openidc-keycloak-test

Demonstrates Keycloak and mod_auth_openidc working together. See also https://github.com/pingidentity/mod_auth_openidc/wiki/Keycloak.

Requirements:

• Docker Compose >=1.7.0

See docker-compose.yml in the build-contracts folder.

Might be run like this:

compose="docker-compose -f build-contracts/docker-compose.yml"
$compose up --build -d keycloak openidc
$compose up --build keycloak-setup #TODO
$compose up --build -d testclient
$compose logs -f
# test session cache
$compose up -d keycloak openidc2

Until setup is fully automated see echo:s in testclient1/keycloak-setup/import.sh.

If you can access ports locally, access the example site at http://openidc/, with something like this in /etc/hosts (IP being you docker machine's):

127.0.0.1 openidc

Direct access to keycloak is at :8080. Auth should understand proxy, according to:

• https://github.com/jboss-dockerfiles/keycloak/tree/master/server#enabling-proxy-address-forwarding
• https://docs.jboss.org/author/display/WFLY8/Undertow+subsystem+configuration#Undertowsubsystemconfiguration-HTTPConnector

Export and import

Export seems to require restart.

docker-compose -f build-contracts/docker-compose.yml -f build-contracts/export.docker-compose.yml up keycloak