mirror of
https://github.com/keycloak/keycloak.git
synced 2026-01-25 16:42:34 +00:00
@@ -34,7 +34,6 @@ public class CachingOptions {
|
||||
.description("Define the default stack to use for cluster communication and node discovery. This option only takes effect "
|
||||
+ "if 'cache' is set to 'ispn'. Default: udp.")
|
||||
.buildTime(true)
|
||||
.expectedValues(Stack.values())
|
||||
.build();
|
||||
|
||||
public static final Option<File> CACHE_CONFIG_FILE = new OptionBuilder<>("cache-config-file", File.class)
|
||||
|
||||
@@ -21,9 +21,9 @@ public class DatabaseOptions {
|
||||
|
||||
public static final Option<String> DB = new OptionBuilder<>("db", String.class)
|
||||
.category(OptionCategory.DATABASE)
|
||||
.description(String.format("The database vendor. Possible values are: %s.", String.join(", ", Database.getAliases())))
|
||||
.description("The database vendor.")
|
||||
.defaultValue("dev-file")
|
||||
.expectedStringValues(Database.getAliases())
|
||||
.expectedValues(Database::getAliases)
|
||||
.buildTime(true)
|
||||
.build();
|
||||
|
||||
|
||||
@@ -11,7 +11,7 @@ public class FeatureOptions {
|
||||
public static final Option<List> FEATURES = new OptionBuilder("features", List.class, Profile.Feature.class)
|
||||
.category(OptionCategory.FEATURE)
|
||||
.description("Enables a set of one or more features.")
|
||||
.expectedStringValues(getFeatureValues())
|
||||
.expectedValues(FeatureOptions::getFeatureValues)
|
||||
.defaultValue(Optional.empty())
|
||||
.buildTime(true)
|
||||
.build();
|
||||
@@ -19,7 +19,7 @@ public class FeatureOptions {
|
||||
public static final Option FEATURES_DISABLED = new OptionBuilder("features-disabled", List.class, Profile.Feature.class)
|
||||
.category(OptionCategory.FEATURE)
|
||||
.description("Disables a set of one or more features.")
|
||||
.expectedStringValues(getFeatureValues())
|
||||
.expectedValues(FeatureOptions::getFeatureValues)
|
||||
.buildTime(true)
|
||||
.build();
|
||||
|
||||
|
||||
@@ -10,7 +10,6 @@ public class HealthOptions {
|
||||
.description("If the server should expose health check endpoints. If enabled, health checks are available at the '/health', '/health/ready' and '/health/live' endpoints.")
|
||||
.defaultValue(Boolean.FALSE)
|
||||
.buildTime(true)
|
||||
.expectedValues(Boolean.TRUE, Boolean.FALSE)
|
||||
.build();
|
||||
|
||||
public static final List<Option<?>> ALL_OPTIONS = new ArrayList<>();
|
||||
|
||||
@@ -10,7 +10,6 @@ public class HttpOptions {
|
||||
.category(OptionCategory.HTTP)
|
||||
.description("Enables the HTTP listener.")
|
||||
.defaultValue(Boolean.FALSE)
|
||||
.expectedValues(Boolean.TRUE, Boolean.FALSE)
|
||||
.build();
|
||||
|
||||
public static final Option HTTP_HOST = new OptionBuilder<>("http-host", String.class)
|
||||
@@ -46,9 +45,8 @@ public class HttpOptions {
|
||||
|
||||
public static final Option HTTPS_CLIENT_AUTH = new OptionBuilder<>("https-client-auth", ClientAuth.class)
|
||||
.category(OptionCategory.HTTP)
|
||||
.description("Configures the server to require/request client authentication. Possible Values: none, request, required.")
|
||||
.description("Configures the server to require/request client authentication.")
|
||||
.defaultValue(ClientAuth.none)
|
||||
.expectedValues(ClientAuth.values())
|
||||
.build();
|
||||
|
||||
public static final Option HTTPS_CIPHER_SUITES = new OptionBuilder<>("https-cipher-suites", String.class)
|
||||
|
||||
@@ -23,9 +23,8 @@ public class LoggingOptions {
|
||||
|
||||
public static final Option LOG = new OptionBuilder("log", List.class, Handler.class)
|
||||
.category(OptionCategory.LOGGING)
|
||||
.description("Enable one or more log handlers in a comma-separated list. Available log handlers are: " + Arrays.stream(Handler.values()).map(Enum::toString).collect(Collectors.joining(",")))
|
||||
.description("Enable one or more log handlers in a comma-separated list.")
|
||||
.defaultValue(DEFAULT_LOG_HANDLER)
|
||||
.expectedValues(Handler.values())
|
||||
.build();
|
||||
|
||||
public enum Level {
|
||||
@@ -44,9 +43,9 @@ public class LoggingOptions {
|
||||
}
|
||||
}
|
||||
|
||||
public static final Option<Level> LOG_LEVEL = new OptionBuilder<>("log-level", Level.class)
|
||||
public static final Option<String> LOG_LEVEL = new OptionBuilder<>("log-level", String.class)
|
||||
.category(OptionCategory.LOGGING)
|
||||
.defaultValue(DEFAULT_LOG_LEVEL)
|
||||
.defaultValue(DEFAULT_LOG_LEVEL.toString())
|
||||
.description("The log level of the root category or a comma-separated list of individual categories and their levels. For the root category, you don't need to specify a category.")
|
||||
.build();
|
||||
|
||||
@@ -63,7 +62,6 @@ public class LoggingOptions {
|
||||
.category(OptionCategory.LOGGING)
|
||||
.defaultValue(DEFAULT_CONSOLE_OUTPUT)
|
||||
.description("Set the log output to JSON or default (plain) unstructured logging.")
|
||||
.expectedValues(Output.values())
|
||||
.build();
|
||||
|
||||
public static final Option<String> LOG_CONSOLE_FORMAT = new OptionBuilder<>("log-console-format", String.class)
|
||||
@@ -135,7 +133,6 @@ public class LoggingOptions {
|
||||
.category(OptionCategory.LOGGING)
|
||||
.description("If set to true, occuring stack traces are included in the 'StackTrace' field in the GELF output.")
|
||||
.defaultValue(Boolean.TRUE)
|
||||
.expectedValues(Boolean.TRUE, Boolean.FALSE)
|
||||
.build();
|
||||
|
||||
public static final Option<String> LOG_GELF_TIMESTAMP_FORMAT = new OptionBuilder<>("log-gelf-timestamp-format", String.class)
|
||||
|
||||
@@ -10,7 +10,6 @@ public class MetricsOptions {
|
||||
.description("If the server should expose metrics. If enabled, metrics are available at the '/metrics' endpoint.")
|
||||
.buildTime(true)
|
||||
.defaultValue(Boolean.FALSE)
|
||||
.expectedValues(Boolean.TRUE, Boolean.FALSE)
|
||||
.build();
|
||||
|
||||
public static final List<Option<?>> ALL_OPTIONS = new ArrayList<>();
|
||||
|
||||
@@ -2,12 +2,13 @@ package org.keycloak.config;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Optional;
|
||||
import java.util.function.Supplier;
|
||||
|
||||
public class MultiOption<T> extends Option<T> {
|
||||
|
||||
private final Class auxiliaryType;
|
||||
|
||||
public MultiOption(Class type, Class auxiliaryType, String key, OptionCategory category, boolean hidden, boolean buildTime, String description, Optional defaultValue, List expectedValues) {
|
||||
public MultiOption(Class type, Class auxiliaryType, String key, OptionCategory category, boolean hidden, boolean buildTime, String description, Optional defaultValue, Supplier<List<String>> expectedValues) {
|
||||
super(type, key, category, hidden, buildTime, description, defaultValue, expectedValues);
|
||||
this.auxiliaryType = auxiliaryType;
|
||||
}
|
||||
|
||||
@@ -2,6 +2,7 @@ package org.keycloak.config;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Optional;
|
||||
import java.util.function.Supplier;
|
||||
|
||||
public class Option<T> {
|
||||
|
||||
@@ -12,9 +13,9 @@ public class Option<T> {
|
||||
private final boolean buildTime;
|
||||
private final String description;
|
||||
private final Optional<T> defaultValue;
|
||||
private final List<String> expectedValues;
|
||||
private final Supplier<List<String>> expectedValues;
|
||||
|
||||
public Option(Class<T> type, String key, OptionCategory category, boolean hidden, boolean buildTime, String description, Optional<T> defaultValue, List<String> expectedValues) {
|
||||
public Option(Class<T> type, String key, OptionCategory category, boolean hidden, boolean buildTime, String description, Optional<T> defaultValue, Supplier<List<String>> expectedValues) {
|
||||
this.type = type;
|
||||
this.key = key;
|
||||
this.category = category;
|
||||
@@ -50,7 +51,7 @@ public class Option<T> {
|
||||
}
|
||||
|
||||
public List<String> getExpectedValues() {
|
||||
return expectedValues;
|
||||
return expectedValues.get();
|
||||
}
|
||||
|
||||
public Option<T> withRuntimeSpecificDefault(T defaultValue) {
|
||||
|
||||
@@ -1,12 +1,22 @@
|
||||
package org.keycloak.config;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
import java.util.Optional;
|
||||
import java.util.function.Supplier;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
public class OptionBuilder<T> {
|
||||
|
||||
private static final Supplier<List<String>> EMPTY_VALUES_SUPPLIER = List::of;
|
||||
private static final Supplier<List<String>> BOOLEAN_TYPE_VALUES = new Supplier<List<String>>() {
|
||||
List<String> values = List.of(Boolean.TRUE.toString(), Boolean.FALSE.toString());
|
||||
|
||||
@Override
|
||||
public List<String> get() {
|
||||
return values;
|
||||
}
|
||||
};
|
||||
|
||||
private final Class<T> type;
|
||||
private final Class<T> auxiliaryType;
|
||||
private final String key;
|
||||
@@ -15,21 +25,10 @@ public class OptionBuilder<T> {
|
||||
private boolean build;
|
||||
private String description;
|
||||
private Optional<T> defaultValue;
|
||||
private List<String> expectedValues;
|
||||
private Supplier<List<String>> expectedValues;
|
||||
|
||||
public OptionBuilder(String key, Class<T> type) {
|
||||
this.type = type;
|
||||
this.auxiliaryType = null;
|
||||
this.key = key;
|
||||
category = OptionCategory.GENERAL;
|
||||
hidden = false;
|
||||
build = false;
|
||||
description = null;
|
||||
defaultValue = Boolean.class.equals(type) ? Optional.of((T) Boolean.FALSE) : Optional.empty();
|
||||
expectedValues = new ArrayList<>();
|
||||
if (Boolean.class.equals(type)) {
|
||||
expectedStringValues(Boolean.TRUE.toString(), Boolean.FALSE.toString());
|
||||
}
|
||||
this(key, type, null);
|
||||
}
|
||||
|
||||
public OptionBuilder(String key, Class<T> type, Class<T> auxiliaryType) {
|
||||
@@ -41,9 +40,15 @@ public class OptionBuilder<T> {
|
||||
build = false;
|
||||
description = null;
|
||||
