From 119fb2fea2a4765b9234a871d0901b3f120885d4 Mon Sep 17 00:00:00 2001
From: Kristian Klausen <kristian@klausen.dk>
Date: Sun, 6 Jun 2021 16:20:13 +0200
Subject: [PATCH] keycloak: Reorder standalone.xml to match upstream's version
This make it much easier to compare it to upstream's version:
diff -u standalone.xml.j2 /opt/keycloak/standalone/configuration/standalone.xml
---
roles/keycloak/templates/standalone.xml.j2 | 480 ++++++++++-----------
1 file changed, 239 insertions(+), 241 deletions(-)
diff --git a/roles/keycloak/templates/standalone.xml.j2 b/roles/keycloak/templates/standalone.xml.j2
index f00586b3d..f240ae5f5 100644
--- a/roles/keycloak/templates/standalone.xml.j2
+++ b/roles/keycloak/templates/standalone.xml.j2
@@ -84,69 +84,8 @@
</access-control>
</management>
<profile>
- <subsystem xmlns="urn:jboss:domain:logging:8.0">
- <console-handler name="CONSOLE">
- <level name="INFO"/>
- <formatter>
- <named-formatter name="COLOR-PATTERN"/>
- </formatter>
- </console-handler>
- <periodic-rotating-file-handler name="FILE" autoflush="true">
- <formatter>
- <named-formatter name="PATTERN"/>
- </formatter>
- <file relative-to="jboss.server.log.dir" path="server.log"/>
- <suffix value=".yyyy-MM-dd"/>
- <append value="true"/>
- </periodic-rotating-file-handler>
- <logger category="com.arjuna">
- <level name="WARN"/>
- </logger>
- <logger category="io.jaegertracing.Configuration">
- <level name="WARN"/>
- </logger>
- <logger category="org.jboss.as.config">
- <level name="DEBUG"/>
- </logger>
- <logger category="sun.rmi">
- <level name="WARN"/>
- </logger>
- <root-logger>
- <level name="INFO"/>
- <handlers>
- <handler name="CONSOLE"/>
- <handler name="FILE"/>
- </handlers>
- </root-logger>
- <formatter name="PATTERN">
- <pattern-formatter pattern="%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n"/>
- </formatter>
- <formatter name="COLOR-PATTERN">
- <pattern-formatter pattern="%K{level}%d{HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n"/>
- </formatter>
- </subsystem>
<subsystem xmlns="urn:jboss:domain:bean-validation:1.0"/>
<subsystem xmlns="urn:jboss:domain:core-management:1.0"/>
- <subsystem xmlns="urn:jboss:domain:datasources:6.0">
- <datasources>
- <datasource jndi-name="java:jboss/datasources/KeycloakDS" pool-name="KeycloakDS" enabled="true" use-java-context="true" statistics-enabled="${wildfly.datasources.statistics-enabled:${wildfly.statistics-enabled:false}}">
- <connection-url>jdbc:postgresql://localhost:5432/keycloak</connection-url>
- <driver>postgresql</driver>
- <security>
- <user-name>keycloak</user-name>
- <password>keycloak</password>
- </security>
- </datasource>
- <drivers>
- <driver name="postgresql" module="org.postgresql">
- <xa-datasource-class>org.postgresql.xa.PGXADataSource</xa-datasource-class>
- </driver>
- <driver name="h2" module="com.h2database.h2">
- <xa-datasource-class>org.h2.jdbcx.JdbcDataSource</xa-datasource-class>
- </driver>
- </drivers>
- </datasources>
- </subsystem>
<subsystem xmlns="urn:jboss:domain:deployment-scanner:2.0">
<deployment-scanner path="deployments" relative-to="jboss.server.base.dir" scan-interval="5000" runtime-failure-causes-rollback="${jboss.deployment.scanner.rollback.on.failure:false}"/>
</subsystem>
@@ -195,7 +134,7 @@
<file-data-store name="default-file-store" path="timer-service-data" relative-to="jboss.server.data.dir"/>
</data-stores>
</timer-service>
