Closed Panayioc closed 3 years ago
msavy
commented
3 years ago It's not currently possible to run Keycloak 13 and Apiman 2.x on the same instance of Wildfly.
Instead you can deploy one instance of Wildfly with Keycloak 13 one instance with only Apiman. This is already the recommended approach for a production deployment.
The same approach works well for a containerised application (e.g. docker).
Have you tried that?
Panayioc
commented
3 years ago yes, we already deployed it separately but we faced some issues with vertx deployment and the new 1.8 openjdk, so we shifted back to the wildfly distribution.
We will try again later, but for now we want to keep using the wildfly distribution.
msavy
commented
3 years ago You can still use the Wildfly distribution, but just put Keycloak 13 on its own instance of WF.
Hopefully your Vert.x issues will be solved by the upcoming release we've been working hard on here 👍
msavy
commented
3 years ago Please reopen this issue if the answer is unsatisfactory, or we can transfer over to a GitHub discussion thread.
Hope that helps!
Panayioc
commented
3 years ago Yes, sure. Thank you.
From: Marc Savy @.> Sent: Wednesday, June 2, 2021 2:03 PM To: apiman/apiman @.> Cc: Panagiotis Christodoulou @.>; Author @.> Subject: Re: [apiman/apiman] upgrade keycloak to latest (#1268)
Please reopen this issue if the answer is unsatisfactory, or we can transfer over to a GitHub discussion thread.
Hope that helps!
- You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fapiman%2Fapiman%2Fissues%2F1268%23issuecomment-852933041&data=04%7C01%7CPANAYIOC%40amdocs.com%7C1867b0939eb84e01388408d925b62bc4%7Cc8eca3ca127646d59d9da0f2a028920f%7C0%7C0%7C637582286615141390%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=XR%2BzOXAaAYDDi21X6eYMqZKbY1HDpCS7gUiINE3CcDY%3D&reserved=0, or unsubscribehttps://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAE7DL2NTXYWWYR7A35YMP3DTQYFYDANCNFSM456IUKMQ&data=04%7C01%7CPANAYIOC%40amdocs.com%7C1867b0939eb84e01388408d925b62bc4%7Cc8eca3ca127646d59d9da0f2a028920f%7C0%7C0%7C637582286615141390%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=D2mpP5VN9gDqWg3WQjHUtIzpsIaxk2Qhi%2FzlRea8eHc%3D&reserved=0. This email and the information contained herein is proprietary and confidential and subject to the Amdocs Email Terms of Service, which you may review at https://www.amdocs.com/about/email-terms-of-service https://www.amdocs.com/about/email-terms-of-service
We identified that keycloak 12.0.4 still has some high vulnerabilities. The request here is to upgrade to latest Keycloak - greater than 13.0.0, which does not have those vulnerabilities. https://nvd.nist.gov/vuln/detail/CVE-2021-20202 https://nvd.nist.gov/vuln/detail/CVE-2021-20222