3.4. Modifying the JBoss EAP instance

The JBoss EAP servlet application requires additional configuration before it is secured by Red Hat Single Sign-On.


  • You created a client named vanilla in the demo realm.
  • You saved a template XML file for this client.


  1. Go to the standalone/configuration directory in your JBoss EAP root directory.
  2. Open the standalone.xml file and search for the following text:

    <subsystem xmlns="urn:jboss:domain:keycloak:1.1"/>
  3. Change the XML entry from self-closing to using a pair of opening and closing tags as shown here:

    <subsystem xmlns="urn:jboss:domain:keycloak:1.1">
  4. Paste the contents of the XML template within the <subsystem> element, as shown in this example:

    <subsystem xmlns="urn:jboss:domain:keycloak:1.1">
      <secure-deployment name="WAR MODULE NAME.war">
  5. Change WAR MODULE NAME.war to vanilla.war:

    <subsystem xmlns="urn:jboss:domain:keycloak:1.1">
      <secure-deployment name="vanilla.war">
  6. Reboot the application server.