Error while configuring testing with a sample clustered domain in v16.1.0

While configuring simple clustered domain in v16.1.0 I have face this error on host-slave.xml

[Host Controller]
[Host Controller] OPVDX001: Validation error in host-slave.xml -----------------------------------
[Host Controller] |
[Host Controller] |   8: </extensions>
[Host Controller] |   9: <management>
[Host Controller] |  10:     <security-realms>
[Host Controller] |                           ^^^^ 'security-realms' isn't an allowed element here
[Host Controller] |
[Host Controller] |                                Elements allowed here are: audit-log, configuration-changes, identity,
[Host Controller] |                                  management-interfaces
[Host Controller] |
[Host Controller] |  11:         <security-realm name="ManagementRealm">
[Host Controller] |  12:             <server-identities>
[Host Controller] |  13:                 <secret value="UEAkJHcwcmQ="/>
[Host Controller] |
[Host Controller] | The primary underlying error message was:
[Host Controller] | > ParseError at [row,col]:[10,26]
[Host Controller] | > Message: WFLYCTL0198: Unexpected element
[Host Controller] | >   '{urn:jboss:domain:19.0}security-realms' encountered
[Host Controller] |
[Host Controller] |-------------------------------------------------------------------------------
[Host Controller]
[Host Controller] 08:16:34,735 ERROR [org.jboss.as.host.controller] (Controller Boot Thread) WFLYHC0033: Caught exception during boot: org.jboss.as.controller.persistence.ConfigurationPersistenceException: WFLYCTL0085: Failed to parse configuration

Any one have an idea on this please kindly assist me.

1 Like

Hello @bete24,

this validation error refers to the meanwhile legacy security subsystem, which is being fully replaced by Elytron.
(as of 16.0.0)
(‘Keycloak 16.0.0 released’ @ Keycloak blog)

Care for some of the significant changes at configuration like

(i) domain.xml:

Generally (attribute) sasl-authentication-factory instead of former security-realm @ remoting subsystem http-connector or @ undertow subsystem http-invoker, for example.

(i) host.xml:

No guarantees here without working it through, which I am still on.

Deeply hope, this helps.

Best regards,
Ash

1 Like