diff --git a/container/keycloak/initdb.d/00_config.env b/container/keycloak/initdb.d/00_config.env
deleted file mode 100644
index c19e7e6..0000000
--- a/container/keycloak/initdb.d/00_config.env
+++ /dev/null
@@ -1,2 +0,0 @@
-export KEYCLOAK_REALM=test-realm
-export KEYCLOAK_RESOURCE=dtm
\ No newline at end of file
diff --git a/container/keycloak/initdb.d/01_login.sh b/container/keycloak/initdb.d/01_login.sh
deleted file mode 100755
index b12855a..0000000
--- a/container/keycloak/initdb.d/01_login.sh
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/bin/bash
-
-. /lib.sh
-
-echo "---------"
-echo "| Login |"
-echo "---------"
-login
\ No newline at end of file
diff --git a/container/keycloak/initdb.d/02_realm.sh b/container/keycloak/initdb.d/02_realm.sh
deleted file mode 100755
index 0c53e28..0000000
--- a/container/keycloak/initdb.d/02_realm.sh
+++ /dev/null
@@ -1,15 +0,0 @@
-#!/bin/bash
-
-. /lib.sh
-
-echo "----------------"
-echo "| Create Realm |"
-echo "----------------"
-# KEYCLOAK_REALM set in 00_config.env as it's a shared value
-KEYCLOAK_SECRET=yHi6W2raPmLvPXoxqMA7VWbLAA2WN0eB
-KEYCLOAK_REALM_DISPLAY_NAME="TEST REALM"
-# TIMEOUT UNITS IS SECONDS; 28800 Seconds = 8 Hours
-KEYCLOAK_SESSION_IDLE_TIMEOUT=28800
-# 86400 Seconds = 24 Hours
-KEYCLOAK_SESSION_MAX_LIFESPAN=86400
-create_realm
\ No newline at end of file
diff --git a/container/keycloak/initdb.d/03_client.sh b/container/keycloak/initdb.d/03_client.sh
deleted file mode 100755
index 5f13849..0000000
--- a/container/keycloak/initdb.d/03_client.sh
+++ /dev/null
@@ -1,13 +0,0 @@
-#!/bin/bash
-
-. /lib.sh
-
-echo "-----------------"
-echo "| Create Client |"
-echo "-----------------"
-# KEYCLOAK_RESOURCE set in 00_config.env as it's a shared value
-KEYCLOAK_CLIENT_NAME=dtm
-KEYCLOAK_SERVICE_ACCOUNT_ENABLED=true
-KEYCLOAK_REDIRECT_URIS='["https://localhost:8443/dtm/*"]'
-KEYCLOAK_SECRET=yHi6W2raPmLvPXoxqMA7VWbLAA2WN0eB
-create_client
\ No newline at end of file
diff --git a/container/keycloak/initdb.d/03_customize.sh b/container/keycloak/initdb.d/03_customize.sh
new file mode 100644
index 0000000..c1b3de1
--- /dev/null
+++ b/container/keycloak/initdb.d/03_customize.sh
@@ -0,0 +1,49 @@
+#!/bin/bash
+
+# Located in root of container
+. /kc-lib.sh
+
+echo "----------------"
+echo "| Create Roles |"
+echo "----------------"
+KC_ROLE_NAME=group1Leaders
+create_role
+KC_ROLE_NAME=group2Leaders
+create_role
+KC_ROLE_NAME=group3Leaders
+create_role
+KC_ROLE_NAME=testlead
+create_role
+KC_ROLE_NAME=${KC_RESOURCE}-reviewer
+create_role
+
+echo "----------------"
+echo "| Create Users |"
+echo "----------------"
+KC_PASSWORD=password
+
+KC_USERNAME=user1
+KC_FIRSTNAME=James
+KC_LASTNAME=Johnson
+KC_EMAIL=user1@example.com
+create_user
+KC_ROLE_NAME=${KC_RESOURCE}-user
+assign_role
+
+KC_USERNAME=user2
+KC_FIRSTNAME=Robert
+KC_LASTNAME=Williams
+KC_EMAIL=user2@example.com
+create_user
+KC_ROLE_NAME=${KC_RESOURCE}-user
+assign_role
+
+KC_USERNAME=user3
+KC_FIRSTNAME=Michael
+KC_LASTNAME=Miller
+KC_EMAIL=user3@example.com
+create_user
+KC_ROLE_NAME=${KC_RESOURCE}-user
+assign_role
+KC_ROLE_NAME=testlead
+assign_role
\ No newline at end of file
diff --git a/container/keycloak/initdb.d/04_accounts.sh b/container/keycloak/initdb.d/04_accounts.sh
deleted file mode 100755
index 4328eee..0000000
--- a/container/keycloak/initdb.d/04_accounts.sh
+++ /dev/null
@@ -1,81 +0,0 @@
-#!/bin/bash
-
-. /lib.sh
-
-echo "----------------"
-echo "| Create Roles |"
-echo "----------------"
-KEYCLOAK_ROLE_NAME=${KEYCLOAK_RESOURCE}-user
-create_role
-KEYCLOAK_ROLE_NAME=${KEYCLOAK_RESOURCE}-admin
-create_role
-
-KEYCLOAK_ROLE_NAME=group1Leaders
-create_role
-KEYCLOAK_ROLE_NAME=group2Leaders
-create_role
-KEYCLOAK_ROLE_NAME=group3Leaders
-create_role
-KEYCLOAK_ROLE_NAME=testlead
-create_role
-
-KEYCLOAK_ROLE_NAME=${KEYCLOAK_RESOURCE}-reviewer
-create_role
-
-echo "----------------"
-echo "| Create Users |"
-echo "----------------"
-KEYCLOAK_USERNAME=jadams
-KEYCLOAK_FIRSTNAME=Jane
-KEYCLOAK_LASTNAME=Adams
-KEYCLOAK_EMAIL=jadams@example.com
-KEYCLOAK_PASSWORD=password
-KEYCLOAK_ROLE_NAME=${KEYCLOAK_RESOURCE}-user
-create_user
-assign_role
-
-KEYCLOAK_USERNAME=jsmith
-KEYCLOAK_FIRSTNAME=John
-KEYCLOAK_LASTNAME=Smith
-KEYCLOAK_EMAIL=jsmith@example.com
-create_user
-assign_role
-
-
-KEYCLOAK_USERNAME=tbrown
-KEYCLOAK_FIRSTNAME=Tom
-KEYCLOAK_LASTNAME=Brown
-KEYCLOAK_EMAIL=tbrown@example.com
-create_user
-KEYCLOAK_ROLE_NAME=${KEYCLOAK_RESOURCE}-user
-assign_role
-KEYCLOAK_ROLE_NAME=${KEYCLOAK_RESOURCE}-admin
-assign_role
-KEYCLOAK_ROLE_NAME=${KEYCLOAK_RESOURCE}-reviewer
-assign_role
-
-KEYCLOAK_USERNAME=user1
-KEYCLOAK_FIRSTNAME=James
-KEYCLOAK_LASTNAME=Johnson
-KEYCLOAK_EMAIL=user1@example.com
-create_user
-KEYCLOAK_ROLE_NAME=${KEYCLOAK_RESOURCE}-user
-assign_role
-
-KEYCLOAK_USERNAME=user2
-KEYCLOAK_FIRSTNAME=Robert
-KEYCLOAK_LASTNAME=Williams
-KEYCLOAK_EMAIL=user2@example.com
-create_user
-KEYCLOAK_ROLE_NAME=${KEYCLOAK_RESOURCE}-user
-assign_role
-
-KEYCLOAK_USERNAME=user3
-KEYCLOAK_FIRSTNAME=Michael
-KEYCLOAK_LASTNAME=Miller
-KEYCLOAK_EMAIL=user3@example.com
-create_user
-KEYCLOAK_ROLE_NAME=${KEYCLOAK_RESOURCE}-user
-assign_role
-KEYCLOAK_ROLE_NAME=testlead
-assign_role
\ No newline at end of file
diff --git a/deps.yaml b/deps.yaml
index 31b5efd..81c9611 100644
--- a/deps.yaml
+++ b/deps.yaml
@@ -13,7 +13,7 @@ services:
- ./container/oracle/initdb.d:/container-entrypoint-initdb.d
keycloak:
- image: jeffersonlab/keycloak:2.2.0
+ image: jeffersonlab/keycloak:2.6.0
hostname: keycloak
container_name: keycloak
ports:
@@ -25,8 +25,11 @@ services:
KC_HTTP_RELATIVE_PATH: '/auth'
KC_BOOTSTRAP_ADMIN_USERNAME: 'admin'
KC_BOOTSTRAP_ADMIN_PASSWORD: 'admin'
+ KC_CLIENT_NAME: dtm
+ KC_RESOURCE: dtm
+ KC_REDIRECT_URIS: '["https://localhost:8443/dtm/*"]'
volumes:
- - ./container/keycloak/initdb.d:/container-entrypoint-initdb.d
+ - ./container/keycloak/initdb.d/03_customize.sh:/container-entrypoint-initdb.d/03_customize.sh
puppet:
image: slominskir/puppet-show:2.1.1
diff --git a/src/main/webapp/WEB-INF/web.xml b/src/main/webapp/WEB-INF/web.xml
index fc6773f..98f51bd 100644
--- a/src/main/webapp/WEB-INF/web.xml
+++ b/src/main/webapp/WEB-INF/web.xml
@@ -87,12 +87,15 @@
/reports/activity-audit/*
- dtm-reviewer
+ dtm-admin
OIDC
+
+ dtm-admin
+
dtm-reviewer