- <remote connectors="http-remoting-connector" thread-pool-name="default">
+ <remote cluster="ejb" connectors="http-remoting-connector" thread-pool-name="default">
<channel-creation-options>
<option name="MAX_OUTBOUND_MESSAGES" value="1234" type="remoting"/>
</channel-creation-options>
@@ -211,124 +150,39 @@
<statistics enabled="${wildfly.ejb3.statistics-enabled:${wildfly.statistics-enabled:false}}"/>
<log-system-exceptions value="true"/>
</subsystem>
- <subsystem xmlns="urn:wildfly:elytron:13.0" final-providers="combined-providers" disallowed-providers="OracleUcrypto">
- <providers>
- <aggregate-providers name="combined-providers">
- <providers name="elytron"/>
- <providers name="openssl"/>
- </aggregate-providers>
- <provider-loader name="elytron" module="org.wildfly.security.elytron"/>
- <provider-loader name="openssl" module="org.wildfly.openssl"/>
- </providers>
- <audit-logging>
- <file-audit-log name="local-audit" path="audit.log" relative-to="jboss.server.log.dir" format="JSON"/>
- </audit-logging>
- <security-domains>
- <security-domain name="ApplicationDomain" default-realm="ApplicationRealm" permission-mapper="default-permission-mapper">
- <realm name="ApplicationRealm" role-decoder="groups-to-roles"/>
- <realm name="local"/>
- </security-domain>
- <security-domain name="ManagementDomain" default-realm="ManagementRealm" permission-mapper="default-permission-mapper">
- <realm name="ManagementRealm" role-decoder="groups-to-roles"/>
- <realm name="local" role-mapper="super-user-mapper"/>
- </security-domain>
- </security-domains>
- <security-realms>
- <identity-realm name="local" identity="$local"/>
- <properties-realm name="ApplicationRealm">
- <users-properties path="application-users.properties" relative-to="jboss.server.config.dir" digest-realm-name="ApplicationRealm"/>
- <groups-properties path="application-roles.properties" relative-to="jboss.server.config.dir"/>
- </properties-realm>
- <properties-realm name="ManagementRealm">
- <users-properties path="mgmt-users.properties" relative-to="jboss.server.config.dir" digest-realm-name="ManagementRealm"/>
- <groups-properties path="mgmt-groups.properties" relative-to="jboss.server.config.dir"/>
- </properties-realm>
- </security-realms>
- <mappers>
- <simple-permission-mapper name="default-permission-mapper" mapping-mode="first">
- <permission-mapping>
- <principal name="anonymous"/>
- <permission-set name="default-permissions"/>
- </permission-mapping>
- <permission-mapping match-all="true">
- <permission-set name="login-permission"/>
- <permission-set name="default-permissions"/>
- </permission-mapping>
- </simple-permission-mapper>
- <constant-realm-mapper name="local" realm-name="local"/>
- <simple-role-decoder name="groups-to-roles" attribute="groups"/>
- <constant-role-mapper name="super-user-mapper">
- <role name="SuperUser"/>
- </constant-role-mapper>
- </mappers>
- <permission-sets>
- <permission-set name="login-permission">
- <permission class-name="org.wildfly.security.auth.permission.LoginPermission"/>
- </permission-set>
- <permission-set name="default-permissions">
- <permission class-name="org.wildfly.extension.batch.jberet.deployment.BatchPermission" module="org.wildfly.extension.batch.jberet" target-name="*"/>
- <permission class-name="org.wildfly.transaction.client.RemoteTransactionPermission" module="org.wildfly.transaction.client"/>
- <permission class-name="org.jboss.ejb.client.RemoteEJBPermission" module="org.jboss.ejb-client"/>
