Uploaded image for project: 'WINDUP - Red Hat Application Migration Toolkit'
  1. WINDUP - Red Hat Application Migration Toolkit
  2. WINDUP-3417

Web UI - Keycloak configuration - keycloak-overlay removal

    XMLWordPrintable

Details

    • Epic
    • Resolution: Unresolved
    • Major
    • None
    • None
    • MTR Web UI
    • None
    • Web UI - Keycloak configuration - keycloak-overlay removal
    • False
    • None
    • False
    • To Do
    • Hide
      * *Why we missed the bug?*
       ** Pick to proper answer from drop-down field upper.
       +_Additional comments:_+


       * *What is required:*
       ** Pick to proper answer from drop-down field upper.
       +_Additional comments:_+
      Show
      * *Why we missed the bug?*  ** Pick to proper answer from drop-down field upper.  +_Additional comments:_+  * *What is required:*  ** Pick to proper answer from drop-down field upper.  +_Additional comments:_+
    • 0
    • 0% 0%
    • ---
    • ---
    • AMM Sprint 221, AMM Sprint 223, AMM Sprint 222, AMM Sprint 224, AMM Sprint 225, AMM Sprint 228, AMM Sprint 226, AMM Sprint 227, AMM Sprint 229, AMM Sprint 230, AMM Sprint 232, AMM Sprint 231, AMM Sprint 233, AMM Sprint 234, AMM Sprint 235, AMM Sprint 236, AMM Sprint 237, AMM Sprint 238, AMM Sprint 239, AMM Sprint 240, AMM Sprint 241, AMM Sprint 242, AMM Sprint 244, AMM Sprint 246, AMM Sprint 247, AMM Sprint 249, Sprint MTR-1.2.6

    Description

      The MTA Web distribution relies upon the keycloak overlay component as a vehicle for creating a distribution that can run on a single server instance.

      https://www.keycloak.org/docs/latest/server_installation/#installing-the-keycloak-server

      The keycloak documentation does NOT reflect the fact that the keycloak-overlay has been removed.

      If we were to continue to use 15.1.1 of Keycloak then we would have to continue to use the associated version of Wildfly.

      For security reasons we must be able to publish the Web UI with the latest version of the required dependencies. So each release of WINDUP upstream should adopt the latest version of Wildfly and downstream the latest GA version of EAP.

      So an existing constraint is that we must use the version of Wildfly upstream that is closest to (and compatible with) the version EAP downstream.

      We have to decide whether we want to continue to conform to this convention, or perhaps consider using Wildfly downstream too or continue to use EAP downstream with backports (i.e. managing different branches based upon which Application Server is used).

      So we need alternative deployment model.

      We could have a default distribution of the Web UI that has authentication switched off. Effectively an anonymous user interaction.

      Then provide a script that allows authentication to be enabled, perhaps spinning up an instance of Keycloak in a container or as a standalone process.

      Attachments

        Activity

          People

            Unassigned Unassigned
            pcattana Philip Cattanach
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated: