Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?xml version="1.0" ?>
- <server xmlns="urn:jboss:domain:4.0">
- <extensions>
- <extension module="org.jboss.as.clustering.infinispan"/>
- <extension module="org.jboss.as.clustering.jgroups"/>
- <extension module="org.jboss.as.connector"/>
- <extension module="org.jboss.as.deployment-scanner"/>
- <extension module="org.jboss.as.ee"/>
- <extension module="org.jboss.as.ejb3"/>
- <extension module="org.jboss.as.jaxrs"/>
- <extension module="org.jboss.as.jdr"/>
- <extension module="org.jboss.as.jmx"/>
- <extension module="org.jboss.as.jpa"/>
- <extension module="org.jboss.as.jsf"/>
- <extension module="org.jboss.as.logging"/>
- <extension module="org.jboss.as.mail"/>
- <!-- <extension module="org.jboss.as.modcluster"/>-->
- <extension module="org.jboss.as.naming"/>
- <extension module="org.jboss.as.remoting"/>
- <extension module="org.jboss.as.security"/>
- <extension module="org.jboss.as.transactions"/>
- <extension module="org.keycloak.keycloak-server-subsystem"/>
- <extension module="org.wildfly.extension.bean-validation"/>
- <extension module="org.wildfly.extension.io"/>
- <extension module="org.wildfly.extension.request-controller"/>
- <extension module="org.wildfly.extension.security.manager"/>
- <extension module="org.wildfly.extension.undertow"/>
- </extensions>
- <management>
- <security-realms>
- <security-realm name="ManagementRealm">
- <authentication>
- <local default-user="$local" skip-group-loading="true"/>
- <properties path="mgmt-users.properties" relative-to="jboss.server.config.dir"/>
- </authentication>
- <authorization map-groups-to-roles="false">
- <properties path="mgmt-groups.properties" relative-to="jboss.server.config.dir"/>
- </authorization>
- </security-realm>
- <security-realm name="ApplicationRealm">
- <authentication>
- <local default-user="$local" allowed-users="*" skip-group-loading="true"/>
- <properties path="application-users.properties" relative-to="jboss.server.config.dir"/>
- </authentication>
- <authorization>
- <properties path="application-roles.properties" relative-to="jboss.server.config.dir"/>
- </authorization>
- </security-realm>
- </security-realms>
- <audit-log>
- <formatters>
- <json-formatter name="json-formatter"/>
- </formatters>
- <handlers>
- <file-handler name="file" formatter="json-formatter" relative-to="jboss.server.data.dir" path="audit-log.log"/>
- </handlers>
- <logger log-boot="true" log-read-only="false" enabled="false">
- <handlers>
- <handler name="file"/>
- </handlers>
- </logger>
- </audit-log>
- <management-interfaces>
- <http-interface security-realm="ManagementRealm" http-upgrade-enabled="true">
- <socket-binding http="management-http"/>
- </http-interface>
- </management-interfaces>
- <access-control provider="simple">
- <role-mapping>
- <role name="SuperUser">
- <include>
- <user name="$local"/>
- </include>
- </role>
- </role-mapping>
- </access-control>
- </management>
- <profile>
- <subsystem xmlns="urn:jboss:domain:logging:3.0">
- <!--<console-handler name="CONSOLE">-->
- <!--<level name="INFO"/>-->
- <!--<formatter>-->
- <!--<named-formatter name="COLOR-PATTERN"/>-->
- <!--</formatter>-->
- <!--</console-handler>-->
- <periodic-rotating-file-handler name="FILE" autoflush="true">
- <formatter>
- <named-formatter name="PATTERN"/>
- </formatter>
- <file relative-to="jboss.server.log.dir" path="../../../../log/keycloak/service.log"/>
- <suffix value=".yyyy-MM-dd"/>