defaultValue = Boolean.class.equals(type) ? Optional.of((T) Boolean.FALSE) : Optional.empty();
|
||||
expectedValues = new ArrayList<>();
|
||||
expectedValues = EMPTY_VALUES_SUPPLIER;
|
||||
if (Boolean.class.equals(type)) {
|
||||
expectedStringValues(Boolean.TRUE.toString(), Boolean.FALSE.toString());
|
||||
expectedValues(BOOLEAN_TYPE_VALUES);
|
||||
}
|
||||
if (Enum.class.isAssignableFrom(type)) {
|
||||
expectedValues((Class<? extends Enum>) type);
|
||||
}
|
||||
if (auxiliaryType != null && Enum.class.isAssignableFrom(auxiliaryType)) {
|
||||
expectedValues((Class<? extends Enum>) auxiliaryType);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -77,27 +82,32 @@ public class OptionBuilder<T> {
|
||||
return this;
|
||||
}
|
||||
|
||||
public OptionBuilder<T> expectedStringValues(List<String> expected) {
|
||||
this.expectedValues.clear();
|
||||
this.expectedValues.addAll(expected);
|
||||
public OptionBuilder<T> expectedValues(Supplier<List<String>> expected) {
|
||||
this.expectedValues = expected;
|
||||
return this;
|
||||
}
|
||||
|
||||
public OptionBuilder<T> expectedStringValues(String ... expected) {
|
||||
this.expectedValues.clear();
|
||||
this.expectedValues.addAll(Arrays.asList(expected));
|
||||
return this;
|
||||
}
|
||||
public OptionBuilder<T> expectedValues(Class<? extends Enum> expected) {
|
||||
this.expectedValues = new Supplier<>() {
|
||||
List<String> values = List.of(expected.getEnumConstants()).stream().map(Object::toString).collect(Collectors.toList());
|
||||
|
||||
public OptionBuilder<T> expectedValues(List<T> expected) {
|
||||
this.expectedValues.clear();
|
||||
this.expectedValues.addAll(expected.stream().map(v -> v.toString()).collect(Collectors.toList()));
|
||||
@Override
|
||||
public List<String> get() {
|
||||
return values;
|
||||
}
|
||||
};
|
||||
return this;
|
||||
}
|
||||
|
||||
public OptionBuilder<T> expectedValues(T ... expected) {
|
||||
this.expectedValues.clear();
|
||||
this.expectedValues.addAll(Arrays.asList(expected).stream().map(v -> v.toString()).collect(Collectors.toList()));
|
||||
this.expectedValues = new Supplier<>() {
|
||||
List<String> values = List.of(expected).stream().map(v -> v.toString()).collect(Collectors.toList());
|
||||
|
||||
@Override
|
||||
public List<String> get() {
|
||||
return values;
|
||||
}
|
||||
};
|
||||
return this;
|
||||
}
|
||||
|
||||
|
||||
@@ -16,10 +16,8 @@ public class ProxyOptions {
|
||||
|
||||
public static final Option<Mode> PROXY = new OptionBuilder<>("proxy", Mode.class)
|
||||
.category(OptionCategory.PROXY)
|
||||
.description("The proxy address forwarding mode if the server is behind a reverse proxy. " +
|
||||
"Possible values are: " + String.join(",", Arrays.stream(Mode.values()).skip(1).map(m -> m.name()).collect(Collectors.joining(","))))
|
||||
.description("The proxy address forwarding mode if the server is behind a reverse proxy.")
|
||||
.defaultValue(Mode.none)
|
||||
.expectedValues(Mode.values())
|
||||
.build();
|
||||
|
||||
public static final Option<Boolean> PROXY_FORWARDED_HOST = new OptionBuilder<>("proxy-forwarded-host", Boolean.class)
|
||||
|
||||
@@ -47,8 +47,7 @@ public class StorageOptions {
|
||||
|
||||
public static final Option<StorageType> STORAGE = new OptionBuilder<>("storage", StorageType.class)
|
||||
.category(OptionCategory.STORAGE)
|
||||
.description(String.format("Sets the default storage mechanism for all areas. Possible values are: %s.", storageAreas()))
|
||||
.expectedValues(StorageType.values())
|
||||
.description("Sets the default storage mechanism for all areas.")
|
||||
.defaultValue(Optional.empty())
|
||||
.buildTime(true)
|
||||
.build();
|
||||
@@ -66,14 +65,12 @@ public class StorageOptions {
|
||||
public static final Option<StorageType> STORAGE_EVENT_ADMIN_STORE = new OptionBuilder<>("storage-area-event-admin", StorageType.class)
|
||||
.category(OptionCategory.STORAGE)
|
||||
.description(descriptionForStorageAreas("admin events"))
|
||||
.expectedValues(StorageType.values())
|
||||
.buildTime(true)
|
||||
.build();
|
||||
|
||||
public static final Option<StorageType> STORAGE_EVENT_AUTH_STORE = new OptionBuilder<>("storage-area-event-auth", StorageType.class)
|
||||
.category(OptionCategory.STORAGE)
|
||||
.description(descriptionForStorageAreas("authentication and authorization events"))
|
||||
.expectedValues(StorageType.values())
|
||||
.buildTime(true)
|
||||
.build();
|
||||
|
||||
@@ -91,7 +88,6 @@ public class StorageOptions {
|
||||
public static final Option<StorageType> STORAGE_REALM_STORE = new OptionBuilder<>("storage-area-realm", StorageType.class)
|
||||
.category(OptionCategory.STORAGE)
|
||||
.description(descriptionForStorageAreas("realms"))
|
||||
.expectedValues(StorageType.values())
|
||||
.buildTime(true)
|
||||
.build();
|
||||
|
||||
@@ -104,7 +100,6 @@ public class StorageOptions {
|
||||
public static final Option<StorageType> STORAGE_CLIENT_STORE = new OptionBuilder<>("storage-area-client", StorageType.class)
|
||||
.category(OptionCategory.STORAGE)
|
||||
.description(descriptionForStorageAreas("clients"))
|
||||
.expectedValues(StorageType.values())
|
||||
.buildTime(true)
|
||||
.build();
|
||||
|
||||
@@ -117,7 +112,6 @@ public class StorageOptions {
|
||||
public static final Option<StorageType> STORAGE_CLIENT_SCOPE_STORE = new OptionBuilder<>("storage-area-client-scope", StorageType.class)
|
||||
.category(OptionCategory.STORAGE)
|
||||
.description(descriptionForStorageAreas("client scopes"))
|
||||
.expectedValues(StorageType.values())
|
||||
.buildTime(true)
|
||||
.build();
|
||||
|
||||
@@ -130,7 +124,6 @@ public class StorageOptions {
|
||||
public static final Option<StorageType> STORAGE_GROUP_STORE = new OptionBuilder<>("storage-area-group", StorageType.class)
|
||||
.category(OptionCategory.STORAGE)
|
||||
.description(descriptionForStorageAreas("groups"))
|
||||
.expectedValues(StorageType.values())
|
||||
.buildTime(true)
|
||||
.build();
|
||||
|
||||
@@ -143,7 +136,6 @@ public class StorageOptions {
|
||||
public static final Option<StorageType> STORAGE_ROLE_STORE = new OptionBuilder<>("storage-area-role", StorageType.class)
|
||||
.category(OptionCategory.STORAGE)
|
||||
.description(descriptionForStorageAreas("roles"))
|
||||
.expectedValues(StorageType.values())
|
||||
.buildTime(true)
|
||||
.build();
|
||||
|
||||
@@ -156,7 +148,6 @@ public class StorageOptions {
|
||||
public static final Option<StorageType> STORAGE_USER_STORE = new OptionBuilder<>("storage-area-user", StorageType.class)
|
||||
.category(OptionCategory.STORAGE)
|
||||
.description(descriptionForStorageAreas("users"))
|
||||
.expectedValues(StorageType.values())
|
||||
.buildTime(true)
|
||||
.build();
|
||||
|
||||
@@ -181,7 +172,6 @@ public class StorageOptions {
|
||||
public static final Option<StorageType> STORAGE_AUTH_SESSION_STORE = new OptionBuilder<>("storage-area-auth-session", StorageType.class)
|
||||
.category(OptionCategory.STORAGE)
|
||||
.description(descriptionForStorageAreas("authentication sessions"))
|
||||
.expectedValues(StorageType.values())
|
||||
.buildTime(true)
|
||||
.build();
|
||||
|
||||
@@ -194,7 +184,6 @@ public class StorageOptions {
|
||||
public static final Option<StorageType> STORAGE_USER_SESSION_STORE = new OptionBuilder<>("storage-area-user-session", StorageType.class)
|
||||
.category(OptionCategory.STORAGE)
|
||||
.description(descriptionForStorageAreas("user and client sessions"))
|
||||
.expectedValues(StorageType.values())
|
||||
.buildTime(true)
|
||||
.build();
|
||||
|
||||
@@ -207,7 +196,6 @@ public class StorageOptions {
|
||||
public static final Option<StorageType> STORAGE_LOGIN_FAILURE_STORE = new OptionBuilder<>("storage-area-login-failure", StorageType.class)
|
||||
.category(OptionCategory.STORAGE)
|
||||
.description(descriptionForStorageAreas("login failures"))
|
||||
.expectedValues(StorageType.values())
|
||||
.buildTime(true)
|
||||
.build();
|
||||
|
||||
@@ -220,7 +208,6 @@ public class StorageOptions {
|
||||
public static final Option<StorageType> STORAGE_AUTHORIZATION_STORE = new OptionBuilder<>("storage-area-authorization", StorageType.class)
|
||||
.category(OptionCategory.STORAGE)
|
||||
.description(descriptionForStorageAreas("authorizations"))
|
||||
.expectedValues(StorageType.values())
|
||||
.buildTime(true)
|
||||
.build();
|
||||
|
||||
@@ -239,7 +226,6 @@ public class StorageOptions {
|
||||
public static final Option<StorageType> STORAGE_ACTION_TOKEN_STORE = new OptionBuilder<>("storage-area-action-token", StorageType.class)
|
||||
.category(OptionCategory.STORAGE)
|
||||
.description(descriptionForStorageAreas("action tokens"))
|
||||
.expectedValues(StorageType.values())
|
||||
.buildTime(true)
|
||||
.build();
|
||||
|
||||
@@ -288,7 +274,6 @@ public class StorageOptions {
|
||||
public static final Option<StorageType> STORAGE_SINGLE_USE_OBJECT_STORE = new OptionBuilder<>("storage-area-single-use-object", StorageType.class)
|
||||
.category(OptionCategory.STORAGE)
|
||||
.description(descriptionForStorageAreas("single use objects"))
|
||||
.expectedValues(StorageType.values())
|
||||
.buildTime(true)
|
||||
.build();
|
||||
|
||||
@@ -346,12 +331,11 @@ public class StorageOptions {
|
||||
public static final Option<String> STORAGE_HOTROD_CACHE_REINDEX = new OptionBuilder<>("storage-hotrod-cache-reindex", String.class)
|
||||
.category(OptionCategory.STORAGE)
|
||||
.defaultValue("all")
|
||||
.expectedValues(Stream.concat(Stream.of("all"), AutogeneratedHotRodDescriptors.ENTITY_DESCRIPTOR_MAP.values().stream().map(HotRodEntityDescriptor::getCacheName).distinct()).collect(Collectors.toList()))
|
||||
.expectedValues(StorageOptions::getExpectedCacheNames)
|
||||
.description("List of cache names that should be indexed on Keycloak startup. Defaulting to `all` which means all caches are reindexed.")