- </permission-set>
- </permission-sets>
- <http>
- <http-authentication-factory name="management-http-authentication" security-domain="ManagementDomain" http-server-mechanism-factory="global">
- <mechanism-configuration>
- <mechanism mechanism-name="DIGEST">
- <mechanism-realm realm-name="ManagementRealm"/>
- </mechanism>
- </mechanism-configuration>
- </http-authentication-factory>
- <provider-http-server-mechanism-factory name="global"/>
- </http>
- <sasl>
- <sasl-authentication-factory name="application-sasl-authentication" sasl-server-factory="configured" security-domain="ApplicationDomain">
- <mechanism-configuration>
- <mechanism mechanism-name="JBOSS-LOCAL-USER" realm-mapper="local"/>
- <mechanism mechanism-name="DIGEST-MD5">
- <mechanism-realm realm-name="ApplicationRealm"/>
- </mechanism>
- </mechanism-configuration>
- </sasl-authentication-factory>
- <sasl-authentication-factory name="management-sasl-authentication" sasl-server-factory="configured" security-domain="ManagementDomain">
- <mechanism-configuration>
- <mechanism mechanism-name="JBOSS-LOCAL-USER" realm-mapper="local"/>
- <mechanism mechanism-name="DIGEST-MD5">
- <mechanism-realm realm-name="ManagementRealm"/>
- </mechanism>
- </mechanism-configuration>
- </sasl-authentication-factory>
- <configurable-sasl-server-factory name="configured" sasl-server-factory="elytron">
- <properties>
- <property name="wildfly.sasl.local-user.default-user" value="$local"/>
- </properties>
- </configurable-sasl-server-factory>
- <mechanism-provider-filtering-sasl-server-factory name="elytron" sasl-server-factory="global">
- <filters>
- <filter provider-name="WildFlyElytron"/>
- </filters>
- </mechanism-provider-filtering-sasl-server-factory>
- <provider-sasl-server-factory name="global"/>
- </sasl>
- <tls>
- <key-stores>
- <key-store name="applicationKS">
- <credential-reference clear-text="password"/>
- <implementation type="JKS"/>
- <file path="application.keystore" relative-to="jboss.server.config.dir"/>
- </key-store>
- </key-stores>
- <key-managers>
- <key-manager name="applicationKM" key-store="applicationKS" generate-self-signed-certificate-host="localhost">
- <credential-reference clear-text="password"/>
- </key-manager>
- </key-managers>
- <server-ssl-contexts>
- <server-ssl-context name="applicationSSC" key-manager="applicationKM"/>
- </server-ssl-contexts>
- </tls>
- </subsystem>
<subsystem xmlns="urn:wildfly:health:1.0" security-enabled="false"/>
+ <subsystem xmlns="urn:jboss:domain:io:3.0">
+ <worker name="default"/>
+ <buffer-pool name="default"/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:jaxrs:2.0"/>
+ <subsystem xmlns="urn:jboss:domain:jca:5.0">
+ <archive-validation enabled="true" fail-on-error="true" fail-on-warn="false"/>
+ <bean-validation enabled="true"/>
+ <default-workmanager>
+ <short-running-threads>
+ <core-threads count="50"/>
+ <queue-length count="50"/>
+ <max-threads count="50"/>
+ <keepalive-time time="10" unit="seconds"/>
+ </short-running-threads>
+ <long-running-threads>
+ <core-threads count="50"/>
+ <queue-length count="50"/>
+ <max-threads count="50"/>
+ <keepalive-time time="10" unit="seconds"/>
+ </long-running-threads>
+ </default-workmanager>
+ <cached-connection-manager/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:jmx:1.3">
+ <expose-resolved-model/>
+ <expose-expression-model/>
+ <remoting-connector/>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:jpa:1.1">