- <append value="false"/>
- </periodic-rotating-file-handler>
- <logger category="com.arjuna">
- <level name="WARN"/>
- </logger>
- <logger category="org.jboss.as.config">
- <level name="DEBUG"/>
- </logger>
- <logger category="org.mongodb">
- <level name="WARN"/>
- </logger>
- <logger category="sun.rmi">
- <level name="WARN"/>
- </logger>
- <root-logger>
- <level name="INFO"/>
- <handlers>
- <!--<handler name="CONSOLE"/>-->
- <handler name="FILE"/>
- </handlers>
- </root-logger>
- <formatter name="PATTERN">
- <pattern-formatter pattern="%-5p %-17d{yyyy-MM-dd HH:mm:ss} %c %m%n"/>
- </formatter>
- <formatter name="COLOR-PATTERN">
- <pattern-formatter pattern="%-5p %-17d{yyyy-MM-dd HH:mm:ss} %c %m%n"/>
- </formatter>
- </subsystem>
- <subsystem xmlns="urn:jboss:domain:deployment-scanner:2.0">
- <deployment-scanner path="deployments" relative-to="jboss.server.base.dir" scan-interval="5000" runtime-failure-causes-rollback="${jboss.deployment.scanner.rollback.on.failure:false}"/>
- </subsystem>
- <subsystem xmlns="urn:jboss:domain:bean-validation:1.0"/>
- <subsystem xmlns="urn:jboss:domain:datasources:4.0">
- <datasources>
- <!--<datasource jndi-name="java:jboss/datasources/ExampleDS" pool-name="ExampleDS" enabled="true" use-java-context="true">
- <connection-url>jdbc:h2:mem:test;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE</connection-url>
- <driver>h2</driver>
- <security>
- <user-name>sa</user-name>
- <password>sa</password>
- </security>
- </datasource>
- <datasource jndi-name="java:jboss/datasources/KeycloakDS" pool-name="KeycloakDS" enabled="true" use-java-context="true">
- <connection-url>jdbc:h2:${jboss.server.data.dir}/keycloak;AUTO_SERVER=TRUE</connection-url>
- <driver>h2</driver>
- <security>
- <user-name>sa</user-name>
- <password>sa</password>
- </security>
- </datasource>
- <drivers>
- <driver name="h2" module="com.h2database.h2">
- <xa-datasource-class>org.h2.jdbcx.JdbcDataSource</xa-datasource-class>
- </driver>
- </drivers>-->
- </datasources>
- </subsystem>
- <subsystem xmlns="urn:jboss:domain:ee:4.0">
- <spec-descriptor-property-replacement>false</spec-descriptor-property-replacement>
- <concurrent>
- <context-services>
- <context-service name="default" jndi-name="java:jboss/ee/concurrency/context/default" use-transaction-setup-provider="true"/>
- </context-services>
- <managed-thread-factories>
- <managed-thread-factory name="default" jndi-name="java:jboss/ee/concurrency/factory/default" context-service="default"/>
- </managed-thread-factories>
- <managed-executor-services>
- <managed-executor-service name="default" jndi-name="java:jboss/ee/concurrency/executor/default" context-service="default" hung-task-threshold="60000" keepalive-time="5000"/>
- </managed-executor-services>
- <managed-scheduled-executor-services>
- <managed-scheduled-executor-service name="default" jndi-name="java:jboss/ee/concurrency/scheduler/default" context-service="default" hung-task-threshold="60000" keepalive-time="3000"/>
- </managed-scheduled-executor-services>
- </concurrent>
- <!-- <default-bindings context-service="java:jboss/ee/concurrency/context/default" datasource="java:jboss/datasources/ExampleDS" managed-executor-service="java:jboss/ee/concurrency/executor/default" managed-scheduled-executor-service="java:jboss/ee/concurrency/scheduler/default" managed-thread-factory="java:jboss/ee/concurrency/factory/default"/>-->
- </subsystem>
- <subsystem xmlns="urn:jboss:domain:ejb3:4.0">