|
||||
.hidden()
|
||||
.build();
|
||||
|
||||
|
||||
public static final List<Option<?>> ALL_OPTIONS = List.of(
|
||||
STORAGE,
|
||||
STORAGE_EVENT_ADMIN_STORE,
|
||||
@@ -377,10 +361,14 @@ public class StorageOptions {
|
||||
);
|
||||
|
||||
private static String descriptionForStorageAreas(String areaAsText) {
|
||||
return String.format("Sets a storage mechanism for %s. Possible values are: %s.", areaAsText, storageAreas());
|
||||
return "Sets a storage mechanism for " + areaAsText + ".";
|
||||
}
|
||||
|
||||
private static String storageAreas() {
|
||||
return String.join(",", Arrays.stream(StorageType.values()).map(StorageType::name).collect(Collectors.joining(", ")));
|
||||
}
|
||||
|
||||
private static List<String> getExpectedCacheNames() {
|
||||
return Stream.concat(Stream.of("all"), AutogeneratedHotRodDescriptors.ENTITY_DESCRIPTOR_MAP.values().stream().map(HotRodEntityDescriptor::getCacheName).distinct()).collect(Collectors.toList());
|
||||
}
|
||||
}
|
||||
|
||||
@@ -10,7 +10,6 @@ public class TransactionOptions {
|
||||
.description("If set to false, Keycloak uses a non-XA datasource in case the database does not support XA transactions.")
|
||||
.buildTime(true)
|
||||
.defaultValue(Boolean.TRUE)
|
||||
.expectedValues(Boolean.TRUE, Boolean.FALSE)
|
||||
.build();
|
||||
|
||||
public static final Option<Boolean> TRANSACTION_JTA_ENABLED = new OptionBuilder<>("transaction-jta-enabled", Boolean.class)
|
||||
@@ -18,7 +17,6 @@ public class TransactionOptions {
|
||||
.description("Set if distributed transactions are supported. If set to false, transactions are managed by the server and can not be joined if multiple data sources are used. By default, distributed transactions are enabled and only XA data sources can be used.")
|
||||
.buildTime(true)
|
||||
.hidden()
|
||||
.expectedValues(Boolean.TRUE, Boolean.FALSE)
|
||||
.build();
|
||||
|
||||
public static final List<Option<?>> ALL_OPTIONS = new ArrayList<>();
|
||||
|
||||
@@ -16,7 +16,6 @@ public class VaultOptions {
|
||||
.category(OptionCategory.VAULT)
|
||||
.description("Enables a vault provider.")
|
||||
.buildTime(true)
|
||||
.expectedValues(Provider.values())
|
||||
.build();
|
||||
|
||||
public static final Option VAULT_DIR = new OptionBuilder<>("vault-dir", File.class)
|
||||
|
||||
@@ -24,6 +24,7 @@ import java.util.Locale;
|
||||
import java.util.Map;
|
||||
import java.util.Optional;
|
||||
import java.util.function.Function;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
import static java.util.Arrays.asList;
|
||||
|
||||
@@ -93,8 +94,8 @@ public final class Database {
|
||||
return Optional.of(vendor.dialect.apply(alias));
|
||||
}
|
||||
|
||||
public static String[] getAliases() {
|
||||
return DATABASES.keySet().stream().sorted().toArray(String[]::new);
|
||||
public static List<String> getAliases() {
|
||||
return DATABASES.keySet().stream().sorted().collect(Collectors.toList());
|
||||
}
|
||||
|
||||
public enum Vendor {
|
||||
|
||||
@@ -18,6 +18,7 @@
|
||||
package org.keycloak.quarkus.runtime;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
import java.util.stream.Collectors;
|
||||
import org.jboss.logging.Logger;
|
||||
@@ -30,7 +31,7 @@ public final class Messages {
|
||||
|
||||
}
|
||||
|
||||
public static IllegalArgumentException invalidDatabaseVendor(String db, String... availableOptions) {
|
||||
public static IllegalArgumentException invalidDatabaseVendor(String db, List<String> availableOptions) {
|
||||
return new IllegalArgumentException("Invalid database vendor [" + db + "]. Possible values are: " + String.join(", ", availableOptions) + ".");
|
||||
}
|
||||
|
||||
|
||||
@@ -20,6 +20,9 @@ package org.keycloak.quarkus.runtime.cli;
|
||||
import static org.keycloak.quarkus.runtime.cli.Picocli.NO_PARAM_LABEL;
|
||||
import static picocli.CommandLine.Help.Ansi.OFF;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.stream.Collectors;
|
||||
import java.util.stream.StreamSupport;
|
||||
import org.keycloak.utils.StringUtil;
|
||||
|
||||
import picocli.CommandLine;
|
||||
@@ -66,6 +69,15 @@ public class OptionRenderer implements CommandLine.Help.IOptionRenderer {
|
||||
private Text formatDescription(String[] descriptions, OptionSpec option, ColorScheme scheme) {
|
||||
String description = descriptions[0];
|
||||
String defaultValue = option.defaultValue();
|
||||
Iterable<String> completionCandidates = option.completionCandidates();
|
||||
|
||||
if (!option.type().equals(Boolean.class) && completionCandidates != null) {
|
||||
List<String> expectedValues = StreamSupport.stream(completionCandidates.spliterator(), false).collect(Collectors.toList());
|
||||
|
||||
if (!expectedValues.isEmpty()) {
|
||||
description = description + " Possible values are: " + String.join(", ", expectedValues) + ".";
|
||||
}
|
||||
}
|
||||
|
||||
if (defaultValue != null) {
|
||||
description = description + " Default: " + defaultValue + ".";
|
||||
|
||||
@@ -425,12 +425,15 @@ public final class Picocli {
|
||||
continue;
|
||||
}
|
||||
|
||||
Iterable<String> expectedValues = mapper.getExpectedValues();
|
||||
|
||||
OptionSpec.Builder optBuilder = OptionSpec.builder(name)
|
||||
.description(description)
|
||||
.paramLabel(mapper.getParamLabel())
|
||||
.completionCandidates(expectedValues)
|
||||
.completionCandidates(new Iterable<String>() {
|
||||
@Override
|
||||
public Iterator<String> iterator() {
|
||||
return mapper.getExpectedValues().iterator();
|
||||
}
|
||||
})
|
||||
.parameterConsumer(PropertyMapperParameterConsumer.INSTANCE)
|
||||
.hidden(mapper.isHidden());
|
||||
|
||||
|
||||
@@ -156,7 +156,7 @@ public class PropertyMapper<T> {
|
||||
public String getDescription() { return this.option.getDescription(); }
|
||||
|
||||
public List<String> getExpectedValues() {
|
||||
return this.option.getExpectedValues().stream().map(v -> v.toString()).collect(Collectors.toList());
|
||||
return this.option.getExpectedValues();
|
||||
}
|
||||
|
||||
public Optional<T> getDefaultValue() { return this.option.getDefaultValue(); }
|
||||
|
||||
@@ -21,13 +21,14 @@ Cache:
|
||||
--cache <type> Defines the cache mechanism for high-availability. By default, a 'ispn' cache
|
||||
is used to create a cluster between multiple server nodes. A 'local' cache
|
||||
disables clustering and is intended for development and testing purposes.