+ <jpa default-extended-persistence-inheritance="DEEP"/>
+ </subsystem>
<subsystem xmlns="urn:jboss:domain:infinispan:12.0">
<cache-container name="keycloak" modules="org.keycloak.keycloak-model-infinispan">
<local-cache name="realms">
@@ -353,7 +207,7 @@
</local-cache>
<local-cache name="actionTokens">
<heap-memory size="-1"/>
- <expiration interval="300000" max-idle="-1"/>
+ <expiration max-idle="-1" interval="300000"/>
</local-cache>
</cache-container>
<cache-container name="server" default-cache="default" modules="org.wildfly.clustering.server">
@@ -373,7 +227,7 @@
</local-cache>
<local-cache name="routing"/>
</cache-container>
- <cache-container name="ejb" default-cache="passivation" aliases="sfsb" modules="org.wildfly.clustering.ejb.infinispan">
+ <cache-container name="ejb" aliases="sfsb" default-cache="passivation" modules="org.wildfly.clustering.ejb.infinispan">
<local-cache name="passivation">
<locking isolation="REPEATABLE_READ"/>
<transaction mode="BATCH"/>
@@ -392,44 +246,10 @@
<local-cache name="timestamps"/>
</cache-container>
</subsystem>
- <subsystem xmlns="urn:jboss:domain:io:3.0">
- <worker name="default"/>
- <buffer-pool name="default"/>
- </subsystem>
- <subsystem xmlns="urn:jboss:domain:jaxrs:2.0"/>
- <subsystem xmlns="urn:jboss:domain:jca:5.0">
- <archive-validation enabled="true" fail-on-error="true" fail-on-warn="false"/>
- <bean-validation enabled="true"/>
- <default-workmanager>
- <short-running-threads>
- <core-threads count="50"/>
- <queue-length count="50"/>
- <max-threads count="50"/>
- <keepalive-time time="10" unit="seconds"/>
- </short-running-threads>
- <long-running-threads>
- <core-threads count="50"/>
- <queue-length count="50"/>
- <max-threads count="50"/>
- <keepalive-time time="10" unit="seconds"/>
- </long-running-threads>
- </default-workmanager>
- <cached-connection-manager/>
- </subsystem>
- <subsystem xmlns="urn:jboss:domain:jmx:1.3">
- <expose-resolved-model/>
- <expose-expression-model/>
- <remoting-connector/>
- </subsystem>
- <subsystem xmlns="urn:jboss:domain:jpa:1.1">
- <jpa default-extended-persistence-inheritance="DEEP"/>
- </subsystem>
<subsystem xmlns="urn:jboss:domain:keycloak-server:1.1">
<web-context>auth</web-context>
<providers>
- <provider>
- classpath:${jboss.home.dir}/providers/*
- </provider>
+ <provider>classpath:${jboss.home.dir}/providers/*</provider>
</providers>
<master-realm-name>master</master-realm-name>
<scheduled-task-interval>900</scheduled-task-interval>
@@ -508,6 +328,65 @@
<provider name="metrics-listener" enabled="true"/>
</spi>
</subsystem>
+ <subsystem xmlns="urn:jboss:domain:undertow:12.0" default-server="default-server" default-virtual-host="default-host" default-servlet-container="default" default-security-domain="other" statistics-enabled="${wildfly.undertow.statistics-enabled:${wildfly.statistics-enabled:false}}">
+ <buffer-cache name="default"/>
+ <server name="default-server">
+ <http-listener name="default" socket-binding="http" redirect-socket="https" proxy-address-forwarding="true" enable-http2="true"/>
+ <https-listener name="https" socket-binding="https" proxy-address-forwarding="true" security-realm="ApplicationRealm" enable-http2="true"/>
+ <host name="default-host" alias="localhost">
+ <location name="/" handler="welcome-content"/>
+ <http-invoker security-realm="ApplicationRealm"/>
+ </host>
+ </server>
+ <servlet-container name="default">
