Wildfly 11 management integration with KeyCloak over new Elytron subsystem

Question

I would like to integrate security for WildFly 11 management interfaces (management console, web console) with KeyCloak over the new Elytron subsystem.

I've been looking the latest documentation for Wildfly 11 and there is chapter Using KeyCloak with WildFly Elytron but is unfortunately empty.

I will be really appreciated if someone could give me some advice how to do that.

Answer 1

The documentation was updated with more information on how to use Keycloak to protect Wildfly Administration Console and Management API.

Take a look here https://docs.jboss.org/author/display/WFLY/Protecting+Wildfly+Adminstration+Console+With+Keycloak.

Answer 2

Keycloak documentation for version 3.4 is very detailed http://www.keycloak.org/docs/latest/securing_apps/index.html#_jboss_adapter - you have to install the adapter for your Elytron subsystem on Wildfly 11 (beware: the CLI is different from the Wildfly 10 version! )

Answer 3

Looks like some missed QAing it... Anyways .. i think this can be your starting points.

https://github.com/ssilvert/wildfly/blob/kcauth/keycloak/KeycloakSetup.txt

More details and concepts can be found in this email thread , http://lists.jboss.org/pipermail/wildfly-dev/2014-June/002230.html . Sorry these are not complete answers but can be a good starting point to your solution.