|
||||
Default: ispn.
|
||||
Possible values are: ispn, local. Default: ispn.
|
||||
--cache-config-file <file>
|
||||
Defines the file from which cache configuration should be loaded from. The
|
||||
configuration file is relative to the 'conf/' directory.
|
||||
--cache-stack <stack>
|
||||
Define the default stack to use for cluster communication and node discovery.
|
||||
This option only takes effect if 'cache' is set to 'ispn'. Default: udp.
|
||||
Possible values are: tcp, udp, kubernetes, ec2, azure, google.
|
||||
|
||||
Database:
|
||||
|
||||
@@ -42,9 +43,19 @@ Transaction:
|
||||
|
||||
Feature:
|
||||
|
||||
--features <feature> Enables a set of one or more features.
|
||||
--features <feature> Enables a set of one or more features. Possible values are: authorization,
|
||||
account2, account-api, admin-fine-grained-authz, admin2, docker,
|
||||
impersonation, openshift-integration, scripts, token-exchange, web-authn,
|
||||
client-policies, ciba, map-storage, par, declarative-user-profile,
|
||||
dynamic-scopes, client-secret-rotation, step-up-authentication,
|
||||
recovery-codes, update-email, preview.
|
||||
--features-disabled <feature>
|
||||
Disables a set of one or more features.
|
||||
Disables a set of one or more features. Possible values are: authorization,
|
||||
account2, account-api, admin-fine-grained-authz, admin2, docker,
|
||||
impersonation, openshift-integration, scripts, token-exchange, web-authn,
|
||||
client-policies, ciba, map-storage, par, declarative-user-profile,
|
||||
dynamic-scopes, client-secret-rotation, step-up-authentication,
|
||||
recovery-codes, update-email, preview.
|
||||
|
||||
HTTP/TLS:
|
||||
|
||||
@@ -66,7 +77,7 @@ Metrics:
|
||||
|
||||
Vault:
|
||||
|
||||
--vault <provider> Enables a vault provider.
|
||||
--vault <provider> Enables a vault provider. Possible values are: file, hashicorp.
|
||||
|
||||
Examples:
|
||||
|
||||
|
||||
@@ -21,13 +21,14 @@ Cache:
|
||||
--cache <type> Defines the cache mechanism for high-availability. By default, a 'ispn' cache
|
||||
is used to create a cluster between multiple server nodes. A 'local' cache
|
||||
disables clustering and is intended for development and testing purposes.
|
||||
Default: ispn.
|
||||
Possible values are: ispn, local. Default: ispn.
|
||||
--cache-config-file <file>
|
||||
Defines the file from which cache configuration should be loaded from. The
|
||||
configuration file is relative to the 'conf/' directory.
|
||||
--cache-stack <stack>
|
||||
Define the default stack to use for cluster communication and node discovery.
|
||||
This option only takes effect if 'cache' is set to 'ispn'. Default: udp.
|
||||
Possible values are: tcp, udp, kubernetes, ec2, azure, google.
|
||||
|
||||
Database:
|
||||
|
||||
@@ -42,9 +43,19 @@ Transaction:
|
||||
|
||||
Feature:
|
||||
|
||||
--features <feature> Enables a set of one or more features.
|
||||
--features <feature> Enables a set of one or more features. Possible values are: authorization,
|
||||
account2, account-api, admin-fine-grained-authz, admin2, docker,
|
||||
impersonation, openshift-integration, scripts, token-exchange, web-authn,
|
||||
client-policies, ciba, map-storage, par, declarative-user-profile,
|
||||
dynamic-scopes, client-secret-rotation, step-up-authentication,
|
||||
recovery-codes, update-email, preview.
|
||||
--features-disabled <feature>
|
||||
Disables a set of one or more features.
|
||||
Disables a set of one or more features. Possible values are: authorization,
|
||||
account2, account-api, admin-fine-grained-authz, admin2, docker,
|
||||
impersonation, openshift-integration, scripts, token-exchange, web-authn,
|
||||
client-policies, ciba, map-storage, par, declarative-user-profile,
|
||||
dynamic-scopes, client-secret-rotation, step-up-authentication,
|
||||
recovery-codes, update-email, preview.
|
||||
|
||||
HTTP/TLS:
|
||||
|
||||
@@ -66,7 +77,7 @@ Metrics:
|
||||
|
||||
Vault:
|
||||
|
||||
--vault <provider> Enables a vault provider.
|
||||
--vault <provider> Enables a vault provider. Possible values are: file, hashicorp.
|
||||
|
||||
Examples:
|
||||
|
||||
|
||||
@@ -19,13 +19,14 @@ Cache:
|
||||
--cache <type> Defines the cache mechanism for high-availability. By default, a 'ispn' cache
|
||||
is used to create a cluster between multiple server nodes. A 'local' cache
|
||||
disables clustering and is intended for development and testing purposes.
|
||||
Default: ispn.
|
||||
Possible values are: ispn, local. Default: ispn.
|
||||
--cache-config-file <file>
|
||||
Defines the file from which cache configuration should be loaded from. The
|
||||
configuration file is relative to the 'conf/' directory.
|
||||
--cache-stack <stack>
|
||||
Define the default stack to use for cluster communication and node discovery.
|
||||
This option only takes effect if 'cache' is set to 'ispn'. Default: udp.
|
||||
Possible values are: tcp, udp, kubernetes, ec2, azure, google.
|
||||
|
||||
Database:
|
||||
|
||||
@@ -65,9 +66,19 @@ Transaction:
|
||||
|
||||
Feature:
|
||||
|
||||
--features <feature> Enables a set of one or more features.
|
||||
--features <feature> Enables a set of one or more features. Possible values are: authorization,
|
||||
account2, account-api, admin-fine-grained-authz, admin2, docker,
|
||||
impersonation, openshift-integration, scripts, token-exchange, web-authn,
|
||||
client-policies, ciba, map-storage, par, declarative-user-profile,
|
||||
dynamic-scopes, client-secret-rotation, step-up-authentication,
|
||||
recovery-codes, update-email, preview.
|
||||
--features-disabled <feature>
|
||||
Disables a set of one or more features.
|
||||
Disables a set of one or more features. Possible values are: authorization,
|
||||
account2, account-api, admin-fine-grained-authz, admin2, docker,
|
||||
impersonation, openshift-integration, scripts, token-exchange, web-authn,
|
||||
client-policies, ciba, map-storage, par, declarative-user-profile,
|
||||
dynamic-scopes, client-secret-rotation, step-up-authentication,
|
||||
recovery-codes, update-email, preview.
|
||||
|
||||
Hostname:
|
||||
|
||||
@@ -107,7 +118,7 @@ HTTP/TLS:
|
||||
The cipher suites to use. If none is given, a reasonable default is selected.
|
||||
--https-client-auth <auth>
|
||||
Configures the server to require/request client authentication. Possible
|
||||
Values: none, request, required. Default: none.
|
||||
values are: none, request, required. Default: none.
|
||||
--https-key-store-file <file>
|
||||
The key store which holds the certificate information instead of specifying
|
||||
separate files.
|
||||
@@ -144,18 +155,18 @@ Metrics:
|
||||
Proxy:
|
||||
|
||||
--proxy <mode> The proxy address forwarding mode if the server is behind a reverse proxy.
|
||||
Possible values are: edge,reencrypt,passthrough Default: none.
|
||||
Possible values are: none, edge, reencrypt, passthrough. Default: none.
|
||||
|
||||
Vault:
|
||||
|
||||
--vault <provider> Enables a vault provider.
|
||||
--vault <provider> Enables a vault provider. Possible values are: file, hashicorp.
|
||||
--vault-dir <dir> If set, secrets can be obtained by reading the content of files within the
|
||||
given directory.
|
||||
|
||||
Logging:
|
||||
|
||||
--log <handler> Enable one or more log handlers in a comma-separated list. Available log
|
||||
handlers are: console,file,gelf Default: console.
|
||||
--log <handler> Enable one or more log handlers in a comma-separated list. Possible values
|
||||
are: console, file, gelf. Default: console.
|
||||
--log-console-color <true|false>
|
||||
Enable or disable colors when logging to console. Default: false.
|
||||
--log-console-format <format>
|
||||
@@ -163,8 +174,8 @@ Logging:
|
||||
it, escape the value using "<format>". Default: %d{yyyy-MM-dd HH:mm:ss,SSS} %
|
||||
-5p [%c] (%t) %s%e%n.
|
||||
--log-console-output <default|json>
|
||||
Set the log output to JSON or default (plain) unstructured logging. Default:
|
||||
default.
|
||||
Set the log output to JSON or default (plain) unstructured logging. Possible
|
||||
values are: default, json. Default: default.
|
||||
--log-file <path>/<file-name>.log
|
||||
Set the log file path and filename. Default: data/log/keycloak.log.
|
||||
--log-file-format <format>
|
||||
|
||||
@@ -19,13 +19,14 @@ Cache:
|
||||
--cache <type> Defines the cache mechanism for high-availability. By default, a 'ispn' cache
|
||||
is used to create a cluster between multiple server nodes. A 'local' cache
|
||||
disables clustering and is intended for development and testing purposes.
|
||||
Default: ispn.
|
||||
Possible values are: ispn, local. Default: ispn.
|
||||
--cache-config-file <file>
|
||||
Defines the file from which cache configuration should be loaded from. The
|
||||
configuration file is relative to the 'conf/' directory.
|
||||
--cache-stack <stack>
|
||||
Define the default stack to use for cluster communication and node discovery.
|
||||
This option only takes effect if 'cache' is set to 'ispn'. Default: udp.
|
||||
Possible values are: tcp, udp, kubernetes, ec2, azure, google.
|
||||
|
||||
Database:
|
||||
|
||||
@@ -65,9 +66,19 @@ Transaction:
|
||||
|
||||
Feature:
|
||||
|
||||
--features <feature> Enables a set of one or more features.
|
||||
--features <feature> Enables a set of one or more features. Possible values are: authorization,
|
||||
account2, account-api, admin-fine-grained-authz, admin2, docker,
|
||||
impersonation, openshift-integration, scripts, token-exchange, web-authn,
|
||||
client-policies, ciba, map-storage, par, declarative-user-profile,
|
||||
dynamic-scopes, client-secret-rotation, step-up-authentication,
|
||||
recovery-codes, update-email, preview.
|
||||
--features-disabled <feature>
|
||||
Disables a set of one or more features.
|
||||
Disables a set of one or more features. Possible values are: authorization,
|
||||
account2, account-api, admin-fine-grained-authz, admin2, docker,
|
||||
impersonation, openshift-integration, scripts, token-exchange, web-authn,
|
||||
client-policies, ciba, map-storage, par, declarative-user-profile,
|
||||
dynamic-scopes, client-secret-rotation, step-up-authentication,
|
||||
recovery-codes, update-email, preview.
|
||||
|
||||
Hostname:
|
||||
|
||||
@@ -107,7 +118,7 @@ HTTP/TLS:
|
||||
The cipher suites to use. If none is given, a reasonable default is selected.
|
||||
--https-client-auth <auth>
|
||||
Configures the server to require/request client authentication. Possible
|
||||
Values: none, request, required. Default: none.
|
||||
values are: none, request, required. Default: none.
|
||||
--https-key-store-file <file>
|
||||
The key store which holds the certificate information instead of specifying
|
||||
separate files.
|
||||
@@ -144,18 +155,18 @@ Metrics:
|
||||
Proxy:
|
||||
|
||||
--proxy <mode> The proxy address forwarding mode if the server is behind a reverse proxy.
|
||||
Possible values are: edge,reencrypt,passthrough Default: none.
|
||||
Possible values are: none, edge, reencrypt, passthrough. Default: none.
|
||||
|
||||
Vault:
|
||||
|
||||
--vault <provider> Enables a vault provider.
|
||||
--vault <provider> Enables a vault provider. Possible values are: file, hashicorp.
|
||||
--vault-dir <dir> If set, secrets can be obtained by reading the content of files within the
|
||||
given directory.
|
||||
|
||||
Logging:
|
||||
|
||||
--log <handler> Enable one or more log handlers in a comma-separated list. Available log
|
||||
handlers are: console,file,gelf Default: console.
|
||||
--log <handler> Enable one or more log handlers in a comma-separated list. Possible values
|
||||
are: console, file, gelf. Default: console.
|
||||
--log-console-color <true|false>
|
||||
Enable or disable colors when logging to console. Default: false.
|
||||
--log-console-format <format>
|
||||
@@ -163,10 +174,10 @@ Logging:
|
||||
it, escape the value using "<format>". Default: %d{yyyy-MM-dd HH:mm:ss,SSS} %
|
||||
-5p [%c] (%t) %s%e%n.
|
||||
--log-console-output <default|json>
|
||||
Set the log output to JSON or default (plain) unstructured logging. Default:
|
||||
default.
|
||||
Set the log output to JSON or default (plain) unstructured logging. Possible
|
||||
values are: default, json. Default: default.
|
||||
--log-file <path>/<file-name>.log
|
||||
Set the log file path and filename. Default: data\log\keycloak.log.
|
||||
Set the log file path and filename. Default: data/log/keycloak.log.
|
||||
--log-file-format <format>
|
||||
Set a format specific to file log entries. Default: %d{yyyy-MM-dd HH:mm:ss,
|
||||
SSS} %-5p [%c] (%t) %s%e%n.
|
||||
|
||||
@@ -19,13 +19,14 @@ Cache:
|
||||
--cache <type> Defines the cache mechanism for high-availability. By default, a 'ispn' cache
|
||||
is used to create a cluster between multiple server nodes. A 'local' cache
|
||||
disables clustering and is intended for development and testing purposes.
|
||||
Default: ispn.
|
||||
Possible values are: ispn, local. Default: ispn.
|
||||
--cache-config-file <file>
|
||||
Defines the file from which cache configuration should be loaded from. The
|
||||
configuration file is relative to the 'conf/' directory.
|
||||
--cache-stack <stack>
|
||||
Define the default stack to use for cluster communication and node discovery.
|
||||
This option only takes effect if 'cache' is set to 'ispn'. Default: udp.
|
||||
Possible values are: tcp, udp, kubernetes, ec2, azure, google.
|
||||
|
||||
Storage (Experimental):
|
||||
|
||||
@@ -126,9 +127,19 @@ Transaction:
|
||||
|
||||
Feature:
|
||||
|
||||
--features <feature> Enables a set of one or more features.
|
||||
--features <feature> Enables a set of one or more features. Possible values are: authorization,
|
||||
account2, account-api, admin-fine-grained-authz, admin2, docker,
|
||||
impersonation, openshift-integration, scripts, token-exchange, web-authn,
|
||||
client-policies, ciba, map-storage, par, declarative-user-profile,
|
||||
dynamic-scopes, client-secret-rotation, step-up-authentication,
|
||||
recovery-codes, update-email, preview.
|
||||
--features-disabled <feature>
|
||||
Disables a set of one or more features.
|
||||
Disables a set of one or more features. Possible values are: authorization,
|
||||
account2, account-api, admin-fine-grained-authz, admin2, docker,
|
||||
impersonation, openshift-integration, scripts, token-exchange, web-authn,
|
||||
client-policies, ciba, map-storage, par, declarative-user-profile,
|
||||
dynamic-scopes, client-secret-rotation, step-up-authentication,
|
||||
recovery-codes, update-email, preview.
|
||||
|
||||
Hostname:
|
||||
|
||||
@@ -168,7 +179,7 @@ HTTP/TLS:
|
||||
The cipher suites to use. If none is given, a reasonable default is selected.
|
||||
--https-client-auth <auth>
|
||||
Configures the server to require/request client authentication. Possible
|
||||
Values: none, request, required. Default: none.
|
||||
values are: none, request, required. Default: none.
|
||||
--https-key-store-file <file>
|
||||
The key store which holds the certificate information instead of specifying
|
||||
separate files.
|
||||
@@ -205,18 +216,18 @@ Metrics:
|
||||
Proxy:
|
||||
|
||||
--proxy <mode> The proxy address forwarding mode if the server is behind a reverse proxy.
|
||||
Possible values are: edge,reencrypt,passthrough Default: none.
|
||||
Possible values are: none, edge, reencrypt, passthrough. Default: none.
|
||||
|
||||
Vault:
|
||||
|
||||
--vault <provider> Enables a vault provider.
|
||||
--vault <provider> Enables a vault provider. Possible values are: file, hashicorp.
|
||||
--vault-dir <dir> If set, secrets can be obtained by reading the content of files within the
|
||||
given directory.
|
||||
|
||||
Logging:
|
||||
|
||||
--log <handler> Enable one or more log handlers in a comma-separated list. Available log
|
||||
handlers are: console,file,gelf Default: console.
|
||||
--log <handler> Enable one or more log handlers in a comma-separated list. Possible values
|
||||
are: console, file, gelf. Default: console.
|
||||
--log-console-color <true|false>
|
||||
Enable or disable colors when logging to console. Default: false.
|
||||
--log-console-format <format>
|
||||
@@ -224,8 +235,8 @@ Logging:
|
||||
it, escape the value using "<format>". Default: %d{yyyy-MM-dd HH:mm:ss,SSS} %
|
||||
-5p [%c] (%t) %s%e%n.
|
||||
--log-console-output <default|json>
|
||||
Set the log output to JSON or default (plain) unstructured logging. Default:
|
||||
default.
|
||||
Set the log output to JSON or default (plain) unstructured logging. Possible
|
||||
values are: default, json. Default: default.
|
||||
--log-file <path>/<file-name>.log
|
||||
Set the log file path and filename. Default: data/log/keycloak.log.
|
||||
--log-file-format <format>
|
||||
|
||||
@@ -19,13 +19,14 @@ Cache:
|
||||
--cache <type> Defines the cache mechanism for high-availability. By default, a 'ispn' cache
|
||||
is used to create a cluster between multiple server nodes. A 'local' cache
|
||||
disables clustering and is intended for development and testing purposes.
|
||||
Default: ispn.
|
||||
Possible values are: ispn, local. Default: ispn.
|
||||
--cache-config-file <file>
|
||||
Defines the file from which cache configuration should be loaded from. The
|
||||
configuration file is relative to the 'conf/' directory.
|
||||
--cache-stack <stack>
|
||||
Define the default stack to use for cluster communication and node discovery.
|
||||
This option only takes effect if 'cache' is set to 'ispn'. Default: udp.
|
||||
Possible values are: tcp, udp, kubernetes, ec2, azure, google.
|
||||
|
||||
Storage (Experimental):
|
||||
|
||||
@@ -126,9 +127,19 @@ Transaction:
|
||||
|
||||
Feature:
|
||||
|
||||
--features <feature> Enables a set of one or more features.
|
||||
--features <feature> Enables a set of one or more features. Possible values are: authorization,
|
||||
account2, account-api, admin-fine-grained-authz, admin2, docker,
|
||||
impersonation, openshift-integration, scripts, token-exchange, web-authn,
|
||||
client-policies, ciba, map-storage, par, declarative-user-profile,
|
||||
dynamic-scopes, client-secret-rotation, step-up-authentication,
|
||||
recovery-codes, update-email, preview.
|
||||
--features-disabled <feature>
|
||||
Disables a set of one or more features.
|
||||
Disables a set of one or more features. Possible values are: authorization,
|
||||
account2, account-api, admin-fine-grained-authz, admin2, docker,
|
||||
impersonation, openshift-integration, scripts, token-exchange, web-authn,
|
||||
client-policies, ciba, map-storage, par, declarative-user-profile,
|
||||
dynamic-scopes, client-secret-rotation, step-up-authentication,
|
||||
recovery-codes, update-email, preview.
|
||||
|
||||
Hostname:
|
||||
|
||||
@@ -168,7 +179,7 @@ HTTP/TLS:
|
||||
The cipher suites to use. If none is given, a reasonable default is selected.
|
||||
--https-client-auth <auth>
|
||||
Configures the server to require/request client authentication. Possible
|
||||
Values: none, request, required. Default: none.
|
||||
values are: none, request, required. Default: none.
|
||||
--https-key-store-file <file>
|
||||
The key store which holds the certificate information instead of specifying
|
||||
separate files.
|
||||
@@ -205,18 +216,18 @@ Metrics:
|
||||
Proxy:
|
||||
|
||||
--proxy <mode> The proxy address forwarding mode if the server is behind a reverse proxy.
|
||||
Possible values are: edge,reencrypt,passthrough Default: none.
|
||||
Possible values are: none, edge, reencrypt, passthrough. Default: none.
|
||||
|
||||
Vault:
|
||||
|
||||
--vault <provider> Enables a vault provider.
|
||||
--vault <provider> Enables a vault provider. Possible values are: file, hashicorp.
|
||||
--vault-dir <dir> If set, secrets can be obtained by reading the content of files within the
|
||||
given directory.
|
||||
|
||||
Logging:
|
||||
|
||||
--log <handler> Enable one or more log handlers in a comma-separated list. Available log
|
||||
handlers are: console,file,gelf Default: console.
|
||||
--log <handler> Enable one or more log handlers in a comma-separated list. Possible values
|
||||
are: console, file, gelf. Default: console.
|
||||
--log-console-color <true|false>
|
||||
Enable or disable colors when logging to console. Default: false.
|
||||
--log-console-format <format>
|
||||
@@ -224,10 +235,10 @@ Logging:
|
||||
it, escape the value using "<format>". Default: %d{yyyy-MM-dd HH:mm:ss,SSS} %
|
||||
-5p [%c] (%t) %s%e%n.
|
||||
--log-console-output <default|json>
|
||||
Set the log output to JSON or default (plain) unstructured logging. Default:
|
||||
default.
|
||||
Set the log output to JSON or default (plain) unstructured logging. Possible
|
||||
values are: default, json. Default: default.
|
||||
--log-file <path>/<file-name>.log
|
||||
Set the log file path and filename. Default: data\log\keycloak.log.
|
||||
Set the log file path and filename. Default: data/log/keycloak.log.
|
||||
--log-file-format <format>
|
||||
Set a format specific to file log entries. Default: %d{yyyy-MM-dd HH:mm:ss,
|
||||
SSS} %-5p [%c] (%t) %s%e%n.
|
||||
|
||||
@@ -25,13 +25,14 @@ Cache:
|
||||
--cache <type> Defines the cache mechanism for high-availability. By default, a 'ispn' cache
|
||||
is used to create a cluster between multiple server nodes. A 'local' cache
|
||||
disables clustering and is intended for development and testing purposes.
|
||||
Default: ispn.
|
||||
Possible values are: ispn, local. Default: ispn.
|
||||
--cache-config-file <file>
|
||||
Defines the file from which cache configuration should be loaded from. The
|
||||
configuration file is relative to the 'conf/' directory.
|
||||
--cache-stack <stack>
|
||||
Define the default stack to use for cluster communication and node discovery.
|
||||
This option only takes effect if 'cache' is set to 'ispn'. Default: udp.
|
||||
Possible values are: tcp, udp, kubernetes, ec2, azure, google.
|
||||
|
||||
Database:
|
||||
|
||||
@@ -71,9 +72,19 @@ Transaction:
|
||||
|
||||
Feature:
|
||||
|
||||
--features <feature> Enables a set of one or more features.
|
||||
--features <feature> Enables a set of one or more features. Possible values are: authorization,
|
||||
account2, account-api, admin-fine-grained-authz, admin2, docker,
|
||||
impersonation, openshift-integration, scripts, token-exchange, web-authn,
|
||||
client-policies, ciba, map-storage, par, declarative-user-profile,
|
||||
dynamic-scopes, client-secret-rotation, step-up-authentication,
|
||||
recovery-codes, update-email, preview.
|
||||
--features-disabled <feature>
|
||||
Disables a set of one or more features.
|
||||
Disables a set of one or more features. Possible values are: authorization,
|
||||
account2, account-api, admin-fine-grained-authz, admin2, docker,
|
||||
impersonation, openshift-integration, scripts, token-exchange, web-authn,
|
||||
client-policies, ciba, map-storage, par, declarative-user-profile,
|
||||
dynamic-scopes, client-secret-rotation, step-up-authentication,
|
||||
recovery-codes, update-email, preview.
|
||||
|
||||
Hostname:
|
||||
|
||||
@@ -113,7 +124,7 @@ HTTP/TLS:
|
||||
The cipher suites to use. If none is given, a reasonable default is selected.
|
||||
--https-client-auth <auth>
|
||||
Configures the server to require/request client authentication. Possible
|
||||
Values: none, request, required. Default: none.
|
||||
values are: none, request, required. Default: none.
|
||||
--https-key-store-file <file>
|
||||
The key store which holds the certificate information instead of specifying
|
||||
separate files.
|
||||
@@ -150,18 +161,18 @@ Metrics:
|
||||
Proxy:
|
||||
|
||||
--proxy <mode> The proxy address forwarding mode if the server is behind a reverse proxy.
|
||||
Possible values are: edge,reencrypt,passthrough Default: none.
|
||||
Possible values are: none, edge, reencrypt, passthrough. Default: none.
|
||||
|
||||
Vault:
|
||||
|
||||
--vault <provider> Enables a vault provider.
|
||||
--vault <provider> Enables a vault provider. Possible values are: file, hashicorp.
|
||||
--vault-dir <dir> If set, secrets can be obtained by reading the content of files within the
|
||||
given directory.
|
||||
|
||||
Logging:
|
||||
|
||||
--log <handler> Enable one or more log handlers in a comma-separated list. Available log
|
||||
handlers are: console,file,gelf Default: console.
|
||||
--log <handler> Enable one or more log handlers in a comma-separated list. Possible values
|
||||
are: console, file, gelf. Default: console.
|
||||
--log-console-color <true|false>
|
||||
Enable or disable colors when logging to console. Default: false.
|
||||
--log-console-format <format>
|
||||
@@ -169,8 +180,8 @@ Logging:
|
||||
it, escape the value using "<format>". Default: %d{yyyy-MM-dd HH:mm:ss,SSS} %
|
||||
-5p [%c] (%t) %s%e%n.
|
||||
--log-console-output <default|json>
|
||||
Set the log output to JSON or default (plain) unstructured logging. Default:
|
||||
default.
|
||||
Set the log output to JSON or default (plain) unstructured logging. Possible
|
||||
values are: default, json. Default: default.
|
||||
--log-file <path>/<file-name>.log
|
||||
Set the log file path and filename. Default: data/log/keycloak.log.
|
||||
--log-file-format <format>
|
||||
|
||||
@@ -25,13 +25,14 @@ Cache:
|
||||
--cache <type> Defines the cache mechanism for high-availability. By default, a 'ispn' cache
|
||||
is used to create a cluster between multiple server nodes. A 'local' cache
|
||||
disables clustering and is intended for development and testing purposes.
|
||||
Default: ispn.
|
||||
Possible values are: ispn, local. Default: ispn.
|
||||
--cache-config-file <file>
|
||||
Defines the file from which cache configuration should be loaded from. The
|
||||
configuration file is relative to the 'conf/' directory.
|
||||
--cache-stack <stack>
|
||||
Define the default stack to use for cluster communication and node discovery.
|
||||
This option only takes effect if 'cache' is set to 'ispn'. Default: udp.
|
||||
Possible values are: tcp, udp, kubernetes, ec2, azure, google.
|
||||
|
||||
Database:
|
||||
|
||||
@@ -71,9 +72,19 @@ Transaction:
|
||||
|
||||
Feature:
|
||||
|
||||
--features <feature> Enables a set of one or more features.
|
||||
--features <feature> Enables a set of one or more features. Possible values are: authorization,
|
||||
account2, account-api, admin-fine-grained-authz, admin2, docker,
|
||||
impersonation, openshift-integration, scripts, token-exchange, web-authn,
|
||||
client-policies, ciba, map-storage, par, declarative-user-profile,
|
||||
dynamic-scopes, client-secret-rotation, step-up-authentication,
|
||||
recovery-codes, update-email, preview.
|
||||
--features-disabled <feature>
|
||||
Disables a set of one or more features.
|
||||
Disables a set of one or more features. Possible values are: authorization,
|
||||
account2, account-api, admin-fine-grained-authz, admin2, docker,
|
||||
impersonation, openshift-integration, scripts, token-exchange, web-authn,
|
||||
client-policies, ciba, map-storage, par, declarative-user-profile,
|
||||
dynamic-scopes, client-secret-rotation, step-up-authentication,
|
||||
recovery-codes, update-email, preview.
|
||||
|
||||
Hostname:
|
||||
|
||||
@@ -113,7 +124,7 @@ HTTP/TLS:
|
||||
The cipher suites to use. If none is given, a reasonable default is selected.
|
||||
--https-client-auth <auth>
|
||||
Configures the server to require/request client authentication. Possible
|
||||
Values: none, request, required. Default: none.
|
||||
values are: none, request, required. Default: none.
|
||||
--https-key-store-file <file>
|
||||
The key store which holds the certificate information instead of specifying
|
||||
separate files.
|
||||
@@ -150,18 +161,18 @@ Metrics:
|
||||
Proxy:
|
||||
|
||||
--proxy <mode> The proxy address forwarding mode if the server is behind a reverse proxy.
|
||||
Possible values are: edge,reencrypt,passthrough Default: none.
|
||||
Possible values are: none, edge, reencrypt, passthrough. Default: none.
|
||||
|
||||
Vault:
|
||||
|
||||
--vault <provider> Enables a vault provider.
|
||||
--vault <provider> Enables a vault provider. Possible values are: file, hashicorp.
|
||||
--vault-dir <dir> If set, secrets can be obtained by reading the content of files within the
|
||||
given directory.
|
||||
|
||||
Logging:
|
||||
|
||||
--log <handler> Enable one or more log handlers in a comma-separated list. Available log
|
||||
handlers are: console,file,gelf Default: console.
|
||||
--log <handler> Enable one or more log handlers in a comma-separated list. Possible values
|
||||
are: console, file, gelf. Default: console.
|
||||
--log-console-color <true|false>
|
||||
Enable or disable colors when logging to console. Default: false.
|
||||
--log-console-format <format>
|
||||
@@ -169,10 +180,10 @@ Logging:
|
||||
it, escape the value using "<format>". Default: %d{yyyy-MM-dd HH:mm:ss,SSS} %
|
||||
-5p [%c] (%t) %s%e%n.
|
||||
--log-console-output <default|json>
|
||||
Set the log output to JSON or default (plain) unstructured logging. Default:
|
||||
default.
|
||||
Set the log output to JSON or default (plain) unstructured logging. Possible
|
||||
values are: default, json. Default: default.
|
||||
--log-file <path>/<file-name>.log
|
||||
Set the log file path and filename. Default: data\log\keycloak.log.
|
||||
Set the log file path and filename. Default: data/log/keycloak.log.
|
||||
--log-file-format <format>
|
||||
Set a format specific to file log entries. Default: %d{yyyy-MM-dd HH:mm:ss,
|
||||
SSS} %-5p [%c] (%t) %s%e%n.
|
||||
|
||||
@@ -25,13 +25,14 @@ Cache:
|
||||
--cache <type> Defines the cache mechanism for high-availability. By default, a 'ispn' cache
|
||||
is used to create a cluster between multiple server nodes. A 'local' cache
|
||||
disables clustering and is intended for development and testing purposes.
|
||||
Default: ispn.
|
||||
Possible values are: ispn, local. Default: ispn.
|
||||
--cache-config-file <file>
|
||||
Defines the file from which cache configuration should be loaded from. The
|
||||
configuration file is relative to the 'conf/' directory.
|
||||
--cache-stack <stack>
|
||||
Define the default stack to use for cluster communication and node discovery.
|
||||
This option only takes effect if 'cache' is set to 'ispn'. Default: udp.
|
||||
Possible values are: tcp, udp, kubernetes, ec2, azure, google.
|
||||
|
||||
Storage (Experimental):
|
||||
|
||||
@@ -132,9 +133,19 @@ Transaction:
|
||||
|
||||
Feature:
|
||||
|
||||
--features <feature> Enables a set of one or more features.
|
||||
--features <feature> Enables a set of one or more features. Possible values are: authorization,
|
||||
account2, account-api, admin-fine-grained-authz, admin2, docker,
|
||||
impersonation, openshift-integration, scripts, token-exchange, web-authn,
|
||||
client-policies, ciba, map-storage, par, declarative-user-profile,
|
||||
dynamic-scopes, client-secret-rotation, step-up-authentication,
|
||||
recovery-codes, update-email, preview.
|
||||
--features-disabled <feature>
|
||||
Disables a set of one or more features.
|
||||
Disables a set of one or more features. Possible values are: authorization,
|
||||
account2, account-api, admin-fine-grained-authz, admin2, docker,
|
||||
impersonation, openshift-integration, scripts, token-exchange, web-authn,
|
||||
client-policies, ciba, map-storage, par, declarative-user-profile,
|
||||
dynamic-scopes, client-secret-rotation, step-up-authentication,
|
||||
recovery-codes, update-email, preview.
|
||||
|
||||
Hostname:
|
||||
|
||||
@@ -174,7 +185,7 @@ HTTP/TLS:
|
||||
The cipher suites to use. If none is given, a reasonable default is selected.
|
||||
--https-client-auth <auth>
|
||||
Configures the server to require/request client authentication. Possible
|
||||
Values: none, request, required. Default: none.
|
||||
values are: none, request, required. Default: none.
|
||||
--https-key-store-file <file>
|
||||
The key store which holds the certificate information instead of specifying
|
||||
separate files.
|
||||
@@ -211,18 +222,18 @@ Metrics:
|
||||
Proxy:
|
||||
|
||||
--proxy <mode> The proxy address forwarding mode if the server is behind a reverse proxy.
|
||||
Possible values are: edge,reencrypt,passthrough Default: none.
|
||||
Possible values are: none, edge, reencrypt, passthrough. Default: none.
|
||||
|
||||
Vault:
|
||||
|
||||
--vault <provider> Enables a vault provider.
|
||||
--vault <provider> Enables a vault provider. Possible values are: file, hashicorp.
|
||||
--vault-dir <dir> If set, secrets can be obtained by reading the content of files within the
|
||||
given directory.
|
||||
|
||||
Logging:
|
||||
|
||||
--log <handler> Enable one or more log handlers in a comma-separated list. Available log
|
||||
handlers are: console,file,gelf Default: console.
|
||||
--log <handler> Enable one or more log handlers in a comma-separated list. Possible values
|
||||
are: console, file, gelf. Default: console.
|
||||
--log-console-color <true|false>
|
||||
Enable or disable colors when logging to console. Default: false.
|
||||
--log-console-format <format>
|
||||
@@ -230,8 +241,8 @@ Logging:
|
||||
it, escape the value using "<format>". Default: %d{yyyy-MM-dd HH:mm:ss,SSS} %
|
||||
-5p [%c] (%t) %s%e%n.
|
||||
--log-console-output <default|json>
|
||||
Set the log output to JSON or default (plain) unstructured logging. Default:
|
||||
default.
|
||||
Set the log output to JSON or default (plain) unstructured logging. Possible
|
||||
values are: default, json. Default: default.
|
||||
--log-file <path>/<file-name>.log
|
||||
Set the log file path and filename. Default: data/log/keycloak.log.
|
||||
--log-file-format <format>
|
||||
|
||||
@@ -25,13 +25,14 @@ Cache:
|
||||
--cache <type> Defines the cache mechanism for high-availability. By default, a 'ispn' cache
|
||||
is used to create a cluster between multiple server nodes. A 'local' cache
|
||||
disables clustering and is intended for development and testing purposes.
|
||||
Default: ispn.
|
||||
Possible values are: ispn, local. Default: ispn.
|
||||
--cache-config-file <file>
|
||||
Defines the file from which cache configuration should be loaded from. The
|
||||
configuration file is relative to the 'conf/' directory.
|
||||
--cache-stack <stack>
|
||||
Define the default stack to use for cluster communication and node discovery.
|
||||
This option only takes effect if 'cache' is set to 'ispn'. Default: udp.
|
||||
Possible values are: tcp, udp, kubernetes, ec2, azure, google.
|
||||
|
||||
Storage (Experimental):
|
||||
|
||||
@@ -132,9 +133,19 @@ Transaction:
|
||||
|
||||
Feature:
|
||||
|
||||
--features <feature> Enables a set of one or more features.
|
||||
--features <feature> Enables a set of one or more features. Possible values are: authorization,
|
||||
account2, account-api, admin-fine-grained-authz, admin2, docker,
|
||||
impersonation, openshift-integration, scripts, token-exchange, web-authn,
|
||||
client-policies, ciba, map-storage, par, declarative-user-profile,
|
||||
dynamic-scopes, client-secret-rotation, step-up-authentication,
|
||||
recovery-codes, update-email, preview.
|
||||
--features-disabled <feature>
|
||||
Disables a set of one or more features.
|
||||
Disables a set of one or more features. Possible values are: authorization,
|
||||
account2, account-api, admin-fine-grained-authz, admin2, docker,
|
||||
impersonation, openshift-integration, scripts, token-exchange, web-authn,
|
||||
client-policies, ciba, map-storage, par, declarative-user-profile,
|
||||
dynamic-scopes, client-secret-rotation, step-up-authentication,
|
||||
recovery-codes, update-email, preview.
|
||||
|
||||
Hostname:
|
||||
|
||||
@@ -174,7 +185,7 @@ HTTP/TLS:
|
||||
The cipher suites to use. If none is given, a reasonable default is selected.
|
||||
--https-client-auth <auth>
|
||||
Configures the server to require/request client authentication. Possible
|
||||
Values: none, request, required. Default: none.
|
||||
values are: none, request, required. Default: none.
|
||||
--https-key-store-file <file>
|
||||
The key store which holds the certificate information instead of specifying
|
||||
separate files.
|
||||
@@ -211,18 +222,18 @@ Metrics:
|
||||
Proxy:
|
||||
|
||||
--proxy <mode> The proxy address forwarding mode if the server is behind a reverse proxy.
|
||||
Possible values are: edge,reencrypt,passthrough Default: none.
|
||||
Possible values are: none, edge, reencrypt, passthrough. Default: none.
|
||||
|
||||
Vault:
|
||||
|
||||
--vault <provider> Enables a vault provider.
|
||||
--vault <provider> Enables a vault provider. Possible values are: file, hashicorp.
|
||||
--vault-dir <dir> If set, secrets can be obtained by reading the content of files within the
|
||||
given directory.
|
||||
|
||||
Logging:
|
||||
|
||||
--log <handler> Enable one or more log handlers in a comma-separated list. Available log
|
||||
handlers are: console,file,gelf Default: console.
|
||||
--log <handler> Enable one or more log handlers in a comma-separated list. Possible values
|
||||
are: console, file, gelf. Default: console.
|
||||
--log-console-color <true|false>
|
||||
Enable or disable colors when logging to console. Default: false.
|
||||
--log-console-format <format>
|
||||
@@ -230,10 +241,10 @@ Logging:
|
||||
it, escape the value using "<format>". Default: %d{yyyy-MM-dd HH:mm:ss,SSS} %
|
||||
-5p [%c] (%t) %s%e%n.
|
||||
--log-console-output <default|json>
|
||||
Set the log output to JSON or default (plain) unstructured logging. Default:
|
||||
default.
|
||||
Set the log output to JSON or default (plain) unstructured logging. Possible
|
||||
values are: default, json. Default: default.
|
||||
--log-file <path>/<file-name>.log
|
||||
Set the log file path and filename. Default: data\log\keycloak.log.
|
||||
Set the log file path and filename. Default: data/log/keycloak.log.
|
||||
--log-file-format <format>
|
||||
Set a format specific to file log entries. Default: %d{yyyy-MM-dd HH:mm:ss,
|
||||
SSS} %-5p [%c] (%t) %s%e%n.
|
||||
|
||||
@@ -84,7 +84,7 @@ HTTP/TLS:
|
||||
The cipher suites to use. If none is given, a reasonable default is selected.
|
||||
--https-client-auth <auth>
|
||||
Configures the server to require/request client authentication. Possible
|
||||
Values: none, request, required. Default: none.
|
||||
values are: none, request, required. Default: none.
|
||||
--https-key-store-file <file>
|
||||
The key store which holds the certificate information instead of specifying
|
||||
separate files.
|
||||
@@ -108,7 +108,7 @@ HTTP/TLS:
|
||||
Proxy:
|
||||
|
||||
--proxy <mode> The proxy address forwarding mode if the server is behind a reverse proxy.
|
||||
Possible values are: edge,reencrypt,passthrough Default: none.
|
||||
Possible values are: none, edge, reencrypt, passthrough. Default: none.
|
||||
|
||||
Vault:
|
||||
|
||||
@@ -117,8 +117,8 @@ Vault:
|
||||
|
||||
Logging:
|
||||
|
||||
--log <handler> Enable one or more log handlers in a comma-separated list. Available log
|
||||
handlers are: console,file,gelf Default: console.
|
||||
--log <handler> Enable one or more log handlers in a comma-separated list. Possible values
|
||||
are: console, file, gelf. Default: console.
|
||||
--log-console-color <true|false>
|
||||
Enable or disable colors when logging to console. Default: false.
|
||||
--log-console-format <format>
|
||||
@@ -126,8 +126,8 @@ Logging:
|
||||
it, escape the value using "<format>". Default: %d{yyyy-MM-dd HH:mm:ss,SSS} %
|
||||
-5p [%c] (%t) %s%e%n.
|
||||
--log-console-output <default|json>
|
||||
Set the log output to JSON or default (plain) unstructured logging. Default:
|
||||
default.
|
||||
Set the log output to JSON or default (plain) unstructured logging. Possible
|
||||
values are: default, json. Default: default.
|
||||
--log-file <path>/<file-name>.log
|
||||
Set the log file path and filename. Default: data/log/keycloak.log.
|
||||
--log-file-format <format>
|
||||
|
||||
@@ -84,7 +84,7 @@ HTTP/TLS:
|
||||
The cipher suites to use. If none is given, a reasonable default is selected.
|
||||
--https-client-auth <auth>
|
||||
Configures the server to require/request client authentication. Possible
|
||||
Values: none, request, required. Default: none.
|
||||
values are: none, request, required. Default: none.
|
||||
--https-key-store-file <file>
|
||||
The key store which holds the certificate information instead of specifying
|
||||
separate files.
|
||||
@@ -108,7 +108,7 @@ HTTP/TLS:
|
||||
Proxy:
|
||||
|
||||
--proxy <mode> The proxy address forwarding mode if the server is behind a reverse proxy.
|
||||
Possible values are: edge,reencrypt,passthrough Default: none.
|
||||
Possible values are: none, edge, reencrypt, passthrough. Default: none.
|
||||
|
||||
Vault:
|
||||
|
||||
@@ -117,8 +117,8 @@ Vault:
|
||||
|
||||
Logging:
|
||||
|
||||
--log <handler> Enable one or more log handlers in a comma-separated list. Available log
|
||||
handlers are: console,file,gelf Default: console.
|
||||
--log <handler> Enable one or more log handlers in a comma-separated list. Possible values
|
||||
are: console, file, gelf. Default: console.
|
||||
--log-console-color <true|false>
|
||||
Enable or disable colors when logging to console. Default: false.
|
||||
--log-console-format <format>
|
||||
@@ -126,10 +126,10 @@ Logging:
|
||||
it, escape the value using "<format>". Default: %d{yyyy-MM-dd HH:mm:ss,SSS} %
|
||||
-5p [%c] (%t) %s%e%n.
|
||||
--log-console-output <default|json>
|
||||
Set the log output to JSON or default (plain) unstructured logging. Default:
|
||||
default.
|
||||
Set the log output to JSON or default (plain) unstructured logging. Possible
|
||||
values are: default, json. Default: default.
|
||||
--log-file <path>/<file-name>.log
|
||||
Set the log file path and filename. Default: data\log\keycloak.log.
|
||||
Set the log file path and filename. Default: data/log/keycloak.log.
|
||||
--log-file-format <format>
|
||||
Set a format specific to file log entries. Default: %d{yyyy-MM-dd HH:mm:ss,
|
||||
SSS} %-5p [%c] (%t) %s%e%n.
|
||||
|
||||
@@ -101,7 +101,7 @@ HTTP/TLS:
|
||||
The cipher suites to use. If none is given, a reasonable default is selected.
|
||||
--https-client-auth <auth>
|
||||
Configures the server to require/request client authentication. Possible
|
||||
Values: none, request, required. Default: none.
|
||||
values are: none, request, required. Default: none.
|
||||
--https-key-store-file <file>
|
||||
The key store which holds the certificate information instead of specifying
|
||||
separate files.
|
||||
@@ -125,7 +125,7 @@ HTTP/TLS:
|
||||
Proxy:
|
||||
|
||||
--proxy <mode> The proxy address forwarding mode if the server is behind a reverse proxy.
|
||||
Possible values are: edge,reencrypt,passthrough Default: none.
|
||||
Possible values are: none, edge, reencrypt, passthrough. Default: none.
|
||||
|
||||
Vault:
|
||||
|
||||
@@ -134,8 +134,8 @@ Vault:
|
||||
|
||||
Logging:
|
||||
|
||||
--log <handler> Enable one or more log handlers in a comma-separated list. Available log
|
||||
handlers are: console,file,gelf Default: console.
|
||||
--log <handler> Enable one or more log handlers in a comma-separated list. Possible values
|
||||
are: console, file, gelf. Default: console.
|
||||
--log-console-color <true|false>
|
||||
Enable or disable colors when logging to console. Default: false.
|
||||
--log-console-format <format>
|
||||
@@ -143,8 +143,8 @@ Logging:
|
||||
it, escape the value using "<format>". Default: %d{yyyy-MM-dd HH:mm:ss,SSS} %
|
||||
-5p [%c] (%t) %s%e%n.
|
||||
--log-console-output <default|json>
|
||||
Set the log output to JSON or default (plain) unstructured logging. Default:
|
||||
default.
|
||||
Set the log output to JSON or default (plain) unstructured logging. Possible
|
||||
values are: default, json. Default: default.
|
||||
--log-file <path>/<file-name>.log
|
||||
Set the log file path and filename. Default: data/log/keycloak.log.
|
||||
--log-file-format <format>
|
||||
|
||||
@@ -101,7 +101,7 @@ HTTP/TLS:
|
||||
The cipher suites to use. If none is given, a reasonable default is selected.
|
||||
--https-client-auth <auth>
|
||||
Configures the server to require/request client authentication. Possible
|
||||
Values: none, request, required. Default: none.
|
||||
values are: none, request, required. Default: none.
|
||||
--https-key-store-file <file>
|
||||
The key store which holds the certificate information instead of specifying
|
||||
separate files.
|
||||
@@ -125,7 +125,7 @@ HTTP/TLS:
|
||||
Proxy:
|
||||
|
||||
--proxy <mode> The proxy address forwarding mode if the server is behind a reverse proxy.
|
||||
Possible values are: edge,reencrypt,passthrough Default: none.
|
||||
Possible values are: none, edge, reencrypt, passthrough. Default: none.
|
||||
|
||||
Vault:
|
||||
|
||||
@@ -134,8 +134,8 @@ Vault:
|
||||
|
||||
Logging:
|
||||
|
||||
--log <handler> Enable one or more log handlers in a comma-separated list. Available log
|
||||
handlers are: console,file,gelf Default: console.
|
||||
--log <handler> Enable one or more log handlers in a comma-separated list. Possible values
|
||||
are: console, file, gelf. Default: console.
|
||||
--log-console-color <true|false>
|
||||
Enable or disable colors when logging to console. Default: false.
|
||||
--log-console-format <format>
|
||||
@@ -143,10 +143,10 @@ Logging:
|
||||
it, escape the value using "<format>". Default: %d{yyyy-MM-dd HH:mm:ss,SSS} %
|
||||
-5p [%c] (%t) %s%e%n.
|
||||
--log-console-output <default|json>
|
||||
Set the log output to JSON or default (plain) unstructured logging. Default:
|
||||
default.
|
||||
Set the log output to JSON or default (plain) unstructured logging. Possible
|
||||
values are: default, json. Default: default.
|
||||
--log-file <path>/<file-name>.log
|
||||
Set the log file path and filename. Default: data\log\keycloak.log.
|
||||
Set the log file path and filename. Default: data/log/keycloak.log.
|
||||
--log-file-format <format>
|
||||
Set a format specific to file log entries. Default: %d{yyyy-MM-dd HH:mm:ss,
|
||||
SSS} %-5p [%c] (%t) %s%e%n.
|
||||
|
||||
Reference in New Issue
Block a user