On 23/01/23 10:12PM, Pavel Korovin wrote:
> Aisha, thank you for your efforts!
>
> Please find the attached updated version to consider if my changes are
> relevant and make sense.
>
> 1. +CATEGORIES = security
> Keycloak's purpose is authentication/authorization so I think it
> better fits better to security category
> 2. +MODJAVA_VER = 17
> Keycloak works fine with jdk-17, I don't see any reason for
> downgrading jdk dependnecy
> 3. Added patches for other shell scripts, they don't work, but at least
> we can see the reason why they don't work
> 4. All other changes are related to paths:
> * It's a matter of taste, but paths like
> ${PREFIX}/share/java/keycloak/bin look a bit weird,
> I consider Keycloak a standalone app like Elasticsearch or
> Logstash and I think it deserves it's own folder under
> /usr/local similar to /opt/keycloak placement used in Linux
> * Configuration files definitely should go to /etc/keycloak/
> * State files, particularly DB files should go to /var/db/keycloak
> 5. rc script: I don't see any purpose for /var/run/keycloak dir, and
> /var/log/keycloak can be created via PLIST
>
> Finally, since it's quite a complex piece of software, it would be great
> to have package's README which at least shows what goes where under
> OpenBSD and how to start it, not a big deal, but would be nice in a
> perfect world :)
>
Thanks a bunch Pavel, sorry I forgot about this mail.
The port is working nicely with your changes, I've attached an updated tarball
for 21.0.0.
I've added a small README to talk about the quirks on OpenBSD, specifically for
multicast support and working with a reverse proxy.
OK?
Thanks,
Aisha
> On 01/15, aisha wrote:
> > Hi,
> > I've attached a port of keycloak - https://www.keycloak.org/ -
> > https://github.com/keycloak/keycloak - an identity and access management
> > solution from redhat.
> > Copying the DESCR:
> >
> > > Keycloak is an open source Identity and Access Management solution
> > > aimed at modern applications and services. It makes it easy to
> > > secure applications and services with little to no code, providing
> > > the following features:
> > > - SAML, OAuth 2.0 and OpenID Connect
> > > - Single Sign On
> > > - Admin Console
> > > - Account Management Console
> > > - User Federation with LDAP and Active Directory
> > > - Identity Brokering and Social Login
> >
> >
> > It has been working fine for a while now. The command line programs 'kcadm'
> > and 'kcreg' don't work as openbsd is not a recognized platform but I have
> > opened PRs upstream to fix this and hopefully it should just work (tm) once
> > they get merged.
> >
> > tests and OKs welcome.
> >
> > Cheers,
> > Aisha
>
>
>
> --
> With best regards,
> Pavel Korovin
