-
Notifications
You must be signed in to change notification settings - Fork 21
Installing the SPID provider
In order to setup the SPID provider, you will need:
- A working installation of Keycloak version 14.0.0+.
- The compiled module of this Keycloak SPID Provider.
This provider should be deployed as a module, i.e. copied under {$KEYCLOAK_PATH}/standalone/deployments/,
with the right permissions. Keycloak will take care of loading the module, no restart needed.
I suggest using the install command in order to copy the archive with the correct user and group permissions:
sudo install -C -o keycloak -g keycloak target/spid-provider.jar /opt/keycloak/standalone/deployments/
Make sure the paths and user/group names are correct for your system.
Keycloak will automatically load the module in a couple of seconds. To verify that the module is loaded and
active, open the Keycloak admin console and access the Identity Providers section. Choose the Add provider
dropdown and you will find the SPID entry.
Upgrades are usually seamless, just repeat the deployment command.
Sometimes Keycloak caches don't get flushed when a new deployment occurs; in that case you will need to edit the file {$KEYCLOAK_PATH}/standalone/configuration/standalone.xml, find the following section
<theme>
<staticMaxAge>2592000</staticMaxAge>
<cacheThemes>true</cacheThemes>
<cacheTemplates>true</cacheTemplates>
<dir>${jboss.home.dir}/themes</dir>
</theme>
and change it to:
<theme>
<staticMaxAge>-1</staticMaxAge>
<cacheThemes>false</cacheThemes>
<cacheTemplates>false</cacheTemplates>
<dir>${jboss.home.dir}/themes</dir>
</theme>
Then restart Keycloak and it will reload the resources from the packages. Make sure you also clear your browser caches or use incognito mode when verifying the correct deployment. After the first reload you can turn back on the caches and restart Keycloak again.
Once the module is ready, you can proceed to define the SPID IdPs.