scope=openid&redirect_uri={redirectUri}&kc_action={requiredActionId}
Niko Köbler dasniko
dasniko
/ keycloak-stuff.md
Last active
November 8, 2024 11:47
Various Keycloak stuff, like URLs, etc.
dasniko
/ upgrade_keycloak_database_settings.md
Created
May 10, 2023 05:06
Upgrade Keycloak Database #settings
Because of Arjuna timeout / closing the connection after 5 mins, setting following additional JAVA_OPTS might help:
-Dquarkus.transaction-manager.default-transaction-timeout=3600
-Dkeycloak.migration.batch-enabled=true
-Dkeycloak.migration.batch-size=1000
dasniko
/ _keycloak-cluster-config.md
Last active
October 31, 2024 10:48
How to configure a Keycloak cluster properly (Quarkus edition)
This is a short and simple example on how to build a proper Keycloak cluster, using DNS_PING as discovery protocol and an NGINX server as reverse proxy.
If you prefer to use JDBC_PING, see @xgp's example gist here: https://gist.github.com/xgp/768eea11f92806b9c83f95902f7f8f80
Please see also my video about Keycloak Clustering: http://www.youtube.com/watch?v=P96VQkBBNxU
NOTE: The video covers JDBC_PING protocol and uses the legacy Keycloak Wildfly distribution!
dasniko
/ create_x509_certs.md
Last active
August 29, 2024 13:38
Creating self signed tls certificates with self-signed root CA
(Steps taken from: https://www.baeldung.com/x-509-authentication-in-spring-security)
All passwords: changeit
openssl req -x509 -sha256 -days 3650 -newkey rsa:4096 -keyout rootCA.key -out rootCA.crt
dasniko
/ _keycloak-cluster-config.md
Last active
June 6, 2024 06:20
How to configure a keycloak cluster properly (legacy Wildfly edition)
This is a short and simple example on how to build a proper Keycloak cluster, using JDBC_PING as discovery protocol and an NGINX server as reverse proxy.
As this is for legacy Keycloak version (Wildfly based, up until version 17), you can find an example for more current and uptodate versions at this gist here: https://gist.github.com/dasniko/3a57913047af3ca1b6b0a83b294dc1a1
Please see also my video about Keycloak Clustering: http://www.youtube.com/watch?v=P96VQkBBNxU
dasniko
/ keycloak-json-logging.cli
Created
January 9, 2021 14:30
Log in JSON format for Keycloak/Wildfly server.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| embed-server --server-config=standalone.xml --std-out=echo | |
| /subsystem=logging/json-formatter=JSON/:add | |
| /subsystem=logging/console-handler=CONSOLE/:write-attribute(name=named-formatter,value=JSON) | |
| stop-embedded-server |
dasniko
/ keycloak-events-logging-cli.md
Last active
September 6, 2023 14:35
How to log Keycloak authentication related events...
The default Keycloak jboss-logging events listener logs the SUCCESS-events on level DEBUG and all ERROR-events on level WARN.
The default logging level of the root logger is INFO, so the SUCCESS-events won't occur in the log output.
To change this and to be able to read all the events in the log output, there are 2 options (choose one of them!):
- Change log level of the
org.keycloak.eventscategory logger:
dasniko
/ init_kc_in_body.html
Last active
September 11, 2020 05:31
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <head> | |
| <script src="keycloak.js"></script> | |
| </head> | |
| <body> | |
| <!-- your usual content goes here... --> | |
| <script> | |
| var keycloak = new Keycloak({ | |
| url: 'http://localhost:8080/auth', | |
| realm: 'demo', |
dasniko
/ ToStringUtil.java
Created
September 25, 2019 11:13
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package dasniko.util; | |
| import java.lang.reflect.Field; | |
| import java.lang.reflect.Modifier; | |
| /** | |
| * @author Niko Köbler, https://www.n-k.de, @dasniko | |
| */ | |
| public class ToStringUtil { |
I hereby claim:
- I am dasniko on github.
- I am dasniko (https://keybase.io/dasniko) on keybase.
- I have a public key ASAIPZokcnTYoxb9pRpue-YRXawuvDpwpX7mc_Qp_6gLuQo
To claim this, I am signing this object:
NewerOlder