ansible-collections/middleware_automation.keycloak
1
0
Fork 0
mirror of https://github.com/ansible-middleware/keycloak.git synced 2025-07-23 05:10:31 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

feature/162: keycloak_quarkus: make spi-sticky-session-encoder-infinispan-should-attach-route configurable in keycloak.conf

Browse source
This commit is contained in:
Helmut Wolf 2024-01-22 14:06:38 +01:00
commit e0d4920a49
4 changed files with 9 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

2
roles/keycloak_quarkus/README.md
View file

@ -119,7 +119,7 @@ Role Defaults
|`keycloak_quarkus_proxy_mode`| The proxy address forwarding mode if the server is behind a reverse proxy | `edge` | |`keycloak_quarkus_proxy_mode`| The proxy address forwarding mode if the server is behind a reverse proxy | `edge` |
|`keycloak_quarkus_start_dev`| Whether to start the service in development mode (start-dev) | `False` | |`keycloak_quarkus_start_dev`| Whether to start the service in development mode (start-dev) | `False` |
|`keycloak_quarkus_transaction_xa_enabled`| Whether to use XA transactions | `True` | |`keycloak_quarkus_transaction_xa_enabled`| Whether to use XA transactions | `True` |
|`keycloak_quarkus_spi_sticky_session_encoder_infinispan_should_attach_route`| If the route should be attached to cookies to reflect the node that owns a particular session. If false, route is not attached to cookies and we rely on the session affinity capabilities from reverse proxy | `True` |
Role Variables Role Variables
-------------- --------------

3
roles/keycloak_quarkus/defaults/main.yml
View file

@ -79,6 +79,9 @@ keycloak_quarkus_proxy_mode: edge
# disable xa transactions # disable xa transactions
keycloak_quarkus_transaction_xa_enabled: true keycloak_quarkus_transaction_xa_enabled: true
# If the route should be attached to cookies to reflect the node that owns a particular session. If false, route is not attached to cookies and we rely on the session affinity capabilities from reverse proxy
keycloak_quarkus_spi_sticky_session_encoder_infinispan_should_attach_route: true
keycloak_quarkus_metrics_enabled: false keycloak_quarkus_metrics_enabled: false
keycloak_quarkus_health_enabled: true keycloak_quarkus_health_enabled: true

4
roles/keycloak_quarkus/meta/argument_specs.yml
View file

@ -308,6 +308,10 @@ argument_specs:
default: false default: false
type: "bool" type: "bool"
description: "By default backchannel URLs are dynamically resolved from request headers to allow internal and external applications. If all applications use the public URL this option should be enabled." description: "By default backchannel URLs are dynamically resolved from request headers to allow internal and external applications. If all applications use the public URL this option should be enabled."
keycloak_quarkus_spi_sticky_session_encoder_infinispan_should_attach_route:
default: true
type: "bool"
description: "If the route should be attached to cookies to reflect the node that owns a particular session. If false, route is not attached to cookies and we rely on the session affinity capabilities from reverse proxy"
downstream: downstream:
options: options:
rhbk_version: rhbk_version:

3
roles/keycloak_quarkus/templates/keycloak.conf.j2
View file

@ -55,8 +55,7 @@ cache-stack=tcp
# Proxy # Proxy
proxy={{ keycloak_quarkus_proxy_mode }} proxy={{ keycloak_quarkus_proxy_mode }}
{% endif %} {% endif %}
# Do not attach route to cookies and rely on the session affinity capabilities from reverse proxy spi-sticky-session-encoder-infinispan-should-attach-route={{ keycloak_quarkus_spi_sticky_session_encoder_infinispan_should_attach_route | d(true) | lower }}
#spi-sticky-session-encoder-infinispan-should-attach-route=false
# Transaction # Transaction
transaction-xa-enabled={{ keycloak_quarkus_transaction_xa_enabled | lower }} transaction-xa-enabled={{ keycloak_quarkus_transaction_xa_enabled | lower }}