Port 9990 在 Docker 化的 Keycloak 中是什么,我是否应该将其公开发布?

huangapple go评论67阅读模式
英文:

What is port 9990 in a dockerized keycloak and should I publish it publickly?

问题

9990端口和8080端口的区别是什么?9990端口似乎是Keycloak的管理控制台,而8080端口是应用程序的主要Web界面。根据您提供的Docker Compose文件,Keycloak容器映射了这两个端口,因此您可以通过http://localhost:8080 访问Keycloak的主要Web界面,通过http://localhost:9990 访问Keycloak的管理控制台。这两个端口提供了不同的功能,主要Web界面用于用户身份验证和授权,而管理控制台用于配置和管理Keycloak实例。

希望这可以解释您关于Keycloak端口的疑问。

英文:

I am recently started to learn keycloak. Today I realized that there is a 9990 port but I could not understand why it says its Admin Console while based on this doc Admin Console is http://localhost:8080 not http://localhost:9990.

you-say-keycloak-1     | 17:01:05,116 INFO  [org.jboss.as] (Controller Boot Thread) WFLYSRV0051: Admin console listening on http://127.0.0.1:9990

What is this 9990 port and what is the difference between it and 8080? Basically IDK why I cannot see it even though I published the port as you can see in this compose file:

version: "3"

services:
  keycloak-db:
    image: postgres:15.2-alpine3.17
    environment:
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
      POSTGRES_DB: ${POSTGRES_DB}
    volumes:
      - keycloak_db_volume:/var/lib/postgresql/data

  keycloak:
    image: jboss/keycloak:16.1.1
    ports:
      - 8080:8080
      # - 8443:8443 HTTPS port
      - 9990:9990 # Admin UI
    links:
      - keycloak-db
    volumes:
      - keycloak_volume:/tmp
    environment:
      KEYCLOAK_USER: ${KEYCLOAK_USER}
      KEYCLOAK_PASSWORD: ${KEYCLOAK_PASSWORD}
      DB_VENDOR: ${DB_VENDOR}
      DB_ADDR: ${DB_ADDR}
      DB_USER: ${DB_USER}
      DB_PASSWORD: ${DB_PASSWORD}

volumes:
  keycloak_db_volume:
  keycloak_volume:

Any idea?
I really appreciate if you could give me some detailed answer about this keycloak ports and what are they.

答案1

得分: 3

Port 9990是底层WildFly应用服务器的管理控制台。不应将其暴露在公共互联网上,但可以将其暴露在内部网络中。

然而,Keycloak版本16.1.1相当过时,已经发布了1年2个月。当前最新版本(20.0.5和21.0.1)已从使用WildFly作为Keycloak的分发方式迁移到使用Quarkus,不再包含这样的管理控制台,因此这些信息仅在您使用不再接收安全更新的Keycloak版本时才有用。

英文:

Port 9990 is the administration console of the underlying WildFly application server. You should not expose it to the open internet, but it may be useful to expose it to your internal network.

However, Keycloak version 16.1.1 is quite outdated, it was released 1 year and 2 months ago. The currently up-to-date versions (20.0.5 and 21.0.1) have migrated from using WildFly as a distribution for Keycloak to using Quarkus, which does not contain such an administration console, so this knowledge is only useful as long as you are working under a deprecated version of Keycloak which no longer receives security updates.

huangapple
  • 本文由 发表于 2023年3月21日 01:57:14
  • 转载请务必保留本文链接:https://go.coder-hub.com/75793735.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定