- Notifications
You must be signed in to change notification settings - Fork54
License
NotificationsYou must be signed in to change notification settings
aznamier/keycloak-event-listener-rabbitmq
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
| Plugin | min Keycloak ver |
|---|---|
| 1.x | 10.x |
| 2.x | 13.x |
| 3.x | 16.x |
For example here is the notification of the user updated by administrator
- routing key:
KK.EVENT.ADMIN.MYREALM.SUCCESS.USER.UPDATE - published to exchange:
amq.topic - content:
{ "@class" : "com.github.aznamier.keycloak.event.provider.EventAdminNotificationMqMsg", "time" : 1596951200408, "realmId" : "MYREALM", "authDetails" : { "realmId" : "master", "clientId" : "********-****-****-****-**********", "userId" : "********-****-****-****-**********", "ipAddress" : "192.168.1.1" }, "resourceType" : "USER", "operationType" : "UPDATE", "resourcePath" : "users/********-****-****-****-**********", "representation" : "representation details here....", "error" : null, "resourceTypeAsString" : "USER"}The routing key is calculated as follows:
- admin events:
KK.EVENT.ADMIN.<REALM>.<RESULT>.<RESOURCE_TYPE>.<OPERATION> - client events:
KK.EVENT.CLIENT.<REALM>.<RESULT>.<CLIENT>.<EVENT_TYPE>
And because the recommended exchange is aTOPIC (amq.topic),
therefore its easy for Rabbit client to subscribe to selective combinations eg:
- all events:
KK.EVENT.# - all events from my realm:
KK.EVENT.*.MYREALM.# - all error events from my realm:
KK.EVENT.*.MYREALM.ERROR.# - all user events from my-relam and my-client:
KK.EVENT.*.MY-REALM.*.MY-CLIENT.USER
- Download the latest jar or build from source:
mvn clean install - Copy jar into your Keycloak
- Keycloak version 17+ (Quarkus)
/opt/keycloak/providers/keycloak-to-rabbit-3.0.5.jar - Keycloak version 16 and older
/opt/jboss/keycloak/standalone/deployments/keycloak-to-rabbit-3.0.5.jar
- Keycloak version 17+ (Quarkus)
- Configure as described below (option 1 or 2 or 3)
- Restart the Keycloak server
- Enable logging in Keycloak UI by addingkeycloak-to-rabbitmq
Manage > Events > Config > Events Config > Event Listeners
KK_TO_RMQ_URL- default:localhostKK_TO_RMQ_PORT- default:5672KK_TO_RMQ_VHOST- default:emptyKK_TO_RMQ_EXCHANGE- default:amq.topicKK_TO_RMQ_USERNAME- default:adminKK_TO_RMQ_PASSWORD- default:adminKK_TO_RMQ_USE_TLS- default:falseKK_TO_RMQ_KEY_STORE- default:emptyKK_TO_RMQ_KEY_STORE_PASS- default:emptyKK_TO_RMQ_TRUST_STORE- default:emptyKK_TO_RMQ_TRUST_STORE_PASS- default:empty
Deprecated OPTION 2: edit Keycloak subsystem of WildFly (Keycloak 16 and older) standalone.xml or standalone-ha.xml:
<spiname="eventsListener"> <providername="keycloak-to-rabbitmq"enabled="true"> <properties> <propertyname="url"value="${env.KK_TO_RMQ_URL:localhost}"/> <propertyname="port"value="${env.KK_TO_RMQ_PORT:5672}"/> <propertyname="vhost"value="${env.KK_TO_RMQ_VHOST:}"/> <propertyname="exchange"value="${env.KK_TO_RMQ_EXCHANGE:amq.topic}"/> <propertyname="use_tls"value="${env.KK_TO_RMQ_USE_TLS:false}"/> <propertyname="key_store"value="${env.KK_TO_RMQ_KEY_STORE:}"/> <propertyname="key_store_pass"value="${env.KK_TO_RMQ_KEY_STORE_PASS:}"/> <propertyname="trust_store"value="${env.KK_TO_RMQ_TRUST_STORE:}"/> <propertyname="trust_store_pass"value="${env.KK_TO_RMQ_TRUST_STORE_PASS:}"/> <propertyname="username"value="${env.KK_TO_RMQ_USERNAME:guest}"/> <propertyname="password"value="${env.KK_TO_RMQ_PASSWORD:guest}"/> </properties> </provider></spi>
echo "yes" | $KEYCLOAK_HOME/bin/jboss-cli.sh --file=$KEYCLOAK_HOME/KEYCLOAK_TO_RABBIT.cliAbout
No description, website, or topics provided.
Resources
License
Uh oh!
There was an error while loading.Please reload this page.
Stars
Watchers
Forks
Packages0
Uh oh!
There was an error while loading.Please reload this page.
Uh oh!
There was an error while loading.Please reload this page.
Contributors10
Uh oh!
There was an error while loading.Please reload this page.