+ <jsp-config/>
+ <websockets/>
+ </servlet-container>
+ <handlers>
+ <file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>
+ </handlers>
+ </subsystem>
+ <subsystem xmlns="urn:jboss:domain:logging:8.0">
+ <console-handler name="CONSOLE">
+ <level name="INFO"/>
+ <formatter>
+ <named-formatter name="COLOR-PATTERN"/>
+ </formatter>
+ </console-handler>
+ <periodic-rotating-file-handler name="FILE" autoflush="true">
+ <formatter>
+ <named-formatter name="PATTERN"/>
+ </formatter>
+ <file relative-to="jboss.server.log.dir" path="server.log"/>
+ <suffix value=".yyyy-MM-dd"/>
+ <append value="true"/>
+ </periodic-rotating-file-handler>
+ <logger category="com.arjuna">
+ <level name="WARN"/>
+ </logger>
+ <logger category="io.jaegertracing.Configuration">
+ <level name="WARN"/>
+ </logger>
+ <logger category="org.jboss.as.config">
+ <level name="DEBUG"/>
+ </logger>
+ <logger category="sun.rmi">
+ <level name="WARN"/>
+ </logger>
+ <root-logger>
+ <level name="INFO"/>
+ <handlers>
+ <handler name="CONSOLE"/>
+ <handler name="FILE"/>
+ </handlers>
+ </root-logger>
+ <formatter name="PATTERN">
+ <pattern-formatter pattern="%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n"/>
+ </formatter>
+ <formatter name="COLOR-PATTERN">
+ <pattern-formatter pattern="%K{level}%d{HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n"/>
+ </formatter>
+ </subsystem>
<subsystem xmlns="urn:jboss:domain:mail:4.0">
<mail-session name="default" jndi-name="java:jboss/mail/Default">
<smtp-server outbound-socket-binding-ref="mail-smtp"/>
@@ -521,6 +400,13 @@
<http-connector name="http-remoting-connector" connector-ref="default" security-realm="ApplicationRealm"/>
</subsystem>
<subsystem xmlns="urn:jboss:domain:request-controller:1.0"/>
+ <subsystem xmlns="urn:jboss:domain:security-manager:1.0">
+ <deployment-permissions>
+ <maximum-set>
+ <permission class="java.security.AllPermission"/>
+ </maximum-set>
+ </deployment-permissions>
+ </subsystem>
<subsystem xmlns="urn:jboss:domain:security:2.0">
<security-domains>
<security-domain name="other" cache-type="default">
@@ -553,12 +439,142 @@
</security-domain>
</security-domains>
</subsystem>
- <subsystem xmlns="urn:jboss:domain:security-manager:1.0">
- <deployment-permissions>
- <maximum-set>
- <permission class="java.security.AllPermission"/>
- </maximum-set>
- </deployment-permissions>
+ <subsystem xmlns="urn:jboss:domain:datasources:6.0">
+ <datasources>
+ <datasource jndi-name="java:jboss/datasources/KeycloakDS" pool-name="KeycloakDS" enabled="true" use-java-context="true" statistics-enabled="${wildfly.datasources.statistics-enabled:${wildfly.statistics-enabled:false}}">
+ <connection-url>jdbc:postgresql://localhost:5432/keycloak</connection-url>
+ <driver>postgresql</driver>
+ <security>
+ <user-name>keycloak</user-name>
+ <password>keycloak</password>
+ </security>
+ </datasource>
+ <drivers>
+ <driver name="postgresql" module="org.postgresql">
+ <xa-datasource-class>org.postgresql.xa.PGXADataSource</xa-datasource-class>
+ </driver>
+ <driver name="h2" module="com.h2database.h2">
+ <xa-datasource-class>org.h2.jdbcx.JdbcDataSource</xa-datasource-class>
+ </driver>
+ </drivers>
+ </datasources>
+ </subsystem>
+ <subsystem xmlns="urn:wildfly:elytron:13.0" final-providers="combined-providers" disallowed-providers="OracleUcrypto">
+ <providers>
+ <aggregate-providers name="combined-providers">
+ <providers name="elytron"/>
