前提:电脑已经安装Java 17+
1、下载Keycloak
2、下载完后解压缩,使用文本编辑器修改配置文件(keycloak/conf/keycloak.conf)
Basic settings for running in production. Change accordingly before deploying the server.
Database
The database vendor.
#db=postgres
db=mysql
The username of the database user.
db-username=root
The password of the database user.
db-password=123456
The full database JDBC URL. If not provided, a default URL is set based on the selected database vendor.
#db-url=jdbc:postgresql://localhost/keycloak
db-url=jdbc:mysql://localhost:3306/keycloak
Observability
If the server should expose healthcheck endpoints.
health-enabled=true
If the server should expose metrics endpoints.
metrics-enabled=true
HTTP
The file path to a server certificate or certificate chain in PEM format.
#https-certificate-file=${kc.home.dir}/conf/server.crt.pem
The file path to a private key in PEM format.
#https-certificate-key-file=${kc.home.dir}/conf/server.key.pem
The proxy address forwarding mode if the server is behind a reverse proxy.
#proxy=reencrypt
Do not attach route to cookies and rely on the session affinity capabilities from reverse proxy
#spi-sticky-session-encoder-infinispan-should-attach-route=false
Hostname for the Keycloak server.
hostname=localhost
3、在命令窗口cd到解压后的keycloak目录,然后使用下面的指令创建一个临时的管理员账号
bin/kc.sh bootstrap-admin user
4、根据提示输入用户名和密码,密码随便设,临时账号后面还要删掉
5、启动keycloak服务
bin/kc.sh start-dev --http-port 8181
6、启动成功会看到下面的信息
Keycloak 26.3.1 on JVM (powered by Quarkus 3.20.1) started in 35.660s. Listening on: http://0.0.0.0:8181.
7、在浏览器输入
8、使用刚刚输入的临时账号密码登录,进入用户页面添加新用户
9、添加用户后在 Credentials 页面设置密码
10、在 Role mapping 页面分配权限
11、退出临时管理账号,使用刚刚创建的账号登录,顶部就不会显示下面这段英文了
You are logged in as a temporary admin user. To harden security, create a permanent admin account and delete the temporary one.
12、删除临时账号