- <session-bean>
- <stateless>
- <bean-instance-pool-ref pool-name="slsb-strict-max-pool"/>
- </stateless>
- <stateful default-access-timeout="5000" cache-ref="distributable" passivation-disabled-cache-ref="simple"/>
- <singleton default-access-timeout="5000"/>
- </session-bean>
- <pools>
- <bean-instance-pools>
- <!-- Automatically configure pools. Alternatively, max-pool-size can be set to a specific value -->
- <strict-max-pool name="slsb-strict-max-pool" derive-size="from-worker-pools" instance-acquisition-timeout="5" instance-acquisition-timeout-unit="MINUTES"/>
- <strict-max-pool name="mdb-strict-max-pool" derive-size="from-cpu-count" instance-acquisition-timeout="5" instance-acquisition-timeout-unit="MINUTES"/>
- </bean-instance-pools>
- </pools>
- <caches>
- <cache name="simple"/>
- <cache name="distributable" passivation-store-ref="infinispan" aliases="passivating clustered"/>
- </caches>
- <passivation-stores>
- <passivation-store name="infinispan" cache-container="ejb" max-size="10000"/>
- </passivation-stores>
- <async thread-pool-name="default"/>
- <timer-service thread-pool-name="default" default-data-store="default-file-store">
- <data-stores>
- <file-data-store name="default-file-store" path="timer-service-data" relative-to="jboss.server.data.dir"/>
- </data-stores>
- </timer-service>
- <remote connector-ref="http-remoting-connector" thread-pool-name="default"/>
- <thread-pools>
- <thread-pool name="default">
- <max-threads count="10"/>
- <keepalive-time time="100" unit="milliseconds"/>
- </thread-pool>
- </thread-pools>
- <default-security-domain value="other"/>
- <default-missing-method-permissions-deny-access value="true"/>
- <log-system-exceptions value="true"/>
- </subsystem>
- <subsystem xmlns="urn:jboss:domain:io:1.1">
- <worker name="default"/>
- <buffer-pool name="default"/>
- </subsystem>
- <subsystem xmlns="urn:jboss:domain:infinispan:4.0">
- <cache-container name="keycloak" jndi-name="infinispan/Keycloak">
- <transport lock-timeout="60000"/>
- <invalidation-cache name="realms" mode="SYNC"/>
- <invalidation-cache name="users" mode="SYNC">
- <eviction max-entries="10000" strategy="LRU"/>
- </invalidation-cache>
- <distributed-cache name="sessions" mode="SYNC" owners="2"/>
- <distributed-cache name="offlineSessions" mode="SYNC" owners="2"/>
- <distributed-cache name="loginFailures" mode="SYNC" owners="2"/>
- <distributed-cache name="authorization" mode="SYNC" owners="2"/>
- <replicated-cache name="work" mode="SYNC"/>
- </cache-container>
- <cache-container name="server" aliases="singleton cluster" default-cache="default" module="org.wildfly.clustering.server">
- <transport lock-timeout="60000"/>
- <replicated-cache name="default" mode="SYNC">
- <transaction mode="BATCH"/>
- </replicated-cache>
- </cache-container>
- <cache-container name="web" default-cache="dist" module="org.wildfly.clustering.web.infinispan">
- <transport lock-timeout="60000"/>
- <distributed-cache name="dist" mode="ASYNC" l1-lifespan="0" owners="2">
- <locking isolation="REPEATABLE_READ"/>
- <transaction mode="BATCH"/>
- <file-store/>
- </distributed-cache>
- </cache-container>
- <cache-container name="ejb" aliases="sfsb" default-cache="dist" module="org.wildfly.clustering.ejb.infinispan">
- <transport lock-timeout="60000"/>
- <distributed-cache name="dist" mode="ASYNC" l1-lifespan="0" owners="2">
- <locking isolation="REPEATABLE_READ"/>
- <transaction mode="BATCH"/>
- <file-store/>
- </distributed-cache>