+ <providers name="openssl"/>
+ </aggregate-providers>
+ <provider-loader name="elytron" module="org.wildfly.security.elytron"/>
+ <provider-loader name="openssl" module="org.wildfly.openssl"/>
+ </providers>
+ <audit-logging>
+ <file-audit-log name="local-audit" path="audit.log" relative-to="jboss.server.log.dir" format="JSON"/>
+ </audit-logging>
+ <security-domains>
+ <security-domain name="ApplicationDomain" default-realm="ApplicationRealm" permission-mapper="default-permission-mapper">
+ <realm name="ApplicationRealm" role-decoder="groups-to-roles"/>
+ <realm name="local"/>
+ </security-domain>
+ <security-domain name="ManagementDomain" default-realm="ManagementRealm" permission-mapper="default-permission-mapper">
+ <realm name="ManagementRealm" role-decoder="groups-to-roles"/>
+ <realm name="local" role-mapper="super-user-mapper"/>
+ </security-domain>
+ </security-domains>
+ <security-realms>
+ <identity-realm name="local" identity="$local"/>
+ <properties-realm name="ApplicationRealm">
+ <users-properties path="application-users.properties" relative-to="jboss.server.config.dir" digest-realm-name="ApplicationRealm"/>
+ <groups-properties path="application-roles.properties" relative-to="jboss.server.config.dir"/>
+ </properties-realm>
+ <properties-realm name="ManagementRealm">
+ <users-properties path="mgmt-users.properties" relative-to="jboss.server.config.dir" digest-realm-name="ManagementRealm"/>
+ <groups-properties path="mgmt-groups.properties" relative-to="jboss.server.config.dir"/>
+ </properties-realm>
+ </security-realms>
+ <mappers>
+ <simple-permission-mapper name="default-permission-mapper" mapping-mode="first">
+ <permission-mapping>
+ <principal name="anonymous"/>
+ <permission-set name="default-permissions"/>
+ </permission-mapping>
+ <permission-mapping match-all="true">
+ <permission-set name="login-permission"/>
+ <permission-set name="default-permissions"/>
+ </permission-mapping>
+ </simple-permission-mapper>
+ <constant-realm-mapper name="local" realm-name="local"/>
+ <simple-role-decoder name="groups-to-roles" attribute="groups"/>
+ <constant-role-mapper name="super-user-mapper">
+ <role name="SuperUser"/>
+ </constant-role-mapper>
+ </mappers>
+ <permission-sets>
+ <permission-set name="login-permission">
+ <permission class-name="org.wildfly.security.auth.permission.LoginPermission"/>
+ </permission-set>
+ <permission-set name="default-permissions">
+ <permission class-name="org.wildfly.extension.batch.jberet.deployment.BatchPermission" module="org.wildfly.extension.batch.jberet" target-name="*"/>
+ <permission class-name="org.wildfly.transaction.client.RemoteTransactionPermission" module="org.wildfly.transaction.client"/>
+ <permission class-name="org.jboss.ejb.client.RemoteEJBPermission" module="org.jboss.ejb-client"/>
+ </permission-set>
+ </permission-sets>
+ <http>
+ <http-authentication-factory name="management-http-authentication" security-domain="ManagementDomain" http-server-mechanism-factory="global">
+ <mechanism-configuration>
+ <mechanism mechanism-name="DIGEST">
+ <mechanism-realm realm-name="ManagementRealm"/>
+ </mechanism>
+ </mechanism-configuration>
+ </http-authentication-factory>
+ <provider-http-server-mechanism-factory name="global"/>
+ </http>
+ <sasl>
+ <sasl-authentication-factory name="application-sasl-authentication" sasl-server-factory="configured" security-domain="ApplicationDomain">
+ <mechanism-configuration>
+ <mechanism mechanism-name="JBOSS-LOCAL-USER" realm-mapper="local"/>
+ <mechanism mechanism-name="DIGEST-MD5">
+ <mechanism-realm realm-name="ApplicationRealm"/>
+ </mechanism>
+ </mechanism-configuration>
+ </sasl-authentication-factory>
+ <sasl-authentication-factory name="management-sasl-authentication" sasl-server-factory="configured" security-domain="ManagementDomain">
+ <mechanism-configuration>
+ <mechanism mechanism-name="JBOSS-LOCAL-USER" realm-mapper="local"/>
+ <mechanism mechanism-name="DIGEST-MD5">
+ <mechanism-realm realm-name="ManagementRealm"/>
+ </mechanism>
+ </mechanism-configuration>
+ </sasl-authentication-factory>
+ <configurable-sasl-server-factory name="configured" sasl-server-factory="elytron">
+ <properties>
+ <property name="wildfly.sasl.local-user.default-user" value="$local"/>
+ </properties>
+ </configurable-sasl-server-factory>
+ <mechanism-provider-filtering-sasl-server-factory name="elytron" sasl-server-factory="global">
+ <filters>
+ <filter provider-name="WildFlyElytron"/>
+ </filters>
+ </mechanism-provider-filtering-sasl-server-factory>
+ <provider-sasl-server-factory name="global"/>
+ </sasl>
+ <tls>
+ <key-stores>
+ <key-store name="applicationKS">
+ <credential-reference clear-text="password"/>
+ <implementation type="JKS"/>
+ <file path="application.keystore" relative-to="jboss.server.config.dir"/>
+ </key-store>
+ </key-stores>
+ <key-managers>
+ <key-manager name="applicationKM" key-store="applicationKS" generate-self-signed-certificate-host="localhost">
+ <credential-reference clear-text="password"/>
+ </key-manager>
+ </key-managers>
+ <server-ssl-contexts>
+ <server-ssl-context name="applicationSSC" key-manager="applicationKM"/>
+ </server-ssl-contexts>
+ </tls>
</subsystem>
<subsystem xmlns="urn:jboss:domain:transactions:6.0">
<core-environment node-identifier="${jboss.tx.node.id:1}">
@@ -570,24 +586,6 @@
<coordinator-environment statistics-enabled="${wildfly.transactions.statistics-enabled:${wildfly.statistics-enabled:false}}"/>
<object-store path="tx-object-store" relative-to="jboss.server.data.dir"/>
</subsystem>
- <subsystem xmlns="urn:jboss:domain:undertow:12.0" default-server="default-server" default-virtual-host="default-host" default-servlet-container="default" default-security-domain="other" statistics-enabled="${wildfly.undertow.statistics-enabled:${wildfly.statistics-enabled:false}}">
- <buffer-cache name="default"/>
- <server name="default-server">
- <http-listener name="default" socket-binding="http" redirect-socket="https" proxy-address-forwarding="true" enable-http2="true"/>
- <https-listener name="https" socket-binding="https" proxy-address-forwarding="true" security-realm="ApplicationRealm" enable-http2="true"/>
- <host name="default-host" alias="localhost">
- <location name="/" handler="welcome-content"/>
- <http-invoker security-realm="ApplicationRealm"/>
- </host>
- </server>
- <servlet-container name="default">
- <jsp-config/>
- <websockets/>
- </servlet-container>
- <handlers>
- <file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>
- </handlers>
- </subsystem>
<subsystem xmlns="urn:jboss:domain:weld:4.0"/>
</profile>
<interfaces>
@@ -610,4 +608,4 @@
<remote-destination host="${jboss.mail.server.host:localhost}" port="${jboss.mail.server.port:25}"/>
</outbound-socket-binding>
</socket-binding-group>
-</server>
\ No newline at end of file
+</server>
--
GitLab