问题描述
我正在尝试在我的应用中使用 keycloak。我在 docker 上运行 keycloak 并使用 wildfly 20 作为应用程序服务器。我用这个 scrypt 来启动 keycloak。
version: '3'
services:
keycloak:
image: quay.io/keycloak/keycloak:10.0.1
container_name: keycloak
environment:
DB_vendOR: postgres
DB_ADDR: host.docker.internal
DB_USER: keycloak
DB_PASSWORD: test
KEYCLOAK_USER: admin
KEYCLOAK_PASSWORD: test
ports:
- 8079:8080
- 8443:8443
<subsystem xmlns="urn:jboss:domain:keycloak:1.1">
<secure-deployment name="pato-ejb.war">
<realm>pato</realm>
<auth-server-url>http://localhost:8079/auth</auth-server-url>
<ssl-required>external</ssl-required>
<resource>pato</resource>
<credential name="secret">password</credential>
</secure-deployment>
</subsystem>
和我的 web.xml 的安全设置
<security-constraint>
<web-resource-collection>
<web-resource-name></web-resource-name>
<description>Protects all resources</description>
<url-pattern>*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<role-name>admin</role-name>
</security-role>
<login-config>
<auth-method>KEYCLOAK</auth-method>
<realm-name>pato</realm-name>
</login-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>user/</web-resource-name>
<url-pattern>/user/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>user</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<role-name>user</role-name>
</security-role>
最后我给 jboss 添加了 keycloak jars folder with jars
当我启动 standalone.bat 时,我立即收到此错误
11:41:14,220 ERROR [org.jboss.as.controller] (Controller Boot Thread)
OPVDX001: Validation error in standalone.xml -----------------------------------
|
| 521: </subsystem>
| 522: <subsystem xmlns="urn:jboss:domain:weld:4.0"/>
| 523: <subsystem xmlns="urn:jboss:domain:keycloak:1.1">
| ^^^^ Unexpected element '{urn:jboss:domain:keycloak:1.1}subsystem'
|
| 524: <secure-deployment name="pato-ejb.war">
| 525: <realm>pato</realm>
| 526: <auth-server-url>http://localhost:8079/auth</auth-server-url>
|
| The primary underlying error message was:
| > ParseError at [row,col]:[523,9]
| > Message: Unexpected element '{urn:jboss:domain:keycloak:1.1}subsystem'
|
|-------------------------------------------------------------------------------
11:41:14,223 ERROR [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0055: Caught exception during boot: org.jboss.as.controller.persistence.ConfigurationPersistenceException: WFLYCTL0085: Failed to parse configuration
at org.jboss.as.controller@12.0.1.Final//org.jboss.as.controller.persistence.XmlConfigurationPersister.load(XmlConfigurationPersister.java:143)
at org.jboss.as.server@12.0.1.Final//org.jboss.as.server.ServerService.boot(ServerService.java:395)
at org.jboss.as.controller@12.0.1.Final//org.jboss.as.controller.AbstractControllerService$1.run(AbstractControllerService.java:416)
at java.base/java.lang.Thread.run(Thread.java:834)
11:41:14,227 FATAL [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0056: Server boot has Failed in an unrecoverable manner; exiting. See prevIoUs messages for details.
解决方法
在 Keycloak Downloads 中,您会看到“客户端适配器”部分。这是您解压到 Wildfly 目录中的 .zip 或 .tar.gz 文件。虽然您拥有所需的 .jar 文件,但您缺少所有 module.xml 文件。打开当前版本,你会看到你需要的文件。此外,还有一些安装文件会更改您的 standalone.xml 以启用 Keycloak。当前层次结构类似于:
.
├── bin
│ ├── adapter-elytron-install.cli
│ ├── adapter-elytron-install-offline.cli
│ ├── adapter-install.cli
│ └── adapter-install-offline.cli
├── docs
│ └── licenses-keycloak
│ ├── licenses.css
│ ├── licenses.html
│ ├── licenses.xml
│ ├── licenses.xsl
│ ├── org.keycloak,keycloak-adapter-core,12.0.1,Apache Software License 2.0.txt
│ ├── org.keycloak,keycloak-adapter-spi,keycloak-authz-client,keycloak-common,keycloak-core,keycloak-jboss-adapter-core,keycloak-undertow-adapter,keycloak-undertow-adapter-spi,keycloak-wildfly-adapter,keycloak-wildfly-elytron-oidc-adapter,Apache Software License 2.0.txt
│ └── org.keycloak,keycloak-wildfly-subsystem,Apache Software License 2.0.txt
└── modules
└── system
└── add-ons
└── keycloak
└── org
└── keycloak
├── keycloak-adapter-core
│ └── main
│ ├── keycloak-adapter-core-12.0.1.jar
│ └── module.xml
├── keycloak-adapter-spi
│ └── main
│ ├── keycloak-adapter-spi-12.0.1.jar
│ ├── keycloak-undertow-adapter-spi-12.0.1.jar
│ └── module.xml
├── keycloak-adapter-subsystem
│ └── main
│ └── module.xml
├── keycloak-authz-client
│ └── main
│ ├── keycloak-authz-client-12.0.1.jar
│ └── module.xml
├── keycloak-common
│ └── main
│ ├── keycloak-common-12.0.1.jar
│ └── module.xml
├── keycloak-core
│ └── main
│ ├── keycloak-core-12.0.1.jar
│ └── module.xml
├── keycloak-jboss-adapter-core
│ └── main
│ ├── keycloak-jboss-adapter-core-12.0.1.jar
│ └── module.xml
├── keycloak-undertow-adapter
│ └── main
│ ├── keycloak-undertow-adapter-12.0.1.jar
│ └── module.xml
├── keycloak-wildfly-adapter
│ └── main
│ ├── keycloak-wildfly-adapter-12.0.1.jar
│ └── module.xml
├── keycloak-wildfly-elytron-oidc-adapter
│ └── main
│ ├── keycloak-wildfly-elytron-oidc-adapter-12.0.1.jar
│ └── module.xml
└── keycloak-wildfly-subsystem
└── main
├── keycloak-wildfly-subsystem-12.0.1.jar
└── module.xml
我鼓励您在 Docker 之外的本地环境中安装 Keycloak,以了解这一切是如何组合在一起的。 These steps 会引导您完成整个过程,但基本上您将文件解压缩到 Wildfly 主目录并在 bin 目录中运行相应的脚本。