- </cache-container>
- <cache-container name="hibernate" default-cache="local-query" module="org.hibernate.infinispan">
- <transport lock-timeout="60000"/>
- <invalidation-cache name="entity" mode="SYNC">
- <transaction mode="NON_XA"/>
- <eviction strategy="LRU" max-entries="10000"/>
- <expiration max-idle="100000"/>
- </invalidation-cache>
- <local-cache name="local-query">
- <eviction strategy="LRU" max-entries="10000"/>
- <expiration max-idle="100000"/>
- </local-cache>
- <replicated-cache name="timestamps" mode="ASYNC"/>
- </cache-container>
- </subsystem>
- <subsystem xmlns="urn:jboss:domain:jaxrs:1.0"/>
- <subsystem xmlns="urn:jboss:domain:jca:4.0">
- <archive-validation enabled="true" fail-on-error="true" fail-on-warn="false"/>
- <bean-validation enabled="true"/>
- <default-workmanager>
- <short-running-threads>
- <core-threads count="50"/>
- <queue-length count="50"/>
- <max-threads count="50"/>
- <keepalive-time time="10" unit="seconds"/>
- </short-running-threads>
- <long-running-threads>
- <core-threads count="50"/>
- <queue-length count="50"/>
- <max-threads count="50"/>
- <keepalive-time time="10" unit="seconds"/>
- </long-running-threads>
- </default-workmanager>
- <cached-connection-manager/>
- </subsystem>
- <subsystem xmlns="urn:jboss:domain:jdr:1.0"/>
- <subsystem xmlns="urn:jboss:domain:jgroups:4.0">
- <channels default="ee">
- <channel name="ee" stack="tcp"/>
- </channels>
- <stacks default="tcp">
- <!--<stack name="udp">
- <transport type="UDP" socket-binding="jgroups-udp"/>
- <protocol type="PING"/>
- <protocol type="MERGE3"/>
- <protocol type="FD_SOCK" socket-binding="jgroups-udp-fd"/>
- <protocol type="FD_ALL"/>
- <protocol type="VERIFY_SUSPECT"/>
- <protocol type="pbcast.NAKACK2"/>
- <protocol type="UNICAST3"/>
- <protocol type="pbcast.STABLE"/>
- <protocol type="pbcast.GMS"/>
- <protocol type="UFC"/>
- <protocol type="MFC"/>
- <protocol type="FRAG2"/>
- </stack>-->
- <stack name="tcp">
- <transport type="TCP" socket-binding="jgroups-tcp"/>
- <!--<protocol type="MPING" socket-binding="jgroups-mping"/>-->
- <protocol type="TCPPING">
- <property name="initial_hosts">10.62.168.51[7600],10.62.168.52[7600],10.62.168.53[7600]</property>
- <property name="num_initial_members">2</property>
- <property name="port_range">0</property>
- <property name="timeout">2000</property>
- </protocol>
- <protocol type="MERGE3"/>
- <protocol type="FD_SOCK" socket-binding="jgroups-tcp-fd"/>
- <protocol type="FD"/>
- <protocol type="VERIFY_SUSPECT"/>
- <protocol type="pbcast.NAKACK2"/>
- <protocol type="UNICAST3"/>
- <protocol type="pbcast.STABLE"/>
- <protocol type="pbcast.GMS"/>
- <protocol type="MFC"/>
- <protocol type="FRAG2"/>
- </stack>
- </stacks>
- </subsystem>
- <subsystem xmlns="urn:jboss:domain:jmx:1.3">
- <expose-resolved-model/>
- <expose-expression-model/>
- <remoting-connector/>
- </subsystem>
- <subsystem xmlns="urn:jboss:domain:jpa:1.1">
- <jpa default-datasource="" default-extended-persistence-inheritance="DEEP"/>
- </subsystem>
- <subsystem xmlns="urn:jboss:domain:jsf:1.0"/>
- <subsystem xmlns="urn:jboss:domain:mail:2.0">
- <mail-session name="default" jndi-name="java:jboss/mail/Default">
- <smtp-server outbound-socket-binding-ref="mail-smtp"/>
- </mail-session>
- </subsystem>
- <!--<subsystem xmlns="urn:jboss:domain:modcluster:2.0">
- <mod-cluster-config advertise-socket="modcluster" connector="ajp">
- <dynamic-load-provider>
- <load-metric type="cpu"/>
- </dynamic-load-provider>
- </mod-cluster-config>
- </subsystem>-->
- <subsystem xmlns="urn:jboss:domain:naming:2.0">
- <remote-naming/>
- </subsystem>
- <subsystem xmlns="urn:jboss:domain:remoting:3.0">
- <endpoint/>
- <http-connector name="http-remoting-connector" connector-ref="default" security-realm="ApplicationRealm"/>
- </subsystem>
- <subsystem xmlns="urn:jboss:domain:request-controller:1.0"/>
- <subsystem xmlns="urn:jboss:domain:security-manager:1.0">
- <deployment-permissions>
- <maximum-set>
- <permission class="java.security.AllPermission"/>
- </maximum-set>
- </deployment-permissions>
- </subsystem>
- <subsystem xmlns="urn:jboss:domain:security:1.2">
- <security-domains>
- <security-domain name="other" cache-type="default">
- <authentication>
- <login-module code="Remoting" flag="optional">
- <module-option name="password-stacking" value="useFirstPass"/>
- </login-module>
- <login-module code="RealmDirect" flag="required">
- <module-option name="password-stacking" value="useFirstPass"/>
- </login-module>
- </authentication>
- </security-domain>
- <security-domain name="jboss-web-policy" cache-type="default">
- <authorization>
- <policy-module code="Delegating" flag="required"/>
- </authorization>
- </security-domain>
- <security-domain name="jboss-ejb-policy" cache-type="default">
- <authorization>
- <policy-module code="Delegating" flag="required"/>
- </authorization>
- </security-domain>
- <security-domain name="jaspitest" cache-type="default">
- <authentication-jaspi>
- <login-module-stack name="dummy">
- <login-module code="Dummy" flag="optional"/>
- </login-module-stack>
- <auth-module code="Dummy"/>
- </authentication-jaspi>
- </security-domain>
- </security-domains>
- </subsystem>
- <subsystem xmlns="urn:jboss:domain:transactions:3.0">
- <core-environment>
- <process-id>
- <uuid/>
- </process-id>
- </core-environment>
- <recovery-environment socket-binding="txn-recovery-environment" status-socket-binding="txn-status-manager"/>
- </subsystem>
- <subsystem xmlns="urn:jboss:domain:undertow:3.0">
- <buffer-cache name="default"/>
- <server name="default-server">
- <ajp-listener name="ajp" socket-binding="ajp"/>
- <http-listener name="default" socket-binding="http" proxy-address-forwarding="true"
- redirect-socket="https"/>
- <host name="default-host" alias="localhost">
- <location name="/" handler="welcome-content"/>
- <filter-ref name="server-header"/>
- <filter-ref name="x-powered-by-header"/>
- </host>
- </server>
- <servlet-container name="default">
- <jsp-config/>
- <websockets/>
- </servlet-container>
- <handlers>
- <file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>
- </handlers>
- <filters>
- <response-header name="server-header" header-name="Server" header-value="WildFly/10"/>
- <response-header name="x-powered-by-header" header-name="X-Powered-By" header-value="Undertow/1"/>
- </filters>
- </subsystem>
- <subsystem xmlns="urn:jboss:domain:keycloak-server:1.1">
- <web-context>auth</web-context>
- <providers>
- <provider>classpath:${jboss.home.dir}/providers/*</provider>
- </providers>
- <master-realm-name>master</master-realm-name>
- <scheduled-task-interval>900</scheduled-task-interval>
- <theme>
- <staticMaxAge>2592000</staticMaxAge>
- <cacheThemes>true</cacheThemes>
- <cacheTemplates>true</cacheTemplates>
- <dir>${jboss.home.dir}/themes</dir>
- </theme>
- <spi name="eventsStore">
- <default-provider>mongo</default-provider>
- <provider name="mongo" enabled="true">
- <properties>
- <property name="exclude-events" value="["REFRESH_TOKEN"]"/>
- </properties>
- </provider>
- </spi>
- <spi name="realm">
- <default-provider>mongo</default-provider>
- </spi>
- <spi name="user">
- <default-provider>mongo</default-provider>
- </spi>
- <spi name="userFederatedStorage">
- <provider name="mongo" enabled="false"/>
- </spi>
- <spi name="userCache">
- <provider name="default" enabled="true"/>
- </spi>
- <spi name="userSessionPersister">
- <default-provider>mongo</default-provider>
- <provider name="mongo" enabled="true"/>
- </spi>
- <spi name="authorizationPersister">
- <default-provider>mongo</default-provider>
- </spi>
- <spi name="timer">
- <default-provider>basic</default-provider>
- </spi>
- <spi name="connectionsHttpClient">
- <provider name="default" enabled="true"/>
- </spi>
- <spi name="connectionsMongo">
- <provider name="default" enabled="true">
- <properties>
- <property name="uri" value="${com.xxx.mongo.uri}"/>
- <!--<property name="port" value="${com.xxx.mongo.port}"/>-->
- <property name="db" value="${com.xxx.mongo.db}"/>
- <property name="connectionsPerHost" value="100"/>
- <property name="databaseSchema" value="update"/>
- </properties>
- </provider>
- </spi>
- <spi name="realmCache">
- <provider name="default" enabled="true"/>
- </spi>
- <spi name="connectionsInfinispan">
- <default-provider>default</default-provider>
- <provider name="default" enabled="true">
- <properties>
- <property name="cacheContainer" value="java:comp/env/infinispan/Keycloak"/>
- </properties>
- </provider>
- </spi>
- <spi name="jta-lookup">
- <default-provider>${keycloak.jta.lookup.provider:jboss}</default-provider>
- <provider name="jboss" enabled="true"/>
- </spi>
- </subsystem>
- </profile>
- <interfaces>
- <interface name="management">
- <inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
- </interface>
- <interface name="public">
- <inet-address value="${jboss.bind.address:127.0.0.1}"/>
- </interface>
- <interface name="private">
- <inet-address value="${jboss.bind.address.private:127.0.0.1}"/>
- </interface>
- </interfaces>
- <socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
- <socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/>
- <socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9993}"/>
- <socket-binding name="ajp" port="${jboss.ajp.port:8009}"/>
- <socket-binding name="http" port="${jboss.http.port:8080}"/>
- <socket-binding name="https" port="${jboss.https.port:8443}"/>
- <socket-binding name="jgroups-mping" interface="private" port="0" multicast-address="${jboss.default.multicast.address:230.0.0.4}" multicast-port="45700"/>
- <socket-binding name="jgroups-tcp" interface="private" port="7600"/>
- <socket-binding name="jgroups-tcp-fd" interface="private" port="57600"/>
- <!-- <socket-binding name="jgroups-udp" interface="private" port="55200" multicast-address="${jboss.default.multicast.address:230.0.0.4}" multicast-port="45688"/>
- <socket-binding name="jgroups-udp-fd" interface="private" port="54200"/>-->
- <!-- <socket-binding name="modcluster" port="0" multicast-address="224.0.1.105" multicast-port="23364"/>-->
- <socket-binding name="txn-recovery-environment" port="4712"/>
- <socket-binding name="txn-status-manager" port="4713"/>
- <outbound-socket-binding name="mail-smtp">
- <remote-destination host="localhost" port="25"/>
- </outbound-socket-binding>
- </socket-binding-group>
- </server>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement