From d8ebf1e3d6a3548ae05a3884e933bba69e27401f Mon Sep 17 00:00:00 2001
From: Cory Snyder <csnyder@iland.com>
Date: Fri, 18 Sep 2015 13:02:36 -0400
Subject: [PATCH 01/34] KEYCLOAK-1863 added both issuer and account name to otp
 configuration

---
 .../account/freemarker/model/TotpBean.java      |  2 +-
 .../login/freemarker/model/TotpBean.java        |  2 +-
 .../java/org/keycloak/models/OTPPolicy.java     | 17 ++++++++++++++---
 3 files changed, 16 insertions(+), 5 deletions(-)

diff --git a/forms/account-freemarker/src/main/java/org/keycloak/account/freemarker/model/TotpBean.java b/forms/account-freemarker/src/main/java/org/keycloak/account/freemarker/model/TotpBean.java
index b7d4df3df75..419f3213e57 100755
--- a/forms/account-freemarker/src/main/java/org/keycloak/account/freemarker/model/TotpBean.java
+++ b/forms/account-freemarker/src/main/java/org/keycloak/account/freemarker/model/TotpBean.java
@@ -51,7 +51,7 @@ public class TotpBean {
 
         this.totpSecret = randomString(20);
         this.totpSecretEncoded = Base32.encode(totpSecret.getBytes());
-        this.keyUri = realm.getOTPPolicy().getKeyURI(realm, this.totpSecret);
+        this.keyUri = realm.getOTPPolicy().getKeyURI(realm, user, this.totpSecret);
     }
 
     private static String randomString(int length) {
diff --git a/forms/login-freemarker/src/main/java/org/keycloak/login/freemarker/model/TotpBean.java b/forms/login-freemarker/src/main/java/org/keycloak/login/freemarker/model/TotpBean.java
index 6f891670c8d..6c9def495fb 100755
--- a/forms/login-freemarker/src/main/java/org/keycloak/login/freemarker/model/TotpBean.java
+++ b/forms/login-freemarker/src/main/java/org/keycloak/login/freemarker/model/TotpBean.java
@@ -49,7 +49,7 @@ public class TotpBean {
         
         this.totpSecret = HmacOTP.generateSecret(20);
         this.totpSecretEncoded = Base32.encode(totpSecret.getBytes());
-        this.keyUri = realm.getOTPPolicy().getKeyURI(realm, this.totpSecret);
+        this.keyUri = realm.getOTPPolicy().getKeyURI(realm, user, this.totpSecret);
     }
 
     public boolean isEnabled() {
diff --git a/model/api/src/main/java/org/keycloak/models/OTPPolicy.java b/model/api/src/main/java/org/keycloak/models/OTPPolicy.java
index 4ea52ac3159..1c6665aead4 100755
--- a/model/api/src/main/java/org/keycloak/models/OTPPolicy.java
+++ b/model/api/src/main/java/org/keycloak/models/OTPPolicy.java
@@ -1,8 +1,11 @@
 package org.keycloak.models;
 
+import org.jboss.logging.Logger;
 import org.keycloak.models.utils.Base32;
 import org.keycloak.models.utils.HmacOTP;
 
+import java.io.UnsupportedEncodingException;
+import java.net.URLEncoder;
 import java.util.HashMap;
 import java.util.Map;
 
@@ -12,6 +15,7 @@ import java.util.Map;
  */
 public class OTPPolicy {
 
+    protected static final Logger logger = Logger.getLogger(OTPPolicy.class);
 
     protected String type;
     protected String algorithm;
@@ -90,10 +94,17 @@ public class OTPPolicy {
         this.period = period;
     }
 
-    public String getKeyURI(RealmModel realm, String secret) {
+    public String getKeyURI(RealmModel realm, UserModel user, String secret) {
 
-        String uri = "otpauth://" + type + "/" + realm.getName() + "?secret=" + Base32.encode(secret.getBytes()) + "&digits=" + digits + "&algorithm=" + algToKeyUriAlg.get(algorithm);
-        if (type.equals(UserCredentialModel.HOTP)) {
+      String uri = null;
+        uri = "otpauth://" + type + "/" + realm.getName() + ":" + user.getUsername() + "?secret=" +
+            Base32.encode(secret.getBytes()) + "&digits=" + digits + "&algorithm=" + algToKeyUriAlg.get(algorithm);
+      try {
+        uri += "&issuer=" + URLEncoder.encode(realm.getName(), "UTF-8");
+      } catch (UnsupportedEncodingException e) {
+        logger.debug("Failed to add issuer parameter to OTP URI becasue UTF-8 is not supported.");
+      }
+      if (type.equals(UserCredentialModel.HOTP)) {
             uri += "&counter=" + initialCounter;
         }
         if (type.equals(UserCredentialModel.TOTP)) {

From 8226abef40c082396ee78f186c145db8d0783190 Mon Sep 17 00:00:00 2001
From: mposolda <mposolda@gmail.com>
Date: Mon, 19 Oct 2015 17:28:39 +0200
Subject: [PATCH 02/34] KEYCLOAK-1987 Minor fixes in fuse demo

---
 examples/fuse/camel/pom.xml  | 1 +
 examples/fuse/testrealm.json | 1 -
 2 files changed, 1 insertion(+), 1 deletion(-)

diff --git a/examples/fuse/camel/pom.xml b/examples/fuse/camel/pom.xml
index f0c45d13799..fa17c0e20c3 100755
--- a/examples/fuse/camel/pom.xml
+++ b/examples/fuse/camel/pom.xml
@@ -21,6 +21,7 @@
         <keycloak.osgi.import>
             org.eclipse.jetty.security;version="[8.1,10)",
             org.eclipse.jetty.util.security;version="[8.1,10)",
+            org.apache.camel;version="[2.12,3)",
             org.keycloak.*;version="${project.version}",
             *;resolution:=optional
         </keycloak.osgi.import>
diff --git a/examples/fuse/testrealm.json b/examples/fuse/testrealm.json
index ed112bc8742..f7c37540350 100644
--- a/examples/fuse/testrealm.json
+++ b/examples/fuse/testrealm.json
@@ -183,7 +183,6 @@
             "enabled": true,
             "publicClient": false,
             "directGrantsOnly": true,
-            "consentRequired": true,
             "secret": "password"
         }
     ],

From c860c671d17de3e61d383f71f0954dd261671df7 Mon Sep 17 00:00:00 2001
From: Stian Thorgersen <stianst@gmail.com>
Date: Mon, 19 Oct 2015 19:36:59 +0200
Subject: [PATCH 03/34] Fix parent of docbook modules

---
 docbook/auth-server-docs/pom.xml  | 2 +-
 docbook/saml-adapter-docs/pom.xml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/docbook/auth-server-docs/pom.xml b/docbook/auth-server-docs/pom.xml
index e605049e08c..a7c2ddd33f6 100755
--- a/docbook/auth-server-docs/pom.xml
+++ b/docbook/auth-server-docs/pom.xml
@@ -2,7 +2,7 @@
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <parent>
-        <artifactId>keycloak-parent</artifactId>
+        <artifactId>keycloak-docbook-parent</artifactId>
         <groupId>org.keycloak</groupId>
         <version>1.7.0.Final-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
diff --git a/docbook/saml-adapter-docs/pom.xml b/docbook/saml-adapter-docs/pom.xml
index 63bf70450ed..975ac5cd483 100755
--- a/docbook/saml-adapter-docs/pom.xml
+++ b/docbook/saml-adapter-docs/pom.xml
@@ -2,7 +2,7 @@
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <parent>
-        <artifactId>keycloak-parent</artifactId>
+        <artifactId>keycloak-docbook-parent</artifactId>
         <groupId>org.keycloak</groupId>
         <version>1.7.0.Final-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>

From 6b1287a55324458fe263c5e3d90ae8c8505f7f57 Mon Sep 17 00:00:00 2001
From: Marko Strukelj <marko.strukelj@gmail.com>
Date: Mon, 19 Oct 2015 22:11:31 +0200
Subject: [PATCH 04/34] KEYCLOAK-1988 Loader constraint violation in
 multi-tenant example

---
 examples/multi-tenant/pom.xml                              | 3 +++
 .../src/main/webapp/WEB-INF/jboss-deployment-structure.xml | 7 +++++++
 2 files changed, 10 insertions(+)
 create mode 100644 examples/multi-tenant/src/main/webapp/WEB-INF/jboss-deployment-structure.xml

diff --git a/examples/multi-tenant/pom.xml b/examples/multi-tenant/pom.xml
index ac316a5719d..39b07f2b4ee 100755
--- a/examples/multi-tenant/pom.xml
+++ b/examples/multi-tenant/pom.xml
@@ -38,16 +38,19 @@
         <dependency>
             <groupId>org.keycloak</groupId>
             <artifactId>keycloak-adapter-core</artifactId>
+            <scope>provided</scope>
         </dependency>
         <dependency>
             <groupId>org.keycloak</groupId>
             <artifactId>keycloak-adapter-spi</artifactId>
+            <scope>provided</scope>
         </dependency>
 
         <!-- Contains KeycloakPrincipal -->
         <dependency>
             <groupId>org.keycloak</groupId>
             <artifactId>keycloak-core</artifactId>
+            <scope>provided</scope>
         </dependency>
     </dependencies>
     <build>
diff --git a/examples/multi-tenant/src/main/webapp/WEB-INF/jboss-deployment-structure.xml b/examples/multi-tenant/src/main/webapp/WEB-INF/jboss-deployment-structure.xml
new file mode 100644
index 00000000000..d371dbd5d22
--- /dev/null
+++ b/examples/multi-tenant/src/main/webapp/WEB-INF/jboss-deployment-structure.xml
@@ -0,0 +1,7 @@
+<jboss-deployment-structure>
+    <deployment>
+        <dependencies>
+            <module name="org.keycloak.keycloak-adapter-spi"/>
+        </dependencies>
+    </deployment>
+</jboss-deployment-structure>

From edfc7ea103d34f53678584faf8918da9c5cf36f6 Mon Sep 17 00:00:00 2001
From: vramik <vramik@localhost.localdomain>
Date: Tue, 20 Oct 2015 16:59:32 +0200
Subject: [PATCH 05/34] add support for migration tests - KC1.6.0.Final

---
 .../resource/AuthenticationFlowResource.java  |  47 +++++
 .../resource/AuthenticationFlowsResource.java |  50 +++++
 .../resource/AuthenticationResource.java      |  36 ++++
 .../admin/client/resource/RealmResource.java  |   3 +
 .../integration-arquillian/servers/pom.xml    |   6 +
 .../servers/wildfly_kc16/assembly.xml         |  29 +++
 .../servers/wildfly_kc16/pom.xml              | 199 ++++++++++++++++++
 .../src/main/xslt/add-dialect-logger.xsl      |  28 +++
 .../wildfly_kc16/src/main/xslt/datasource.xsl |  94 +++++++++
 .../wildfly_kc16/src/main/xslt/module.xsl     |  33 +++
 .../base/src/test/resources/arquillian.xml    |  11 +
 .../integration-arquillian/tests/pom.xml      |  50 +++++
 12 files changed, 586 insertions(+)
 create mode 100644 integration/admin-client/src/main/java/org/keycloak/admin/client/resource/AuthenticationFlowResource.java
 create mode 100644 integration/admin-client/src/main/java/org/keycloak/admin/client/resource/AuthenticationFlowsResource.java
 create mode 100644 integration/admin-client/src/main/java/org/keycloak/admin/client/resource/AuthenticationResource.java
 create mode 100644 testsuite/integration-arquillian/servers/wildfly_kc16/assembly.xml
 create mode 100644 testsuite/integration-arquillian/servers/wildfly_kc16/pom.xml
 create mode 100644 testsuite/integration-arquillian/servers/wildfly_kc16/src/main/xslt/add-dialect-logger.xsl
 create mode 100644 testsuite/integration-arquillian/servers/wildfly_kc16/src/main/xslt/datasource.xsl
 create mode 100644 testsuite/integration-arquillian/servers/wildfly_kc16/src/main/xslt/module.xsl

diff --git a/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/AuthenticationFlowResource.java b/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/AuthenticationFlowResource.java
new file mode 100644
index 00000000000..b2147fe51a3
--- /dev/null
+++ b/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/AuthenticationFlowResource.java
@@ -0,0 +1,47 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2012, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ * 
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ * 
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ * 
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+
+package org.keycloak.admin.client.resource;
+
+import javax.ws.rs.Consumes;
+import javax.ws.rs.GET;
+import javax.ws.rs.PUT;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.MediaType;
+import org.keycloak.representations.idm.AuthenticationFlowRepresentation;
+
+/**
+ *
+ * @author <a href="mailto:vramik@redhat.com">Vlastislav Ramik</a>
+ */
+public interface AuthenticationFlowResource {
+    
+    @GET
+    @Produces(MediaType.APPLICATION_JSON)
+    public AuthenticationFlowRepresentation toRepresentation();
+    
+    @PUT
+    @Consumes(MediaType.APPLICATION_JSON)
+    public void update(AuthenticationFlowRepresentation authenticationFlowRepresentation);
+    
+    
+}
diff --git a/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/AuthenticationFlowsResource.java b/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/AuthenticationFlowsResource.java
new file mode 100644
index 00000000000..a100a2525dd
--- /dev/null
+++ b/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/AuthenticationFlowsResource.java
@@ -0,0 +1,50 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2012, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ * 
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ * 
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ * 
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.keycloak.admin.client.resource;
+
+import java.util.List;
+import javax.ws.rs.Consumes;
+import javax.ws.rs.GET;
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
+import org.keycloak.representations.idm.AuthenticationFlowRepresentation;
+
+/**
+  * @author <a href="mailto:vramik@redhat.com">Vlastislav Ramik</a>
+ */
+public interface AuthenticationFlowsResource {
+    
+//    @Path("{alias}")
+//    public AuthenticationFlowResource get(@PathParam("alias") String alias);
+
+    @POST
+    @Consumes(MediaType.APPLICATION_JSON)
+    public Response create(AuthenticationFlowRepresentation authenticationFlowRepresentation);
+
+    @GET
+    @Produces(MediaType.APPLICATION_JSON)
+    public List<AuthenticationFlowRepresentation> list();
+}
diff --git a/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/AuthenticationResource.java b/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/AuthenticationResource.java
new file mode 100644
index 00000000000..15cfb07f9fc
--- /dev/null
+++ b/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/AuthenticationResource.java
@@ -0,0 +1,36 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2012, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ * 
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ * 
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ * 
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+
+package org.keycloak.admin.client.resource;
+
+import javax.ws.rs.Path;
+
+/**
+ *
+ * @author <a href="mailto:vramik@redhat.com">Vlastislav Ramik</a>
+ */
+public interface AuthenticationResource {
+    
+    @Path("flows")
+    AuthenticationFlowsResource flows();
+    
+}
diff --git a/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/RealmResource.java b/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/RealmResource.java
index 87513ec2ab2..0ac10221077 100644
--- a/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/RealmResource.java
+++ b/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/RealmResource.java
@@ -46,4 +46,7 @@ public interface RealmResource {
     @GET
     List<Map<String, String>> getClientSessionStats();
     
+    @Path("authentication")
+    AuthenticationResource authentication();
+    
 }
diff --git a/testsuite/integration-arquillian/servers/pom.xml b/testsuite/integration-arquillian/servers/pom.xml
index aadfe4e5d90..d97c97c38f9 100644
--- a/testsuite/integration-arquillian/servers/pom.xml
+++ b/testsuite/integration-arquillian/servers/pom.xml
@@ -26,6 +26,12 @@
                 <module>eap6</module>
             </modules>
         </profile>
+        <profile>
+            <id>migration-kc16</id>
+            <modules>
+                <module>wildfly_kc16</module>
+            </modules>
+        </profile>
         <profile>
             <id>migration-kc15</id>
             <modules>
diff --git a/testsuite/integration-arquillian/servers/wildfly_kc16/assembly.xml b/testsuite/integration-arquillian/servers/wildfly_kc16/assembly.xml
new file mode 100644
index 00000000000..46782886cb7
--- /dev/null
+++ b/testsuite/integration-arquillian/servers/wildfly_kc16/assembly.xml
@@ -0,0 +1,29 @@
+<assembly>
+    
+    <id>auth-server-wildfly-kc16</id>
+
+    <formats>
+        <format>zip</format>
+    </formats>
+
+    <includeBaseDirectory>false</includeBaseDirectory>
+
+    <fileSets>
+        <fileSet>
+            <directory>${keycloak.server.home}</directory>
+            <outputDirectory>keycloak-1.6.0.Final</outputDirectory>
+            <excludes>
+                <exclude>**/*.sh</exclude>
+            </excludes>
+        </fileSet>
+        <fileSet>
+            <directory>${keycloak.server.home}</directory>
+            <outputDirectory>keycloak-1.6.0.Final</outputDirectory>
+            <includes>
+                <include>**/*.sh</include>
+            </includes>
+            <fileMode>0755</fileMode>
+        </fileSet>
+    </fileSets>
+
+</assembly>
diff --git a/testsuite/integration-arquillian/servers/wildfly_kc16/pom.xml b/testsuite/integration-arquillian/servers/wildfly_kc16/pom.xml
new file mode 100644
index 00000000000..c5e8ac147c1
--- /dev/null
+++ b/testsuite/integration-arquillian/servers/wildfly_kc16/pom.xml
@@ -0,0 +1,199 @@
+<?xml version="1.0"?>
+<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+    <parent>
+        <groupId>org.keycloak.testsuite</groupId>
+        <artifactId>integration-arquillian-servers</artifactId>
+        <version>1.7.0.Final-SNAPSHOT</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>integration-arquillian-server-wildfly-kc16</artifactId>
+    <packaging>pom</packaging>
+    <name>Keycloak 1.6.0.Final on Wildfly</name>
+    
+    <properties>
+        <keycloak.server.home>${project.build.directory}/unpacked/keycloak-1.6.0.Final</keycloak.server.home>
+        <jdbc.mvn.driver.deployment.dir>${keycloak.server.home}/modules/system/layers/base/com/${jdbc.mvn.artifactId}/main</jdbc.mvn.driver.deployment.dir>
+    </properties>
+    
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-deploy-plugin</artifactId>
+                <configuration>
+                    <skip>true</skip>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-enforcer-plugin</artifactId>
+                <version>1.4</version>
+                <executions>
+                    <execution>
+                        <id>enforce-properties</id>
+                        <goals>
+                            <goal>enforce</goal>
+                        </goals>
+                        <configuration>
+                            <rules>
+                                <requireProperty>
+                                    <property>jdbc.mvn.groupId</property>
+                                </requireProperty>
+                                <requireProperty>
+                                    <property>jdbc.mvn.artifactId</property>
+                                </requireProperty>
+                                <requireProperty>
+                                    <property>jdbc.mvn.version</property>
+                                </requireProperty>
+                                <requireProperty>
+                                    <property>keycloak.connectionsJpa.url</property>
+                                </requireProperty>
+                                <requireProperty>
+                                    <property>keycloak.connectionsJpa.user</property>
+                                </requireProperty>
+                                <requireProperty>
+                                    <property>keycloak.connectionsJpa.password</property>
+                                </requireProperty>
+                            </rules>
+                        </configuration>
+                    </execution>
+                </executions>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-dependency-plugin</artifactId>
+                <executions>
+                    <execution>
+                        <id>unpack-server</id>
+                        <phase>generate-resources</phase>
+                        <goals>
+                            <goal>unpack</goal>
+                        </goals>
+                        <configuration>
+                            <artifactItems>
+                                <artifactItem>
+                                    <groupId>org.keycloak</groupId>
+                                    <artifactId>keycloak-server-dist</artifactId>
+                                    <version>1.6.0.Final</version>
+                                    <type>zip</type>
+                                    <outputDirectory>${project.build.directory}/unpacked</outputDirectory>
+                                </artifactItem>
+                            </artifactItems>
+                        </configuration>
+                    </execution>
+                    <execution>
+                        <id>jdbc-driver</id>
+                        <phase>process-resources</phase>
+                        <goals>
+                            <goal>copy</goal>
+                        </goals>
+                        <configuration>
+                            <artifactItems>
+                                <artifactItem>
+                                    <groupId>${jdbc.mvn.groupId}</groupId>
+                                    <artifactId>${jdbc.mvn.artifactId}</artifactId>
+                                    <version>${jdbc.mvn.version}</version>
+                                    <type>jar</type>
+                                </artifactItem>
+                            </artifactItems>
+                            <outputDirectory>${jdbc.mvn.driver.deployment.dir}</outputDirectory>
+                            <overWriteIfNewer>true</overWriteIfNewer>
+                        </configuration>
+                    </execution>
+                </executions>
+            </plugin>
+            <plugin>
+                <groupId>org.codehaus.mojo</groupId>
+                <artifactId>xml-maven-plugin</artifactId>
+                <executions>
+                    <execution>
+                        <id>configure-wildfly-datasource</id>
+                        <phase>process-resources</phase>
+                        <goals>
+                            <goal>transform</goal>
+                        </goals>
+                        <configuration>
+                            <transformationSets>
+                                <!-- create module.xml in modules -->
+                                <transformationSet>
+                                    <dir>${keycloak.server.home}/modules/system/layers/base/com/h2database/h2/main</dir>
+                                    <stylesheet>src/main/xslt/module.xsl</stylesheet>
+                                    <includes>
+                                        <include>module.xml</include>
+                                    </includes>
+                                    <outputDir>${jdbc.mvn.driver.deployment.dir}</outputDir>
+                                    <parameters>
+                                        <parameter>
+                                            <name>database</name>
+                                            <value>${jdbc.mvn.artifactId}</value>
+                                        </parameter>
+                                        <parameter>
+                                            <name>version</name>
+                                            <value>${jdbc.mvn.version}</value>
+                                        </parameter>
+                                    </parameters>
+                                </transformationSet>
+                                <!-- add datasource to standalone.xml -->
+                                <transformationSet>
+                                    <dir>${keycloak.server.home}/standalone/configuration</dir>
+                                    <stylesheet>src/main/xslt/datasource.xsl</stylesheet>
+                                    <includes>
+                                        <include>standalone.xml</include>
+                                    </includes>
+                                    <outputDir>${keycloak.server.home}/standalone/configuration</outputDir>
+                                    <parameters>
+                                        <parameter>
+                                            <name>jdbc.url</name>
+                                            <value>${keycloak.connectionsJpa.url}</value>
+                                        </parameter>
+                                        <parameter>
+                                            <name>driver</name>
+                                            <value>${jdbc.mvn.artifactId}</value>
+                                        </parameter>
+                                        <parameter>
+                                            <name>username</name>
+                                            <value>${keycloak.connectionsJpa.user}</value>
+                                        </parameter>
+                                        <parameter>
+                                            <name>password</name>
+                                            <value>${keycloak.connectionsJpa.password}</value>
+                                        </parameter>
+                                    </parameters>
+                                </transformationSet>
+                                <!-- add logger for org.hibernate.dialect.Dialect to standalone.xml-->
+                                <transformationSet>
+                                    <dir>${keycloak.server.home}/standalone/configuration</dir>
+                                    <stylesheet>src/main/xslt/add-dialect-logger.xsl</stylesheet>
+                                    <includes>
+                                        <include>standalone.xml</include>
+                                    </includes>
+                                    <outputDir>${keycloak.server.home}/standalone/configuration</outputDir>
+                                </transformationSet>
+                            </transformationSets>
+                        </configuration>
+                    </execution>
+                </executions>
+            </plugin>
+            <plugin>
+                <artifactId>maven-assembly-plugin</artifactId>
+                <executions>
+                    <execution>
+                        <id>create-zip</id>
+                        <phase>package</phase>
+                        <goals>
+                            <goal>single</goal>
+                        </goals>
+                        <configuration>
+                            <descriptors>
+                                <descriptor>assembly.xml</descriptor>
+                            </descriptors>
+                            <appendAssemblyId>false</appendAssemblyId>
+                        </configuration>
+                    </execution>
+                </executions>
+            </plugin>
+        </plugins>
+    </build>
+</project>
diff --git a/testsuite/integration-arquillian/servers/wildfly_kc16/src/main/xslt/add-dialect-logger.xsl b/testsuite/integration-arquillian/servers/wildfly_kc16/src/main/xslt/add-dialect-logger.xsl
new file mode 100644
index 00000000000..b5dc8c4e02c
--- /dev/null
+++ b/testsuite/integration-arquillian/servers/wildfly_kc16/src/main/xslt/add-dialect-logger.xsl
@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" 
+                xmlns:xalan="http://xml.apache.org/xalan" 
+                version="2.0"
+                exclude-result-prefixes="xalan">
+    
+    <xsl:output method="xml" version="1.0" encoding="UTF-8" indent="yes" xalan:indent-amount="4" standalone="no"/>
+
+    <xsl:variable name="nsDS" select="'urn:jboss:domain:logging:'"/>
+
+    <xsl:template match="//*[local-name()='subsystem' and starts-with(namespace-uri(), $nsDS)]
+                        /*[local-name()='root-logger' and starts-with(namespace-uri(), $nsDS)]">
+        <logger category="org.hibernate.dialect.Dialect">
+            <level name="ALL"/>
+        </logger>
+        <xsl:copy>
+            <xsl:apply-templates select="@* | node()" />
+        </xsl:copy>
+    </xsl:template>
+
+    <!-- Copy everything else. -->
+    <xsl:template match="@* | node()">
+        <xsl:copy>
+            <xsl:apply-templates select="@* | node()"/>
+        </xsl:copy>
+    </xsl:template>
+
+</xsl:stylesheet>
\ No newline at end of file
diff --git a/testsuite/integration-arquillian/servers/wildfly_kc16/src/main/xslt/datasource.xsl b/testsuite/integration-arquillian/servers/wildfly_kc16/src/main/xslt/datasource.xsl
new file mode 100644
index 00000000000..c06899fd74e
--- /dev/null
+++ b/testsuite/integration-arquillian/servers/wildfly_kc16/src/main/xslt/datasource.xsl
@@ -0,0 +1,94 @@
+<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
+                xmlns:xalan="http://xml.apache.org/xalan"
+                xmlns:j="urn:jboss:domain:3.0"
+                xmlns:ds="urn:jboss:domain:datasources:3.0"
+                xmlns:k="urn:jboss:domain:keycloak:1.1"
+                xmlns:sec="urn:jboss:domain:security:1.2"
+                version="2.0"
+                exclude-result-prefixes="xalan j ds k sec">
+
+    <xsl:output method="xml" version="1.0" encoding="UTF-8" indent="yes" xalan:indent-amount="4" standalone="no"/>
+    <xsl:strip-space elements="*"/>
+
+
+    <xsl:variable name="nsDS" select="'urn:jboss:domain:datasources:'"/>
+    
+    <!-- Remove keycloak datasource definition. -->
+    <xsl:template match="//*[local-name()='subsystem' and starts-with(namespace-uri(), $nsDS)]
+		         /*[local-name()='datasources' and starts-with(namespace-uri(), $nsDS)]
+                         /*[local-name()='datasource' and starts-with(namespace-uri(), $nsDS) and @pool-name='KeycloakDS']">
+    </xsl:template>
+    
+    <xsl:param name="jdbc.url" select="'jdbc:h2:${jboss.server.data.dir}/keycloak;AUTO_SERVER=TRUE'"/>
+    <xsl:param name="driver" select="'h2'"/>
+    
+    <xsl:param name="username" select="'sa'"/>
+    <xsl:param name="password" select="'sa'"/>
+    
+    <xsl:param name="min.poolsize" select="'10'"/>
+    <xsl:param name="max.poolsize" select="'50'"/>
+    <xsl:param name="pool.prefill" select="'true'"/>
+    
+    <xsl:variable name="newDatasourceDefinition">
+        <datasource jndi-name="java:jboss/datasources/KeycloakDS" pool-name="KeycloakDS" enabled="true" use-java-context="true">
+            <connection-url>
+                <xsl:value-of select="$jdbc.url"/>
+            </connection-url>
+            <driver>
+                <xsl:value-of select="$driver"/>
+            </driver>
+            <security>
+                <user-name>
+                    <xsl:value-of select="$username"/>
+                </user-name>
+                <password>
+                    <xsl:value-of select="$password"/>
+                </password>
+            </security>
+            <pool>
+                <min-pool-size>
+                    <xsl:value-of select="$min.poolsize"/>
+                </min-pool-size>
+                <max-pool-size>
+                    <xsl:value-of select="$max.poolsize"/>
+                </max-pool-size>
+                <prefill>
+                    <xsl:value-of select="$pool.prefill"/>
+                </prefill>
+            </pool>
+        </datasource>
+    </xsl:variable>
+    
+    <xsl:variable name="newDriverDefinition">
+        <xsl:if test="$driver != 'h2'">
+            <driver name="{$driver}" module="com.{$driver}" />
+        </xsl:if>
+    </xsl:variable>
+    
+    <!-- Add new datasource definition. -->
+    <xsl:template match="//*[local-name()='subsystem' and starts-with(namespace-uri(), $nsDS)]
+		         /*[local-name()='datasources' and starts-with(namespace-uri(), $nsDS)]">
+        <xsl:copy>
+            <xsl:copy-of select="$newDatasourceDefinition"/>
+            <xsl:apply-templates select="@* | node()" />
+        </xsl:copy>
+    </xsl:template>
+    
+    <!-- Add new driver definition. -->
+    <xsl:template match="//*[local-name()='subsystem' and starts-with(namespace-uri(), $nsDS)]
+		         /*[local-name()='datasources' and starts-with(namespace-uri(), $nsDS)]
+		         /*[local-name()='drivers' and starts-with(namespace-uri(), $nsDS)]">
+        <xsl:copy>
+            <xsl:copy-of select="$newDriverDefinition"/>
+            <xsl:apply-templates select="@* | node()" />
+        </xsl:copy>
+    </xsl:template>
+    
+    <!-- Copy everything else. -->
+    <xsl:template match="@*|node()">
+        <xsl:copy>
+            <xsl:apply-templates select="@*|node()" />
+        </xsl:copy>
+    </xsl:template>
+
+</xsl:stylesheet>
\ No newline at end of file
diff --git a/testsuite/integration-arquillian/servers/wildfly_kc16/src/main/xslt/module.xsl b/testsuite/integration-arquillian/servers/wildfly_kc16/src/main/xslt/module.xsl
new file mode 100644
index 00000000000..88ac56b86ca
--- /dev/null
+++ b/testsuite/integration-arquillian/servers/wildfly_kc16/src/main/xslt/module.xsl
@@ -0,0 +1,33 @@
+<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
+                xmlns:xalan="http://xml.apache.org/xalan"
+                xmlns:m="urn:jboss:module:1.3"
+                version="2.0"
+                exclude-result-prefixes="xalan m">
+
+    <xsl:output method="xml" version="1.0" encoding="UTF-8" indent="yes" xalan:indent-amount="4" />
+    
+       
+    <xsl:param name="database" select="''"/>
+    <xsl:param name="version" select="''"/>
+    
+    <xsl:variable name="newModuleDefinition">
+        <module xmlns="urn:jboss:module:1.3" name="com.{$database}">
+            <resources>
+                <resource-root path="{$database}-{$version}.jar"/>
+            </resources>
+            <dependencies>
+                <module name="javax.api"/>
+                <module name="javax.transaction.api"/>
+            </dependencies>
+        </module>
+    </xsl:variable>
+    
+    <!-- clear whole document -->
+    <xsl:template match="/*" />
+    
+    <!-- Copy new module definition. -->
+    <xsl:template match="/*">
+        <xsl:copy-of select="$newModuleDefinition"/>
+    </xsl:template>
+
+</xsl:stylesheet>
\ No newline at end of file
diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml b/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml
index 1b6df1d5e1a..bc82ac773cc 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml
+++ b/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml
@@ -21,6 +21,17 @@
     <!-- PREVIOUS VERSIONS KEYCLOAK FOR MIGRATION TESTS -->
     <!-- IT HAS TO BE LISTED ABOWE KEYCLOAK AUTH SERVERS -->
     
+    <container qualifier="keycloak-1.6.0.Final" mode="suite" >
+        <configuration>
+            <property name="enabled">${migration.kc16}</property>
+            <property name="adapterImplClass">org.jboss.as.arquillian.container.managed.ManagedDeployableContainer</property>
+            <property name="jbossHome">${keycloak-1.6.0.Final.home}</property>
+            <property name="javaVmArguments">-Djboss.socket.binding.port-offset=${auth.server.port.offset} -Xms64m -Xmx512m -XX:MaxPermSize=256m</property>
+            <property name="managementPort">${auth.server.management.port}</property>
+            <property name="startupTimeoutInSeconds">${startup.timeout.sec}</property>
+        </configuration>
+    </container>
+    
     <container qualifier="keycloak-1.5.1.Final" mode="suite" >
         <configuration>
             <property name="enabled">${migration.kc15}</property>
diff --git a/testsuite/integration-arquillian/tests/pom.xml b/testsuite/integration-arquillian/tests/pom.xml
index 2c9f13f5f03..2a1be0b2d6e 100644
--- a/testsuite/integration-arquillian/tests/pom.xml
+++ b/testsuite/integration-arquillian/tests/pom.xml
@@ -451,6 +451,56 @@
         
         <!-- Profiles for migration tests-->
         
+        <profile>
+            <id>migration-kc16</id>
+            <properties>
+                <keycloak-1.6.0.Final.home>${containers.home}/keycloak-1.6.0.Final</keycloak-1.6.0.Final.home>
+            </properties>
+            <build>
+                <pluginManagement>
+                    <plugins>
+                        <plugin>
+                            <groupId>org.apache.maven.plugins</groupId>
+                            <artifactId>maven-dependency-plugin</artifactId>
+                            <version>2.10</version>
+                            <executions>
+                                <execution>
+                                    <id>unpack-previous</id>
+                                    <phase>generate-test-resources</phase>
+                                    <goals>
+                                        <goal>unpack</goal>
+                                    </goals>
+                                    <configuration>
+                                        <artifactItems>
+                                            <artifactItem>
+                                                <groupId>org.keycloak.testsuite</groupId>
+                                                <artifactId>integration-arquillian-server-wildfly-kc16</artifactId>
+                                                <version>${project.version}</version>
+                                                <type>zip</type>
+                                            </artifactItem>
+                                        </artifactItems>
+                                        <outputDirectory>${containers.home}</outputDirectory>
+                                        <overWriteIfNewer>true</overWriteIfNewer>
+                                    </configuration>
+                                </execution>
+                            </executions>
+                        </plugin>
+                        <plugin>
+                            <groupId>org.apache.maven.plugins</groupId>
+                            <artifactId>maven-surefire-plugin</artifactId>
+                            <configuration>
+                                <systemPropertyVariables>
+                                    <migration>true</migration>
+                                    <migration.kc16>true</migration.kc16>
+                                    <keycloak-1.6.0.Final.home>${keycloak-1.6.0.Final.home}</keycloak-1.6.0.Final.home>
+                                </systemPropertyVariables>
+                            </configuration>
+                        </plugin>
+                    </plugins>
+                </pluginManagement>
+            </build>
+        </profile>
+        
         <profile>
             <id>migration-kc15</id>
             <properties>

From 4b444d36b0228d30ac3283324528cba5012bdbdc Mon Sep 17 00:00:00 2001
From: vramik <vramik@localhost.localdomain>
Date: Wed, 21 Oct 2015 10:35:19 +0200
Subject: [PATCH 06/34] removed changes in admin-client

---
 .../resource/AuthenticationFlowResource.java  | 47 -----------------
 .../resource/AuthenticationFlowsResource.java | 50 -------------------
 .../resource/AuthenticationResource.java      | 36 -------------
 .../admin/client/resource/RealmResource.java  |  3 --
 4 files changed, 136 deletions(-)
 delete mode 100644 integration/admin-client/src/main/java/org/keycloak/admin/client/resource/AuthenticationFlowResource.java
 delete mode 100644 integration/admin-client/src/main/java/org/keycloak/admin/client/resource/AuthenticationFlowsResource.java
 delete mode 100644 integration/admin-client/src/main/java/org/keycloak/admin/client/resource/AuthenticationResource.java

diff --git a/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/AuthenticationFlowResource.java b/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/AuthenticationFlowResource.java
deleted file mode 100644
index b2147fe51a3..00000000000
--- a/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/AuthenticationFlowResource.java
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2012, Red Hat, Inc., and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- * 
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- * 
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- * 
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-
-package org.keycloak.admin.client.resource;
-
-import javax.ws.rs.Consumes;
-import javax.ws.rs.GET;
-import javax.ws.rs.PUT;
-import javax.ws.rs.Produces;
-import javax.ws.rs.core.MediaType;
-import org.keycloak.representations.idm.AuthenticationFlowRepresentation;
-
-/**
- *
- * @author <a href="mailto:vramik@redhat.com">Vlastislav Ramik</a>
- */
-public interface AuthenticationFlowResource {
-    
-    @GET
-    @Produces(MediaType.APPLICATION_JSON)
-    public AuthenticationFlowRepresentation toRepresentation();
-    
-    @PUT
-    @Consumes(MediaType.APPLICATION_JSON)
-    public void update(AuthenticationFlowRepresentation authenticationFlowRepresentation);
-    
-    
-}
diff --git a/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/AuthenticationFlowsResource.java b/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/AuthenticationFlowsResource.java
deleted file mode 100644
index a100a2525dd..00000000000
--- a/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/AuthenticationFlowsResource.java
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2012, Red Hat, Inc., and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- * 
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- * 
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- * 
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.keycloak.admin.client.resource;
-
-import java.util.List;
-import javax.ws.rs.Consumes;
-import javax.ws.rs.GET;
-import javax.ws.rs.POST;
-import javax.ws.rs.Path;
-import javax.ws.rs.PathParam;
-import javax.ws.rs.Produces;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.Response;
-import org.keycloak.representations.idm.AuthenticationFlowRepresentation;
-
-/**
-  * @author <a href="mailto:vramik@redhat.com">Vlastislav Ramik</a>
- */
-public interface AuthenticationFlowsResource {
-    
-//    @Path("{alias}")
-//    public AuthenticationFlowResource get(@PathParam("alias") String alias);
-
-    @POST
-    @Consumes(MediaType.APPLICATION_JSON)
-    public Response create(AuthenticationFlowRepresentation authenticationFlowRepresentation);
-
-    @GET
-    @Produces(MediaType.APPLICATION_JSON)
-    public List<AuthenticationFlowRepresentation> list();
-}
diff --git a/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/AuthenticationResource.java b/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/AuthenticationResource.java
deleted file mode 100644
index 15cfb07f9fc..00000000000
--- a/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/AuthenticationResource.java
+++ /dev/null
@@ -1,36 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2012, Red Hat, Inc., and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- * 
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- * 
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- * 
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-
-package org.keycloak.admin.client.resource;
-
-import javax.ws.rs.Path;
-
-/**
- *
- * @author <a href="mailto:vramik@redhat.com">Vlastislav Ramik</a>
- */
-public interface AuthenticationResource {
-    
-    @Path("flows")
-    AuthenticationFlowsResource flows();
-    
-}
diff --git a/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/RealmResource.java b/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/RealmResource.java
index 0ac10221077..87513ec2ab2 100644
--- a/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/RealmResource.java
+++ b/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/RealmResource.java
@@ -46,7 +46,4 @@ public interface RealmResource {
     @GET
     List<Map<String, String>> getClientSessionStats();
     
-    @Path("authentication")
-    AuthenticationResource authentication();
-    
 }

From f823b17b90c0dd22a08c3b30c53d4c8b314f0f7d Mon Sep 17 00:00:00 2001
From: vramik <vramik@users.noreply.github.com>
Date: Thu, 22 Oct 2015 14:04:50 +0200
Subject: [PATCH 07/34] add path for migration test realm

---
 testsuite/integration-arquillian/tests/pom.xml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/testsuite/integration-arquillian/tests/pom.xml b/testsuite/integration-arquillian/tests/pom.xml
index 2a1be0b2d6e..cec51ebe6a4 100644
--- a/testsuite/integration-arquillian/tests/pom.xml
+++ b/testsuite/integration-arquillian/tests/pom.xml
@@ -493,6 +493,7 @@
                                     <migration>true</migration>
                                     <migration.kc16>true</migration.kc16>
                                     <keycloak-1.6.0.Final.home>${keycloak-1.6.0.Final.home}</keycloak-1.6.0.Final.home>
+                                    <keycloak.migration.file>src/test/resources/migration-test/migration-realm-16.json</keycloak.migration.file>
                                 </systemPropertyVariables>
                             </configuration>
                         </plugin>

From e04dbffb88d35ffb8ad1f7e6081b3062ed44e1d3 Mon Sep 17 00:00:00 2001
From: mposolda <mposolda@gmail.com>
Date: Thu, 22 Oct 2015 14:11:05 +0200
Subject: [PATCH 08/34] KEYCLOAK-1999 KC server doesn't start on EAP 6.4 in
 local mode on PostgreSQL

---
 .../JpaUserSessionPersisterProvider.java      | 40 +++++++++----------
 .../compat/SimpleUserSessionInitializer.java  |  2 +-
 .../UserSessionPersisterProviderTest.java     |  8 ++++
 3 files changed, 29 insertions(+), 21 deletions(-)

diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/session/JpaUserSessionPersisterProvider.java b/model/jpa/src/main/java/org/keycloak/models/jpa/session/JpaUserSessionPersisterProvider.java
index 6fc2960b842..5fa648ed36e 100644
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/session/JpaUserSessionPersisterProvider.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/session/JpaUserSessionPersisterProvider.java
@@ -188,32 +188,32 @@ public class JpaUserSessionPersisterProvider implements UserSessionPersisterProv
             userSessionIds.add(entity.getUserSessionId());
         }
 
-        TypedQuery<PersistentClientSessionEntity> query2 = em.createNamedQuery("findClientSessionsByUserSessions", PersistentClientSessionEntity.class);
-        query2.setParameter("userSessionIds", userSessionIds);
-        query2.setParameter("offline", offlineStr);
-        List<PersistentClientSessionEntity> clientSessions = query2.getResultList();
+        if (!userSessionIds.isEmpty()) {
+            TypedQuery<PersistentClientSessionEntity> query2 = em.createNamedQuery("findClientSessionsByUserSessions", PersistentClientSessionEntity.class);
+            query2.setParameter("userSessionIds", userSessionIds);
+            query2.setParameter("offline", offlineStr);
+            List<PersistentClientSessionEntity> clientSessions = query2.getResultList();
 
-        // Assume both userSessions and clientSessions ordered by userSessionId
-        int j=0;
-        for (UserSessionModel ss : result) {
-            PersistentUserSessionAdapter userSession = (PersistentUserSessionAdapter) ss;
-            List<ClientSessionModel> currentClientSessions = userSession.getClientSessions(); // This is empty now and we want to fill it
+            // Assume both userSessions and clientSessions ordered by userSessionId
+            int j = 0;
+            for (UserSessionModel ss : result) {
+                PersistentUserSessionAdapter userSession = (PersistentUserSessionAdapter) ss;
+                List<ClientSessionModel> currentClientSessions = userSession.getClientSessions(); // This is empty now and we want to fill it
 
-            boolean next = true;
-            while (next && j<clientSessions.size()) {
-                PersistentClientSessionEntity clientSession = clientSessions.get(j);
-                if (clientSession.getUserSessionId().equals(userSession.getId())) {
-                    PersistentClientSessionAdapter clientSessAdapter = toAdapter(userSession.getRealm(), userSession, clientSession);
-                    currentClientSessions.add(clientSessAdapter);
-                    j++;
-                } else {
-                    next = false;
+                boolean next = true;
+                while (next && j < clientSessions.size()) {
+                    PersistentClientSessionEntity clientSession = clientSessions.get(j);
+                    if (clientSession.getUserSessionId().equals(userSession.getId())) {
+                        PersistentClientSessionAdapter clientSessAdapter = toAdapter(userSession.getRealm(), userSession, clientSession);
+                        currentClientSessions.add(clientSessAdapter);
+                        j++;
+                    } else {
+                        next = false;
+                    }
                 }
             }
         }
 
-
-
         return result;
     }
 
diff --git a/model/sessions-infinispan/src/main/java/org/keycloak/models/sessions/infinispan/compat/SimpleUserSessionInitializer.java b/model/sessions-infinispan/src/main/java/org/keycloak/models/sessions/infinispan/compat/SimpleUserSessionInitializer.java
index cb5a7e74f7b..1ec5dc9db53 100644
--- a/model/sessions-infinispan/src/main/java/org/keycloak/models/sessions/infinispan/compat/SimpleUserSessionInitializer.java
+++ b/model/sessions-infinispan/src/main/java/org/keycloak/models/sessions/infinispan/compat/SimpleUserSessionInitializer.java
@@ -39,7 +39,7 @@ public class SimpleUserSessionInitializer {
             public void run(KeycloakSession session) {
                 int count = sessionLoader.getSessionsCount(session);
 
-                for (int i=0 ; i<=count ; i+=sessionsPerSegment) {
+                for (int i=0 ; i<count ; i+=sessionsPerSegment) {
                     sessionLoader.loadSessions(session, i, sessionsPerSegment);
                 }
             }
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/model/UserSessionPersisterProviderTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/model/UserSessionPersisterProviderTest.java
index 8a6fc9dcb0f..cbc8284c22f 100644
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/model/UserSessionPersisterProviderTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/model/UserSessionPersisterProviderTest.java
@@ -290,6 +290,14 @@ public class UserSessionPersisterProviderTest {
         realmMgr.removeRealm(realmMgr.getRealm("foo"));
     }
 
+    // KEYCLOAK-1999
+    @Test
+    public void testNoSessions() {
+        UserSessionPersisterProvider persister = session.getProvider(UserSessionPersisterProvider.class);
+        List<UserSessionModel> sessions = persister.loadUserSessions(0, 1, true);
+        Assert.assertEquals(0, sessions.size());
+    }
+
 
     private ClientSessionModel createClientSession(ClientModel client, UserSessionModel userSession, String redirect, String state, Set<String> roles, Set<String> protocolMappers) {
         ClientSessionModel clientSession = session.sessions().createClientSession(realm, client);

From 4f2fe0197d2f1ed5de1c8ca1eae9bc8d139d9f06 Mon Sep 17 00:00:00 2001
From: Stian Thorgersen <stianst@gmail.com>
Date: Tue, 20 Oct 2015 08:11:50 +0200
Subject: [PATCH 09/34] Fix saml examples not excluded from deploy

---
 .../saml-adapters/jetty91-adapter-zip/pom.xml  |  2 +-
 examples/pom.xml                               | 18 +++++++++++-------
 examples/saml/post-with-encryption/pom.xml     |  8 ++++++--
 examples/saml/post-with-signature/pom.xml      |  8 ++++++--
 examples/saml/redirect-with-signature/pom.xml  |  8 ++++++--
 5 files changed, 30 insertions(+), 14 deletions(-)

diff --git a/distribution/saml-adapters/jetty91-adapter-zip/pom.xml b/distribution/saml-adapters/jetty91-adapter-zip/pom.xml
index 2c15be444af..733aabf157a 100755
--- a/distribution/saml-adapters/jetty91-adapter-zip/pom.xml
+++ b/distribution/saml-adapters/jetty91-adapter-zip/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.6.0.Final-SNAPSHOT</version>
+        <version></version>
         <relativePath>../../../pom.xml</relativePath>
     </parent>
 
diff --git a/examples/pom.xml b/examples/pom.xml
index ec25be94389..6423a7c0184 100755
--- a/examples/pom.xml
+++ b/examples/pom.xml
@@ -14,14 +14,18 @@
     <packaging>pom</packaging>
 
     <build>
+        <pluginManagement>
+            <plugins>
+                <plugin>
+                    <groupId>org.apache.maven.plugins</groupId>
+                    <artifactId>maven-deploy-plugin</artifactId>
+                    <configuration>
+                        <skip>true</skip>
+                    </configuration>
+                </plugin>
+            </plugins>
+        </pluginManagement>
         <plugins>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-deploy-plugin</artifactId>
-                <configuration>
-                    <skip>true</skip>
-                </configuration>
-            </plugin>
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-war-plugin</artifactId>
diff --git a/examples/saml/post-with-encryption/pom.xml b/examples/saml/post-with-encryption/pom.xml
index 0c95d95563c..090f6afc0e6 100755
--- a/examples/saml/post-with-encryption/pom.xml
+++ b/examples/saml/post-with-encryption/pom.xml
@@ -2,9 +2,13 @@
          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
     <modelVersion>4.0.0</modelVersion>
 
-    <groupId>org.keycloak.examples</groupId>
+    <parent>
+        <artifactId>keycloak-examples-saml-parent</artifactId>
+        <groupId>org.keycloak</groupId>
+        <version>1.7.0.Final-SNAPSHOT</version>
+    </parent>
+
     <artifactId>saml-post-encryption</artifactId>
-    <version>1.6.0.Final-SNAPSHOT</version>
 
     <packaging>war</packaging>
 
diff --git a/examples/saml/post-with-signature/pom.xml b/examples/saml/post-with-signature/pom.xml
index 8841ac054c0..14db058a9bf 100755
--- a/examples/saml/post-with-signature/pom.xml
+++ b/examples/saml/post-with-signature/pom.xml
@@ -2,9 +2,13 @@
          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
     <modelVersion>4.0.0</modelVersion>
 
-    <groupId>org.keycloak.examples</groupId>
+    <parent>
+        <artifactId>keycloak-examples-saml-parent</artifactId>
+        <groupId>org.keycloak</groupId>
+        <version>1.7.0.Final-SNAPSHOT</version>
+    </parent>
+
     <artifactId>saml-post-signatures</artifactId>
-    <version>1.6.0.Final-SNAPSHOT</version>
 
     <packaging>war</packaging>
 
diff --git a/examples/saml/redirect-with-signature/pom.xml b/examples/saml/redirect-with-signature/pom.xml
index 55f426b7df1..06a4e55d5e2 100755
--- a/examples/saml/redirect-with-signature/pom.xml
+++ b/examples/saml/redirect-with-signature/pom.xml
@@ -2,9 +2,13 @@
          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
     <modelVersion>4.0.0</modelVersion>
 
-    <groupId>org.keycloak.examples</groupId>
+    <parent>
+        <artifactId>keycloak-examples-saml-parent</artifactId>
+        <groupId>org.keycloak</groupId>
+        <version>1.7.0.Final-SNAPSHOT</version>
+    </parent>
+
     <artifactId>saml-redirect-signatures</artifactId>
-    <version>1.6.0.Final-SNAPSHOT</version>
 
     <packaging>war</packaging>
 

From b32423d96bb9437f179fdcd556eb5e5e630f33e4 Mon Sep 17 00:00:00 2001
From: Michael Gerber <gerbermichi@me.com>
Date: Fri, 23 Oct 2015 09:38:40 +0200
Subject: [PATCH 10/34] autofocus on input field

---
 .../main/resources/theme/base/login/login-reset-password.ftl    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/forms/common-themes/src/main/resources/theme/base/login/login-reset-password.ftl b/forms/common-themes/src/main/resources/theme/base/login/login-reset-password.ftl
index e19a266b9d9..404de17ea20 100755
--- a/forms/common-themes/src/main/resources/theme/base/login/login-reset-password.ftl
+++ b/forms/common-themes/src/main/resources/theme/base/login/login-reset-password.ftl
@@ -11,7 +11,7 @@
                     <label for="username" class="${properties.kcLabelClass!}">${msg("usernameOrEmail")}</label>
                 </div>
                 <div class="${properties.kcInputWrapperClass!}">
-                    <input type="text" id="username" name="username" class="${properties.kcInputClass!}" />
+                    <input type="text" id="username" name="username" class="${properties.kcInputClass!}" autofocus/>
                 </div>
             </div>
 

From 3b4b1b20d890ecdf931c4ecb865615fadc2800a6 Mon Sep 17 00:00:00 2001
From: Michael Gerber <gerbermichi@me.com>
Date: Fri, 23 Oct 2015 09:41:03 +0200
Subject: [PATCH 11/34] expose client attributes in ClientBean

---
 .../org/keycloak/login/freemarker/model/ClientBean.java   | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/forms/login-freemarker/src/main/java/org/keycloak/login/freemarker/model/ClientBean.java b/forms/login-freemarker/src/main/java/org/keycloak/login/freemarker/model/ClientBean.java
index f10d031d073..a29271895ba 100755
--- a/forms/login-freemarker/src/main/java/org/keycloak/login/freemarker/model/ClientBean.java
+++ b/forms/login-freemarker/src/main/java/org/keycloak/login/freemarker/model/ClientBean.java
@@ -4,6 +4,7 @@ import org.keycloak.models.ClientModel;
 import org.keycloak.services.util.ResolveRelative;
 
 import java.net.URI;
+import java.util.Map;
 
 /**
  * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
@@ -32,4 +33,11 @@ public class ClientBean {
         return ResolveRelative.resolveRelativeUri(requestUri, client.getRootUrl(), client.getBaseUrl());
     }
 
+    public Map<String,String> getAttributes(){
+        return client.getAttributes();
+    }
+
+    public String getAttribute(String key){
+        return client.getAttribute(key);
+    }
 }

From a5dc91f9a687655ebddba3938a1a188bf1383c68 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ramiro=20Sa=CC=81nchez?= <ramiro@conductiva.com>
Date: Fri, 23 Oct 2015 12:23:24 +0200
Subject: [PATCH 12/34] Added support to indicate desired locale on login

---
 integration/js/src/main/resources/keycloak.js | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/integration/js/src/main/resources/keycloak.js b/integration/js/src/main/resources/keycloak.js
index d189a361f83..9e3d44b3e52 100755
--- a/integration/js/src/main/resources/keycloak.js
+++ b/integration/js/src/main/resources/keycloak.js
@@ -168,6 +168,10 @@
                 url += '&scope=' + options.scope;
             }
 
+            if (options && options.locale) {
+                url += '&kc_locale=' + options.locale;
+            }
+
             return url;
         }
 

From 11ef67722b12ce8a35a5832dceffdef8b0059b4c Mon Sep 17 00:00:00 2001
From: Stian Thorgersen <stianst@gmail.com>
Date: Fri, 23 Oct 2015 13:40:34 +0200
Subject: [PATCH 13/34] KEYCLOAK-2015 autofocus on input text field in
 login-totp.ftl

---
 .../src/main/resources/theme/base/login/login-totp.ftl          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/forms/common-themes/src/main/resources/theme/base/login/login-totp.ftl b/forms/common-themes/src/main/resources/theme/base/login/login-totp.ftl
index e472fff1ff4..3f46b76ba1f 100755
--- a/forms/common-themes/src/main/resources/theme/base/login/login-totp.ftl
+++ b/forms/common-themes/src/main/resources/theme/base/login/login-totp.ftl
@@ -12,7 +12,7 @@
                 </div>
 
                 <div class="${properties.kcInputWrapperClass!}">
-                    <input id="totp" name="totp" type="text" class="${properties.kcInputClass!}" />
+                    <input id="totp" name="totp" type="text" class="${properties.kcInputClass!}" autofocus />
                 </div>
             </div>
 

From ebd02a1a7f5149efde37c1e3a5db7102223c8a58 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ramiro=20Sa=CC=81nchez?= <ramiro@conductiva.com>
Date: Fri, 23 Oct 2015 14:21:59 +0200
Subject: [PATCH 14/34] Changed query parameter from kc_locale to ui_locales as
 suggested by stianst

---
 integration/js/src/main/resources/keycloak.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/integration/js/src/main/resources/keycloak.js b/integration/js/src/main/resources/keycloak.js
index 9e3d44b3e52..7b378de3472 100755
--- a/integration/js/src/main/resources/keycloak.js
+++ b/integration/js/src/main/resources/keycloak.js
@@ -169,7 +169,7 @@
             }
 
             if (options && options.locale) {
-                url += '&kc_locale=' + options.locale;
+                url += '&ui_locales=' + options.locale;
             }
 
             return url;

From 57c282eca805b880aa4113249a86febf81cec1ac Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ramiro=20Sa=CC=81nchez?= <ramiro@conductiva.com>
Date: Fri, 23 Oct 2015 14:32:16 +0200
Subject: [PATCH 15/34] Updated documentation with the new 'locale' parameter

---
 .../reference/en/en-US/modules/javascript-adapter.xml            | 1 +
 1 file changed, 1 insertion(+)

diff --git a/docbook/auth-server-docs/reference/en/en-US/modules/javascript-adapter.xml b/docbook/auth-server-docs/reference/en/en-US/modules/javascript-adapter.xml
index 33d62dca2db..2036afbd8aa 100755
--- a/docbook/auth-server-docs/reference/en/en-US/modules/javascript-adapter.xml
+++ b/docbook/auth-server-docs/reference/en/en-US/modules/javascript-adapter.xml
@@ -210,6 +210,7 @@ new Keycloak({ url: 'http://localhost/auth', realm: 'myrealm', clientId: 'myApp'
                         <listitem>prompt - can be set to 'none' to check if the user is logged in already (if not logged in, a login form is not displayed)</listitem>
                         <listitem>loginHint - used to pre-fill the username/email field on the login form</listitem>
                         <listitem>action - if value is 'register' then user is redirected to registration page, otherwise to login page</listitem>
+                        <listitem>locale - specifies the desired locale for the UI</listitem>
                     </itemizedlist>
                 </para>
             </simplesect>

From c498b06f68389388e78a6d17fa110024bd4a5f72 Mon Sep 17 00:00:00 2001
From: mposolda <mposolda@gmail.com>
Date: Fri, 23 Oct 2015 15:08:07 +0200
Subject: [PATCH 16/34] KEYCLOAK-2007 Migration upgrade for 1.6.1

---
 .../META-INF/jpa-changelog-1.6.0.xml          |   8 +-
 .../META-INF/jpa-changelog-1.6.1.xml          | 105 ++++++++++++++++++
 .../META-INF/jpa-changelog-master.xml         |   2 +-
 .../jpa/updater/JpaUpdaterProvider.java       |   2 +-
 .../models/utils/PostMigrationEvent.java      |  11 ++
 .../InfinispanUserSessionProviderFactory.java |  20 +++-
 .../resources/KeycloakApplication.java        |   3 +
 7 files changed, 141 insertions(+), 10 deletions(-)
 create mode 100644 connections/jpa-liquibase/src/main/resources/META-INF/jpa-changelog-1.6.1.xml
 create mode 100644 model/api/src/main/java/org/keycloak/models/utils/PostMigrationEvent.java

diff --git a/connections/jpa-liquibase/src/main/resources/META-INF/jpa-changelog-1.6.0.xml b/connections/jpa-liquibase/src/main/resources/META-INF/jpa-changelog-1.6.0.xml
index b50a4f465fe..5b0a0da893c 100644
--- a/connections/jpa-liquibase/src/main/resources/META-INF/jpa-changelog-1.6.0.xml
+++ b/connections/jpa-liquibase/src/main/resources/META-INF/jpa-changelog-1.6.0.xml
@@ -31,7 +31,7 @@
                 <constraints nullable="false"/>
             </column>
             <column name="LAST_SESSION_REFRESH" type="INT"/>
-            <column name="OFFLINE_FLAG" type="VARCHAR(4)">
+            <column name="OFFLINE" type="BOOLEAN" defaultValueBoolean="false">
                 <constraints nullable="false"/>
             </column>
             <column name="DATA" type="CLOB"/>
@@ -47,14 +47,14 @@
             <column name="CLIENT_ID" type="VARCHAR(36)">
                 <constraints nullable="false"/>
             </column>
-            <column name="OFFLINE_FLAG" type="VARCHAR(4)">
+            <column name="OFFLINE" type="BOOLEAN" defaultValueBoolean="false">
                 <constraints nullable="false"/>
             </column>
             <column name="TIMESTAMP" type="INT"/>
             <column name="DATA" type="CLOB"/>
         </createTable>
 
-        <addPrimaryKey columnNames="USER_SESSION_ID, OFFLINE_FLAG" constraintName="CONSTRAINT_OFFLINE_US_SES_PK" tableName="OFFLINE_USER_SESSION"/>
-        <addPrimaryKey columnNames="CLIENT_SESSION_ID, OFFLINE_FLAG" constraintName="CONSTRAINT_OFFLINE_CL_SES_PK" tableName="OFFLINE_CLIENT_SESSION"/>
+        <addPrimaryKey columnNames="USER_SESSION_ID, OFFLINE" constraintName="CONSTRAINT_OFFLINE_US_SES_PK" tableName="OFFLINE_USER_SESSION"/>
+        <addPrimaryKey columnNames="CLIENT_SESSION_ID, OFFLINE" constraintName="CONSTRAINT_OFFLINE_CL_SES_PK" tableName="OFFLINE_CLIENT_SESSION"/>
     </changeSet>
 </databaseChangeLog>
\ No newline at end of file
diff --git a/connections/jpa-liquibase/src/main/resources/META-INF/jpa-changelog-1.6.1.xml b/connections/jpa-liquibase/src/main/resources/META-INF/jpa-changelog-1.6.1.xml
new file mode 100644
index 00000000000..4e0129eee7a
--- /dev/null
+++ b/connections/jpa-liquibase/src/main/resources/META-INF/jpa-changelog-1.6.1.xml
@@ -0,0 +1,105 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.1.xsd">
+    <changeSet author="mposolda@redhat.com" id="1.6.1_from15">
+
+        <preConditions onFail="MARK_RAN" onFailMessage="Upgrading from 1.6.0 version. Skipped 1.6.1_from15 changeSet and marked as ran">
+            <not>
+                <changeSetExecuted id="1.6.0" author="mposolda@redhat.com" changeLogFile="META-INF/jpa-changelog-1.6.0.xml" />
+            </not>
+        </preConditions>
+
+        <addColumn tableName="REALM">
+            <column name="OFFLINE_SESSION_IDLE_TIMEOUT" type="INT" defaultValueNumeric="0"/>
+            <column name="REVOKE_REFRESH_TOKEN" type="BOOLEAN" defaultValueBoolean="false">
+                <constraints nullable="false"/>
+            </column>
+        </addColumn>
+
+        <addColumn tableName="KEYCLOAK_ROLE">
+            <column name="SCOPE_PARAM_REQUIRED" type="BOOLEAN" defaultValueBoolean="false">
+                <constraints nullable="false"/>
+            </column>
+        </addColumn>
+
+        <addColumn tableName="CLIENT">
+            <column name="ROOT_URL" type="VARCHAR(255)"/>
+            <column name="DESCRIPTION" type="VARCHAR(255)"/>
+        </addColumn>
+
+        <createTable tableName="OFFLINE_USER_SESSION">
+            <column name="USER_SESSION_ID" type="VARCHAR(36)">
+                <constraints nullable="false"/>
+            </column>
+            <column name="USER_ID" type="VARCHAR(36)">
+                <constraints nullable="false"/>
+            </column>
+            <column name="REALM_ID" type="VARCHAR(36)">
+                <constraints nullable="false"/>
+            </column>
+            <column name="LAST_SESSION_REFRESH" type="INT"/>
+            <column name="OFFLINE_FLAG" type="VARCHAR(4)">
+                <constraints nullable="false"/>
+            </column>
+            <column name="DATA" type="CLOB"/>
+        </createTable>
+
+        <createTable tableName="OFFLINE_CLIENT_SESSION">
+            <column name="CLIENT_SESSION_ID" type="VARCHAR(36)">
+                <constraints nullable="false"/>
+            </column>
+            <column name="USER_SESSION_ID" type="VARCHAR(36)">
+                <constraints nullable="false"/>
+            </column>
+            <column name="CLIENT_ID" type="VARCHAR(36)">
+                <constraints nullable="false"/>
+            </column>
+            <column name="OFFLINE_FLAG" type="VARCHAR(4)">
+                <constraints nullable="false"/>
+            </column>
+            <column name="TIMESTAMP" type="INT"/>
+            <column name="DATA" type="CLOB"/>
+        </createTable>
+
+        <addPrimaryKey columnNames="USER_SESSION_ID, OFFLINE_FLAG" constraintName="CONSTRAINT_OFFL_US_SES_PK2" tableName="OFFLINE_USER_SESSION"/>
+        <addPrimaryKey columnNames="CLIENT_SESSION_ID, OFFLINE_FLAG" constraintName="CONSTRAINT_OFFL_CL_SES_PK2" tableName="OFFLINE_CLIENT_SESSION"/>
+    </changeSet>
+
+    <!-- Just for the update from 1.6.0 -->
+    <changeSet author="mposolda@redhat.com" id="1.6.1_from16">
+
+        <preConditions onFail="MARK_RAN" onFailMessage="Upgrading from 1.5.0 or older version. Skipped 1.6.1_from16 changeSet and marked as ran">
+            <changeSetExecuted id="1.6.0" author="mposolda@redhat.com" changeLogFile="META-INF/jpa-changelog-1.6.0.xml" />
+        </preConditions>
+
+        <dropPrimaryKey constraintName="CONSTRAINT_OFFLINE_US_SES_PK" tableName="OFFLINE_USER_SESSION" />
+        <dropPrimaryKey constraintName="CONSTRAINT_OFFLINE_CL_SES_PK" tableName="OFFLINE_CLIENT_SESSION" />
+
+        <addColumn tableName="OFFLINE_USER_SESSION">
+            <column name="OFFLINE_FLAG" type="VARCHAR(4)">
+                <constraints nullable="false"/>
+            </column>
+        </addColumn>
+        <update tableName="OFFLINE_USER_SESSION">
+            <column name="OFFLINE_FLAG" value="1"/>
+        </update>
+        <dropColumn tableName="OFFLINE_USER_SESSION" columnName="OFFLINE" />
+
+        <addColumn tableName="OFFLINE_CLIENT_SESSION">
+            <column name="OFFLINE_FLAG" type="VARCHAR(4)">
+                <constraints nullable="false"/>
+            </column>
+        </addColumn>
+        <update tableName="OFFLINE_CLIENT_SESSION">
+            <column name="OFFLINE_FLAG" value="1"/>
+        </update>
+        <dropColumn tableName="OFFLINE_CLIENT_SESSION" columnName="OFFLINE" />
+
+        <addPrimaryKey columnNames="USER_SESSION_ID, OFFLINE_FLAG" constraintName="CONSTRAINT_OFFL_US_SES_PK2" tableName="OFFLINE_USER_SESSION"/>
+        <addPrimaryKey columnNames="CLIENT_SESSION_ID, OFFLINE_FLAG" constraintName="CONSTRAINT_OFFL_CL_SES_PK2" tableName="OFFLINE_CLIENT_SESSION"/>
+
+    </changeSet>
+
+    <changeSet author="mposolda@redhat.com" id="1.6.1">
+    </changeSet>
+
+</databaseChangeLog>
\ No newline at end of file
diff --git a/connections/jpa-liquibase/src/main/resources/META-INF/jpa-changelog-master.xml b/connections/jpa-liquibase/src/main/resources/META-INF/jpa-changelog-master.xml
index 6cd96c626cd..3010118039a 100755
--- a/connections/jpa-liquibase/src/main/resources/META-INF/jpa-changelog-master.xml
+++ b/connections/jpa-liquibase/src/main/resources/META-INF/jpa-changelog-master.xml
@@ -9,5 +9,5 @@
     <include file="META-INF/jpa-changelog-1.3.0.xml"/>
     <include file="META-INF/jpa-changelog-1.4.0.xml"/>
     <include file="META-INF/jpa-changelog-1.5.0.xml"/>
-    <include file="META-INF/jpa-changelog-1.6.0.xml"/>
+    <include file="META-INF/jpa-changelog-1.6.1.xml"/>
 </databaseChangeLog>
diff --git a/connections/jpa/src/main/java/org/keycloak/connections/jpa/updater/JpaUpdaterProvider.java b/connections/jpa/src/main/java/org/keycloak/connections/jpa/updater/JpaUpdaterProvider.java
index 60b063513e3..401cf74b2d9 100755
--- a/connections/jpa/src/main/java/org/keycloak/connections/jpa/updater/JpaUpdaterProvider.java
+++ b/connections/jpa/src/main/java/org/keycloak/connections/jpa/updater/JpaUpdaterProvider.java
@@ -12,7 +12,7 @@ public interface JpaUpdaterProvider extends Provider {
 
     public String FIRST_VERSION = "1.0.0.Final";
 
-    public String LAST_VERSION = "1.6.0";
+    public String LAST_VERSION = "1.6.1";
 
     public String getCurrentVersionSql(String defaultSchema);
 
diff --git a/model/api/src/main/java/org/keycloak/models/utils/PostMigrationEvent.java b/model/api/src/main/java/org/keycloak/models/utils/PostMigrationEvent.java
new file mode 100644
index 00000000000..513836f3ba1
--- /dev/null
+++ b/model/api/src/main/java/org/keycloak/models/utils/PostMigrationEvent.java
@@ -0,0 +1,11 @@
+package org.keycloak.models.utils;
+
+import org.keycloak.provider.ProviderEvent;
+
+/**
+ * Executed at startup after model migration is finished
+ *
+ * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
+ */
+public class PostMigrationEvent implements ProviderEvent {
+}
diff --git a/model/sessions-infinispan/src/main/java/org/keycloak/models/sessions/infinispan/InfinispanUserSessionProviderFactory.java b/model/sessions-infinispan/src/main/java/org/keycloak/models/sessions/infinispan/InfinispanUserSessionProviderFactory.java
index 1d7c279542c..382d01f630f 100755
--- a/model/sessions-infinispan/src/main/java/org/keycloak/models/sessions/infinispan/InfinispanUserSessionProviderFactory.java
+++ b/model/sessions-infinispan/src/main/java/org/keycloak/models/sessions/infinispan/InfinispanUserSessionProviderFactory.java
@@ -5,9 +5,11 @@ import org.infinispan.Version;
 import org.jboss.logging.Logger;
 import org.keycloak.Config;
 import org.keycloak.connections.infinispan.InfinispanConnectionProvider;
+import org.keycloak.models.ClientModel;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.KeycloakSessionFactory;
 import org.keycloak.models.KeycloakSessionTask;
+import org.keycloak.models.RealmModel;
 import org.keycloak.models.UserSessionProvider;
 import org.keycloak.models.UserSessionProviderFactory;
 import org.keycloak.models.session.UserSessionPersisterProvider;
@@ -19,6 +21,9 @@ import org.keycloak.models.sessions.infinispan.entities.SessionEntity;
 import org.keycloak.models.sessions.infinispan.initializer.InfinispanUserSessionInitializer;
 import org.keycloak.models.sessions.infinispan.initializer.OfflineUserSessionLoader;
 import org.keycloak.models.utils.KeycloakModelUtils;
+import org.keycloak.models.utils.PostMigrationEvent;
+import org.keycloak.provider.ProviderEvent;
+import org.keycloak.provider.ProviderEventListener;
 
 /**
  * Uses Infinispan to store user sessions. On EAP 6.4 (Infinispan 5.2) map reduce is not supported for local caches as a work around
@@ -68,13 +73,20 @@ public class InfinispanUserSessionProviderFactory implements UserSessionProvider
         });
 
         // Max count of worker errors. Initialization will end with exception when this number is reached
-        int maxErrors = config.getInt("maxErrors", 20);
+        final int maxErrors = config.getInt("maxErrors", 20);
 
         // Count of sessions to be computed in each segment
-        int sessionsPerSegment = config.getInt("sessionsPerSegment", 100);
+        final int sessionsPerSegment = config.getInt("sessionsPerSegment", 100);
 
-        // TODO: Possibility to run this asynchronously to not block start time
-        loadPersistentSessions(factory, maxErrors, sessionsPerSegment);
+        factory.register(new ProviderEventListener() {
+
+            @Override
+            public void onEvent(ProviderEvent event) {
+                if (event instanceof PostMigrationEvent) {
+                    loadPersistentSessions(factory, maxErrors, sessionsPerSegment);
+                }
+            }
+        });
     }
 
 
diff --git a/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java b/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java
index 83b8d6e68e2..a07999d6c19 100755
--- a/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java
+++ b/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java
@@ -11,6 +11,7 @@ import org.keycloak.migration.MigrationModelManager;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.KeycloakSessionFactory;
 import org.keycloak.models.RealmModel;
+import org.keycloak.models.utils.PostMigrationEvent;
 import org.keycloak.offlineconfig.AdminRecovery;
 import org.keycloak.representations.idm.RealmRepresentation;
 import org.keycloak.services.DefaultKeycloakSessionFactory;
@@ -83,6 +84,8 @@ public class KeycloakApplication extends Application {
         setupDefaultRealm(context.getContextPath());
 
         migrateModel();
+        sessionFactory.publish(new PostMigrationEvent());
+
         new ExportImportManager().checkExportImport(this.sessionFactory, context.getContextPath());
         importRealms(context);
 

From 74924f2f8c919260b279c0efa40ee80c7c4eb250 Mon Sep 17 00:00:00 2001
From: mposolda <mposolda@gmail.com>
Date: Fri, 23 Oct 2015 22:05:27 +0200
Subject: [PATCH 17/34] KEYCLOAK-2011

---
 .../keycloak/login/LoginFormsProvider.java    |  2 +
 .../FreeMarkerLoginFormsProvider.java         | 10 ++++-
 .../java/org/keycloak/models/Constants.java   |  2 +
 .../requiredactions/VerifyEmail.java          | 11 +++++
 .../resources/LoginActionsService.java        | 20 ++++++++-
 .../RequiredActionEmailVerificationTest.java  | 42 ++++++++++++++++++-
 .../testsuite/pages/VerifyEmailPage.java      |  4 ++
 7 files changed, 86 insertions(+), 5 deletions(-)

diff --git a/forms/login-api/src/main/java/org/keycloak/login/LoginFormsProvider.java b/forms/login-api/src/main/java/org/keycloak/login/LoginFormsProvider.java
index cb5f2be8cd9..fccfce160c6 100755
--- a/forms/login-api/src/main/java/org/keycloak/login/LoginFormsProvider.java
+++ b/forms/login-api/src/main/java/org/keycloak/login/LoginFormsProvider.java
@@ -52,6 +52,8 @@ public interface LoginFormsProvider extends Provider {
 
     public LoginFormsProvider setClientSessionCode(String accessCode);
 
+    public LoginFormsProvider setClientSession(ClientSessionModel clientSession);
+
     public LoginFormsProvider setAccessRequest(List<RoleModel> realmRolesRequested, MultivaluedMap<String,RoleModel> resourceRolesRequested, List<ProtocolMapperModel> protocolMappers);
     public LoginFormsProvider setAccessRequest(String message);
 
diff --git a/forms/login-freemarker/src/main/java/org/keycloak/login/freemarker/FreeMarkerLoginFormsProvider.java b/forms/login-freemarker/src/main/java/org/keycloak/login/freemarker/FreeMarkerLoginFormsProvider.java
index 7fc1bcddcbe..6125d0b83b3 100755
--- a/forms/login-freemarker/src/main/java/org/keycloak/login/freemarker/FreeMarkerLoginFormsProvider.java
+++ b/forms/login-freemarker/src/main/java/org/keycloak/login/freemarker/FreeMarkerLoginFormsProvider.java
@@ -47,6 +47,7 @@ import org.keycloak.login.freemarker.model.TotpBean;
 import org.keycloak.login.freemarker.model.UrlBean;
 import org.keycloak.models.ClientModel;
 import org.keycloak.models.ClientSessionModel;
+import org.keycloak.models.Constants;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.ProtocolMapperModel;
 import org.keycloak.models.RealmModel;
@@ -138,7 +139,8 @@ public class FreeMarkerLoginFormsProvider implements LoginFormsProvider {
             case VERIFY_EMAIL:
                 try {
                     UriBuilder builder = Urls.loginActionEmailVerificationBuilder(uriInfo.getBaseUri());
-                    builder.queryParam("key", accessCode);
+                    builder.queryParam(OAuth2Constants.CODE, accessCode);
+                    builder.queryParam("key", clientSession.getNote(Constants.VERIFY_EMAIL_KEY));
 
                     String link = builder.build(realm.getName()).toString();
                     long expiration = TimeUnit.SECONDS.toMinutes(realm.getAccessCodeLifespanUserAction());
@@ -531,6 +533,12 @@ public class FreeMarkerLoginFormsProvider implements LoginFormsProvider {
         return this;
     }
 
+    @Override
+    public LoginFormsProvider setClientSession(ClientSessionModel clientSession) {
+        this.clientSession = clientSession;
+        return this;
+    }
+
     @Override
     public LoginFormsProvider setAccessRequest(List<RoleModel> realmRolesRequested, MultivaluedMap<String, RoleModel> resourceRolesRequested, List<ProtocolMapperModel> protocolMappersRequested) {
         this.realmRolesRequested = realmRolesRequested;
diff --git a/model/api/src/main/java/org/keycloak/models/Constants.java b/model/api/src/main/java/org/keycloak/models/Constants.java
index 43bdc7dc686..8977def5c3d 100755
--- a/model/api/src/main/java/org/keycloak/models/Constants.java
+++ b/model/api/src/main/java/org/keycloak/models/Constants.java
@@ -22,4 +22,6 @@ public interface Constants {
 
     // 30 days
     int DEFAULT_OFFLINE_SESSION_IDLE_TIMEOUT = 2592000;
+
+    public static final String VERIFY_EMAIL_KEY = "VERIFY_EMAIL_KEY";
 }
diff --git a/services/src/main/java/org/keycloak/authentication/requiredactions/VerifyEmail.java b/services/src/main/java/org/keycloak/authentication/requiredactions/VerifyEmail.java
index 01ddcffa7e3..7fc77a81d80 100755
--- a/services/src/main/java/org/keycloak/authentication/requiredactions/VerifyEmail.java
+++ b/services/src/main/java/org/keycloak/authentication/requiredactions/VerifyEmail.java
@@ -8,9 +8,12 @@ import org.keycloak.authentication.RequiredActionProvider;
 import org.keycloak.events.Details;
 import org.keycloak.events.EventType;
 import org.keycloak.login.LoginFormsProvider;
+import org.keycloak.models.ClientSessionModel;
+import org.keycloak.models.Constants;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.KeycloakSessionFactory;
 import org.keycloak.models.UserModel;
+import org.keycloak.models.utils.HmacOTP;
 import org.keycloak.services.resources.LoginActionsService;
 import org.keycloak.services.validation.Validation;
 
@@ -44,8 +47,11 @@ public class VerifyEmail implements RequiredActionProvider, RequiredActionFactor
         context.getEvent().clone().event(EventType.SEND_VERIFY_EMAIL).detail(Details.EMAIL, context.getUser().getEmail()).success();
         LoginActionsService.createActionCookie(context.getRealm(), context.getUriInfo(), context.getConnection(), context.getUserSession().getId());
 
+        setupKey(context.getClientSession());
+
         LoginFormsProvider loginFormsProvider = context.getSession().getProvider(LoginFormsProvider.class)
                 .setClientSessionCode(context.generateCode())
+                .setClientSession(context.getClientSession())
                 .setUser(context.getUser());
         Response challenge = loginFormsProvider.createResponse(UserModel.RequiredAction.VERIFY_EMAIL);
         context.challenge(challenge);
@@ -87,4 +93,9 @@ public class VerifyEmail implements RequiredActionProvider, RequiredActionFactor
     public String getId() {
         return UserModel.RequiredAction.VERIFY_EMAIL.name();
     }
+
+    public static void setupKey(ClientSessionModel clientSession) {
+        String secret = HmacOTP.generateSecret(10);
+        clientSession.setNote(Constants.VERIFY_EMAIL_KEY, secret);
+    }
 }
diff --git a/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java b/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java
index 46bc55393eb..20de78b7d88 100755
--- a/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java
+++ b/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java
@@ -23,6 +23,8 @@ package org.keycloak.services.resources;
 
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.spi.HttpRequest;
+import org.keycloak.authentication.AuthenticationFlowError;
+import org.keycloak.authentication.requiredactions.VerifyEmail;
 import org.keycloak.common.ClientConnection;
 import org.keycloak.OAuth2Constants;
 import org.keycloak.authentication.AuthenticationProcessor;
@@ -49,6 +51,7 @@ import org.keycloak.models.UserModel;
 import org.keycloak.models.UserModel.RequiredAction;
 import org.keycloak.models.UserSessionModel;
 import org.keycloak.models.utils.FormMessage;
+import org.keycloak.models.utils.HmacOTP;
 import org.keycloak.models.utils.KeycloakModelUtils;
 import org.keycloak.protocol.LoginProtocol;
 import org.keycloak.protocol.RestartLoginCookie;
@@ -533,7 +536,7 @@ public class LoginActionsService {
         event.event(EventType.VERIFY_EMAIL);
         if (key != null) {
             Checks checks = new Checks();
-            if (!checks.verifyCode(key, ClientSessionModel.Action.REQUIRED_ACTIONS.name())) {
+            if (!checks.verifyCode(code, ClientSessionModel.Action.REQUIRED_ACTIONS.name())) {
                 return checks.response;
             }
             ClientSessionCode accessCode = checks.clientCode;
@@ -547,11 +550,21 @@ public class LoginActionsService {
             UserSessionModel userSession = clientSession.getUserSession();
             UserModel user = userSession.getUser();
             initEvent(clientSession);
+            event.event(EventType.VERIFY_EMAIL).detail(Details.EMAIL, user.getEmail());
+
+            String keyFromSession = clientSession.getNote(Constants.VERIFY_EMAIL_KEY);
+            clientSession.removeNote(Constants.VERIFY_EMAIL_KEY);
+            if (!key.equals(keyFromSession)) {
+                logger.error("Invalid key for email verification");
+                event.error(Errors.INVALID_USER_CREDENTIALS);
+                throw new WebApplicationException(ErrorPage.error(session, Messages.INVALID_CODE));
+            }
+
             user.setEmailVerified(true);
 
             user.removeRequiredAction(RequiredAction.VERIFY_EMAIL);
 
-            event.event(EventType.VERIFY_EMAIL).detail(Details.EMAIL, user.getEmail()).success();
+            event.success();
 
             String actionCookieValue = getActionCookie();
             if (actionCookieValue == null || !actionCookieValue.equals(userSession.getId())) {
@@ -576,8 +589,11 @@ public class LoginActionsService {
 
             createActionCookie(realm, uriInfo, clientConnection, userSession.getId());
 
+            VerifyEmail.setupKey(clientSession);
+
             return session.getProvider(LoginFormsProvider.class)
                     .setClientSessionCode(accessCode.getCode())
+                    .setClientSession(clientSession)
                     .setUser(userSession.getUser())
                     .createResponse(RequiredAction.VERIFY_EMAIL);
         }
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/actions/RequiredActionEmailVerificationTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/actions/RequiredActionEmailVerificationTest.java
index a9c0c583732..c7f075f4d66 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/actions/RequiredActionEmailVerificationTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/actions/RequiredActionEmailVerificationTest.java
@@ -26,7 +26,9 @@ import org.junit.Before;
 import org.junit.ClassRule;
 import org.junit.Rule;
 import org.junit.Test;
+import org.keycloak.common.util.KeycloakUriBuilder;
 import org.keycloak.events.Details;
+import org.keycloak.events.Errors;
 import org.keycloak.events.Event;
 import org.keycloak.events.EventType;
 import org.keycloak.models.RealmModel;
@@ -130,7 +132,7 @@ public class RequiredActionEmailVerificationTest {
 
         String mailCodeId = sendEvent.getDetails().get(Details.CODE_ID);
 
-        Assert.assertEquals(mailCodeId, verificationUrl.split("key=")[1].split("\\.")[1]);
+        Assert.assertEquals(mailCodeId, verificationUrl.split("code=")[1].split("\\&")[0].split("\\.")[1]);
 
         driver.navigate().to(verificationUrl.trim());
 
@@ -223,7 +225,7 @@ public class RequiredActionEmailVerificationTest {
 
         String mailCodeId = sendEvent.getDetails().get(Details.CODE_ID);
 
-        Assert.assertEquals(mailCodeId, verificationUrl.split("key=")[1].split("\\.")[1]);
+        Assert.assertEquals(mailCodeId, verificationUrl.split("code=")[1].split("\\&")[0].split("\\.")[1]);
 
         driver.manage().deleteAllCookies();
 
@@ -238,6 +240,42 @@ public class RequiredActionEmailVerificationTest {
 
         assertTrue(loginPage.isCurrent());
     }
+
+
+    @Test
+    public void verifyInvalidKeyOrCode() throws IOException, MessagingException {
+        loginPage.open();
+        loginPage.login("test-user@localhost", "password");
+
+        Assert.assertTrue(verifyEmailPage.isCurrent());
+        String resendEmailLink = verifyEmailPage.getResendEmailLink();
+        String keyInsteadCodeURL = resendEmailLink.replace("code=", "key=");
+
+        AssertEvents.ExpectedEvent emailEvent = events.expectRequiredAction(EventType.SEND_VERIFY_EMAIL).detail("email", "test-user@localhost");
+        Event sendEvent = emailEvent.assertEvent();
+        String sessionId = sendEvent.getSessionId();
+        String mailCodeId = sendEvent.getDetails().get(Details.CODE_ID);
+
+        driver.navigate().to(keyInsteadCodeURL);
+
+        events.expectRequiredAction(EventType.VERIFY_EMAIL_ERROR)
+                .error(Errors.INVALID_CODE)
+                .client((String)null)
+                .user((String)null)
+                .session((String)null)
+                .clearDetails()
+                .assertEvent();
+
+        String badKeyURL = KeycloakUriBuilder.fromUri(resendEmailLink).queryParam("key", "foo").build().toString();
+        driver.navigate().to(badKeyURL);
+
+        events.expectRequiredAction(EventType.VERIFY_EMAIL_ERROR)
+                .error(Errors.INVALID_USER_CREDENTIALS)
+                .session(sessionId)
+                .detail("email", "test-user@localhost")
+                .detail(Details.CODE_ID, mailCodeId)
+                .assertEvent();
+    }
     
     private String getPasswordResetEmailLink(MimeMessage message) throws IOException, MessagingException {
     	Multipart multipart = (Multipart) message.getContent();
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/pages/VerifyEmailPage.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/pages/VerifyEmailPage.java
index cfcfbb4fdb1..9968ce10871 100644
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/pages/VerifyEmailPage.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/pages/VerifyEmailPage.java
@@ -50,4 +50,8 @@ public class VerifyEmailPage extends AbstractPage {
         resendEmailLink.click();
     }
 
+    public String getResendEmailLink() {
+        return resendEmailLink.getAttribute("href");
+    }
+
 }

From f8f4de938914ba2302c905cde8f910f86c3b8b2b Mon Sep 17 00:00:00 2001
From: mposolda <mposolda@gmail.com>
Date: Mon, 26 Oct 2015 11:05:38 +0100
Subject: [PATCH 18/34] KEYCLOAK-2005 Fixed migration to take less time. Added
 UserProvider.grantToAllUsers

---
 .../migration/migrators/MigrateTo1_6_0.java   |  6 ++--
 .../models/UserFederationManager.java         |  6 ++++
 .../org/keycloak/models/UserProvider.java     |  2 ++
 .../models/file/FileUserProvider.java         |  7 +++++
 .../infinispan/DefaultCacheUserProvider.java  |  6 ++++
 .../keycloak/models/jpa/JpaUserProvider.java  |  8 ++++-
 .../jpa/entities/UserRoleMappingEntity.java   |  3 +-
 .../keycloak/adapters/MongoUserProvider.java  | 13 ++++++++
 .../testsuite/model/UserModelTest.java        | 31 +++++++++++++++++++
 9 files changed, 76 insertions(+), 6 deletions(-)

diff --git a/model/api/src/main/java/org/keycloak/migration/migrators/MigrateTo1_6_0.java b/model/api/src/main/java/org/keycloak/migration/migrators/MigrateTo1_6_0.java
index 88817acb273..45c73a31cfa 100644
--- a/model/api/src/main/java/org/keycloak/migration/migrators/MigrateTo1_6_0.java
+++ b/model/api/src/main/java/org/keycloak/migration/migrators/MigrateTo1_6_0.java
@@ -63,10 +63,8 @@ public class MigrateTo1_6_0 {
                 KeycloakModelUtils.setupOfflineTokens(realm);
                 RoleModel role = realm.getRole(Constants.OFFLINE_ACCESS_ROLE);
 
-                // Check if possible to avoid iterating over users
-                for (UserModel user : session.userStorage().getUsers(realm, true)) {
-                    user.grantRole(role);
-                }
+                // Bulk grant of offline_access role to all users
+                session.users().grantToAllUsers(realm, role);
             }
 
             ClientModel adminConsoleClient = realm.getClientByClientId(Constants.ADMIN_CONSOLE_CLIENT_ID);
diff --git a/model/api/src/main/java/org/keycloak/models/UserFederationManager.java b/model/api/src/main/java/org/keycloak/models/UserFederationManager.java
index bea51e0473b..cde5eb94110 100755
--- a/model/api/src/main/java/org/keycloak/models/UserFederationManager.java
+++ b/model/api/src/main/java/org/keycloak/models/UserFederationManager.java
@@ -333,6 +333,12 @@ public class UserFederationManager implements UserProvider {
         return session.userStorage().getFederatedIdentity(user, socialProvider, realm);
     }
 
+    @Override
+    public void grantToAllUsers(RealmModel realm, RoleModel role) {
+        // not federation-aware for now
+        session.userStorage().grantToAllUsers(realm, role);
+    }
+
     @Override
     public void preRemove(RealmModel realm) {
         for (UserFederationProviderModel federation : realm.getUserFederationProviders()) {
diff --git a/model/api/src/main/java/org/keycloak/models/UserProvider.java b/model/api/src/main/java/org/keycloak/models/UserProvider.java
index 7d7064d76ef..82be2fe160b 100755
--- a/model/api/src/main/java/org/keycloak/models/UserProvider.java
+++ b/model/api/src/main/java/org/keycloak/models/UserProvider.java
@@ -43,6 +43,8 @@ public interface UserProvider extends Provider {
     Set<FederatedIdentityModel> getFederatedIdentities(UserModel user, RealmModel realm);
     FederatedIdentityModel getFederatedIdentity(UserModel user, String socialProvider, RealmModel realm);
 
+    void grantToAllUsers(RealmModel realm, RoleModel role);
+
     void preRemove(RealmModel realm);
 
     void preRemove(RealmModel realm, UserFederationProviderModel link);
diff --git a/model/file/src/main/java/org/keycloak/models/file/FileUserProvider.java b/model/file/src/main/java/org/keycloak/models/file/FileUserProvider.java
index 8edfe3ec2ec..8c24262a120 100755
--- a/model/file/src/main/java/org/keycloak/models/file/FileUserProvider.java
+++ b/model/file/src/main/java/org/keycloak/models/file/FileUserProvider.java
@@ -422,6 +422,13 @@ public class FileUserProvider implements UserProvider {
         return this.addUser(realm, KeycloakModelUtils.generateId(), username.toLowerCase(), true, true);
     }
 
+    @Override
+    public void grantToAllUsers(RealmModel realm, RoleModel role) {
+        for (UserModel user : inMemoryModel.getUsers(realm.getId())) {
+            user.grantRole(role);
+        }
+    }
+
     @Override
     public void preRemove(RealmModel realm) {
         // Nothing to do here?  Federation links are attached to users, which are removed by InMemoryModel
diff --git a/model/invalidation-cache/infinispan/src/main/java/org/keycloak/models/cache/infinispan/DefaultCacheUserProvider.java b/model/invalidation-cache/infinispan/src/main/java/org/keycloak/models/cache/infinispan/DefaultCacheUserProvider.java
index 69fc5cf577d..9045f911f01 100644
--- a/model/invalidation-cache/infinispan/src/main/java/org/keycloak/models/cache/infinispan/DefaultCacheUserProvider.java
+++ b/model/invalidation-cache/infinispan/src/main/java/org/keycloak/models/cache/infinispan/DefaultCacheUserProvider.java
@@ -303,6 +303,12 @@ public class DefaultCacheUserProvider implements CacheUserProvider {
         return getDelegate().validCredentials(realm, input);
     }
 
+    @Override
+    public void grantToAllUsers(RealmModel realm, RoleModel role) {
+        realmInvalidations.add(realm.getId()); // easier to just invalidate whole realm
+        getDelegate().grantToAllUsers(realm, role);
+    }
+
     @Override
     public void preRemove(RealmModel realm) {
         realmInvalidations.add(realm.getId());
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/JpaUserProvider.java b/model/jpa/src/main/java/org/keycloak/models/jpa/JpaUserProvider.java
index d4d533a9dc4..c9031476cf5 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/JpaUserProvider.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/JpaUserProvider.java
@@ -147,7 +147,13 @@ public class JpaUserProvider implements UserProvider {
         }
     }
 
-
+    @Override
+    public void grantToAllUsers(RealmModel realm, RoleModel role) {
+        int num = em.createNamedQuery("grantRoleToAllUsers")
+                .setParameter("realmId", realm.getId())
+                .setParameter("roleId", role.getId())
+                .executeUpdate();
+    }
 
     @Override
     public void preRemove(RealmModel realm) {
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/UserRoleMappingEntity.java b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/UserRoleMappingEntity.java
index 1ce81e8297b..45dfc3de958 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/UserRoleMappingEntity.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/UserRoleMappingEntity.java
@@ -23,7 +23,8 @@ import java.io.Serializable;
         @NamedQuery(name="deleteUserRoleMappingsByRealm", query="delete from  UserRoleMappingEntity mapping where mapping.user IN (select u from UserEntity u where u.realmId=:realmId)"),
         @NamedQuery(name="deleteUserRoleMappingsByRealmAndLink", query="delete from  UserRoleMappingEntity mapping where mapping.user IN (select u from UserEntity u where u.realmId=:realmId and u.federationLink=:link)"),
         @NamedQuery(name="deleteUserRoleMappingsByRole", query="delete from UserRoleMappingEntity m where m.roleId = :roleId"),
-        @NamedQuery(name="deleteUserRoleMappingsByUser", query="delete from UserRoleMappingEntity m where m.user = :user")
+        @NamedQuery(name="deleteUserRoleMappingsByUser", query="delete from UserRoleMappingEntity m where m.user = :user"),
+        @NamedQuery(name="grantRoleToAllUsers", query="insert into UserRoleMappingEntity (roleId, user) select role.id, user from RoleEntity role, UserEntity user where role.id = :roleId AND role.realm.id = :realmId AND user.realmId = :realmId")
 
 })
 @Table(name="USER_ROLE_MAPPING")
diff --git a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/MongoUserProvider.java b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/MongoUserProvider.java
index 358e6f2d28c..9fc9735559a 100755
--- a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/MongoUserProvider.java
+++ b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/MongoUserProvider.java
@@ -368,6 +368,19 @@ public class MongoUserProvider implements UserProvider {
         return this.addUser(realm, null, username, true, true);
     }
 
+    @Override
+    public void grantToAllUsers(RealmModel realm, RoleModel role) {
+        DBObject query = new QueryBuilder()
+                .and("realmId").is(realm.getId())
+                .get();
+
+        DBObject update = new QueryBuilder()
+                .and("$push").is(new BasicDBObject("roleIds", role.getId()))
+                .get();
+
+        int count = getMongoStore().updateEntities(MongoUserEntity.class, query, update, invocationContext);
+    }
+
     @Override
     public void preRemove(RealmModel realm) {
         DBObject query = new QueryBuilder()
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/model/UserModelTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/model/UserModelTest.java
index 258dd3cbd7b..66018552c58 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/model/UserModelTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/model/UserModelTest.java
@@ -5,6 +5,7 @@ import org.junit.Test;
 import org.keycloak.models.ClientModel;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.RealmModel;
+import org.keycloak.models.RoleModel;
 import org.keycloak.models.UserModel;
 import org.keycloak.models.UserModel.RequiredAction;
 import org.keycloak.services.managers.ClientManager;
@@ -283,6 +284,36 @@ public class UserModelTest extends AbstractModelTest {
         Assert.assertNull(session.users().getUserByUsername("user1", realm));
     }
 
+    @Test
+    public void testGrantToAll() {
+        RealmModel realm1 = realmManager.createRealm("realm1");
+        RoleModel role1 = realm1.addRole("role1");
+        UserModel user1 = realmManager.getSession().users().addUser(realm1, "user1");
+        UserModel user2 = realmManager.getSession().users().addUser(realm1, "user2");
+
+        RealmModel realm2 = realmManager.createRealm("realm2");
+        UserModel realm2User1 = realmManager.getSession().users().addUser(realm2, "user1");
+
+        commit();
+
+        realm1 = realmManager.getRealmByName("realm1");
+        role1 = realm1.getRole("role1");
+        realmManager.getSession().users().grantToAllUsers(realm1, role1);
+
+        commit();
+
+        realm1 = realmManager.getRealmByName("realm1");
+        role1 = realm1.getRole("role1");
+        user1 = realmManager.getSession().users().getUserByUsername("user1", realm1);
+        user2 = realmManager.getSession().users().getUserByUsername("user2", realm1);
+        Assert.assertTrue(user1.hasRole(role1));
+        Assert.assertTrue(user2.hasRole(role1));
+
+        realm2 = realmManager.getRealmByName("realm2");
+        realm2User1 = realmManager.getSession().users().getUserByUsername("user1", realm2);
+        Assert.assertFalse(realm2User1.hasRole(role1));
+    }
+
     public static void assertEquals(UserModel expected, UserModel actual) {
         Assert.assertEquals(expected.getUsername(), actual.getUsername());
         Assert.assertEquals(expected.getCreatedTimestamp(), actual.getCreatedTimestamp());

From 6c77c295d50cfb4cdbc5488e183bd85926588c09 Mon Sep 17 00:00:00 2001
From: vramik <vramik@localhost.localdomain>
Date: Tue, 27 Oct 2015 11:40:41 +0100
Subject: [PATCH 19/34] arquillian-testsuite refactoring migration servers

---
 .../servers/migration/pom.xml                 | 247 ++++++++++++++++++
 .../{ => migration}/wildfly_kc12/assembly.xml |   0
 .../servers/migration/wildfly_kc12/pom.xml    |  44 ++++
 .../src/main/xslt/add-dialect-logger.xsl      |   0
 .../wildfly_kc12/src/main/xslt/datasource.xsl |   0
 .../wildfly_kc12/src/main/xslt/module.xsl     |   0
 .../{ => migration}/wildfly_kc13/assembly.xml |   0
 .../servers/migration/wildfly_kc13/pom.xml    |  45 ++++
 .../src/main/xslt/add-dialect-logger.xsl      |   0
 .../wildfly_kc13/src/main/xslt/datasource.xsl |   0
 .../wildfly_kc13/src/main/xslt/module.xsl     |   0
 .../{ => migration}/wildfly_kc14/assembly.xml |   0
 .../servers/migration/wildfly_kc14/pom.xml    |  44 ++++
 .../src/main/xslt/add-dialect-logger.xsl      |   0
 .../wildfly_kc14/src/main/xslt/datasource.xsl |   0
 .../wildfly_kc14/src/main/xslt/module.xsl     |   0
 .../{ => migration}/wildfly_kc15/assembly.xml |   0
 .../servers/migration/wildfly_kc15/pom.xml    |  44 ++++
 .../src/main/xslt/add-dialect-logger.xsl      |   0
 .../wildfly_kc15/src/main/xslt/datasource.xsl |   0
 .../wildfly_kc15/src/main/xslt/module.xsl     |   0
 .../{ => migration}/wildfly_kc16/assembly.xml |   0
 .../servers/migration/wildfly_kc16/pom.xml    |  44 ++++
 .../src/main/xslt/add-dialect-logger.xsl      |   0
 .../wildfly_kc16/src/main/xslt/datasource.xsl |   0
 .../wildfly_kc16/src/main/xslt/module.xsl     |   0
 .../integration-arquillian/servers/pom.xml    |  34 +--
 .../servers/wildfly_kc12/pom.xml              | 199 --------------
 .../servers/wildfly_kc13/pom.xml              | 199 --------------
 .../servers/wildfly_kc14/pom.xml              | 199 --------------
 .../servers/wildfly_kc15/pom.xml              | 199 --------------
 .../servers/wildfly_kc16/pom.xml              | 199 --------------
 32 files changed, 472 insertions(+), 1025 deletions(-)
 create mode 100644 testsuite/integration-arquillian/servers/migration/pom.xml
 rename testsuite/integration-arquillian/servers/{ => migration}/wildfly_kc12/assembly.xml (100%)
 create mode 100644 testsuite/integration-arquillian/servers/migration/wildfly_kc12/pom.xml
 rename testsuite/integration-arquillian/servers/{ => migration}/wildfly_kc12/src/main/xslt/add-dialect-logger.xsl (100%)
 rename testsuite/integration-arquillian/servers/{ => migration}/wildfly_kc12/src/main/xslt/datasource.xsl (100%)
 rename testsuite/integration-arquillian/servers/{ => migration}/wildfly_kc12/src/main/xslt/module.xsl (100%)
 rename testsuite/integration-arquillian/servers/{ => migration}/wildfly_kc13/assembly.xml (100%)
 create mode 100644 testsuite/integration-arquillian/servers/migration/wildfly_kc13/pom.xml
 rename testsuite/integration-arquillian/servers/{ => migration}/wildfly_kc13/src/main/xslt/add-dialect-logger.xsl (100%)
 rename testsuite/integration-arquillian/servers/{ => migration}/wildfly_kc13/src/main/xslt/datasource.xsl (100%)
 rename testsuite/integration-arquillian/servers/{ => migration}/wildfly_kc13/src/main/xslt/module.xsl (100%)
 rename testsuite/integration-arquillian/servers/{ => migration}/wildfly_kc14/assembly.xml (100%)
 create mode 100644 testsuite/integration-arquillian/servers/migration/wildfly_kc14/pom.xml
 rename testsuite/integration-arquillian/servers/{ => migration}/wildfly_kc14/src/main/xslt/add-dialect-logger.xsl (100%)
 rename testsuite/integration-arquillian/servers/{ => migration}/wildfly_kc14/src/main/xslt/datasource.xsl (100%)
 rename testsuite/integration-arquillian/servers/{ => migration}/wildfly_kc14/src/main/xslt/module.xsl (100%)
 rename testsuite/integration-arquillian/servers/{ => migration}/wildfly_kc15/assembly.xml (100%)
 create mode 100644 testsuite/integration-arquillian/servers/migration/wildfly_kc15/pom.xml
 rename testsuite/integration-arquillian/servers/{ => migration}/wildfly_kc15/src/main/xslt/add-dialect-logger.xsl (100%)
 rename testsuite/integration-arquillian/servers/{ => migration}/wildfly_kc15/src/main/xslt/datasource.xsl (100%)
 rename testsuite/integration-arquillian/servers/{ => migration}/wildfly_kc15/src/main/xslt/module.xsl (100%)
 rename testsuite/integration-arquillian/servers/{ => migration}/wildfly_kc16/assembly.xml (100%)
 create mode 100644 testsuite/integration-arquillian/servers/migration/wildfly_kc16/pom.xml
 rename testsuite/integration-arquillian/servers/{ => migration}/wildfly_kc16/src/main/xslt/add-dialect-logger.xsl (100%)
 rename testsuite/integration-arquillian/servers/{ => migration}/wildfly_kc16/src/main/xslt/datasource.xsl (100%)
 rename testsuite/integration-arquillian/servers/{ => migration}/wildfly_kc16/src/main/xslt/module.xsl (100%)
 delete mode 100644 testsuite/integration-arquillian/servers/wildfly_kc12/pom.xml
 delete mode 100644 testsuite/integration-arquillian/servers/wildfly_kc13/pom.xml
 delete mode 100644 testsuite/integration-arquillian/servers/wildfly_kc14/pom.xml
 delete mode 100644 testsuite/integration-arquillian/servers/wildfly_kc15/pom.xml
 delete mode 100644 testsuite/integration-arquillian/servers/wildfly_kc16/pom.xml

diff --git a/testsuite/integration-arquillian/servers/migration/pom.xml b/testsuite/integration-arquillian/servers/migration/pom.xml
new file mode 100644
index 00000000000..6d0813c75e2
--- /dev/null
+++ b/testsuite/integration-arquillian/servers/migration/pom.xml
@@ -0,0 +1,247 @@
+<?xml version="1.0"?>
+<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+    <parent>
+        <groupId>org.keycloak.testsuite</groupId>
+        <artifactId>integration-arquillian-servers</artifactId>
+        <version>1.7.0.Final-SNAPSHOT</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>integration-arquillian-migration-servers</artifactId>
+    <packaging>pom</packaging>
+    <name>Migration Servers</name>
+    
+    <properties>
+        <jdbc.mvn.groupId>test.jdbc.eap7</jdbc.mvn.groupId>
+        <jdbc.mvn.artifactId>mysql57</jdbc.mvn.artifactId>
+        <jdbc.mvn.version>EAP_7.0.0</jdbc.mvn.version>
+        <keycloak.connectionsJpa.url>jdbc:mysql://localhost:3306/keycloak</keycloak.connectionsJpa.url>
+        <keycloak.connectionsJpa.user>root</keycloak.connectionsJpa.user>
+        <keycloak.connectionsJpa.password>rot</keycloak.connectionsJpa.password>
+    </properties>
+
+    <profiles>
+        <profile>
+            <id>migration-kc16</id>
+            <modules>
+                <module>wildfly_kc16</module>
+            </modules>
+        </profile>
+        <profile>
+            <id>migration-kc15</id>
+            <modules>
+                <module>wildfly_kc15</module>
+            </modules>
+        </profile>
+        <profile>
+            <id>migration-kc14</id>
+            <modules>
+                <module>wildfly_kc14</module>
+            </modules>
+        </profile>
+        <profile>
+            <id>migration-kc13</id>
+            <modules>
+                <module>wildfly_kc13</module>
+            </modules>
+        </profile>
+        <profile>
+            <id>migration-kc12</id>
+            <modules>
+                <module>wildfly_kc12</module>
+            </modules>
+        </profile>
+    </profiles>   
+    
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-enforcer-plugin</artifactId>
+                <configuration>
+                    <skip>true</skip>
+                </configuration>
+            </plugin>
+        </plugins>
+        <pluginManagement>
+            <plugins>
+                <plugin>
+                    <groupId>org.apache.maven.plugins</groupId>
+                    <artifactId>maven-deploy-plugin</artifactId>
+                    <configuration>
+                        <skip>true</skip>
+                    </configuration>
+                </plugin>
+                <plugin>
+                    <groupId>org.apache.maven.plugins</groupId>
+                    <artifactId>maven-enforcer-plugin</artifactId>
+                    <executions>
+                        <execution>
+                            <id>enforce-properties</id>
+                            <goals>
+                                <goal>enforce</goal>
+                            </goals>
+                            <configuration>
+                                <rules>
+                                    <requireProperty>
+                                        <property>jdbc.mvn.groupId</property>
+                                    </requireProperty>
+                                    <requireProperty>
+                                        <property>jdbc.mvn.artifactId</property>
+                                    </requireProperty>
+                                    <requireProperty>
+                                        <property>jdbc.mvn.version</property>
+                                    </requireProperty>
+                                    <requireProperty>
+                                        <property>keycloak.connectionsJpa.url</property>
+                                    </requireProperty>
+                                    <requireProperty>
+                                        <property>keycloak.connectionsJpa.user</property>
+                                    </requireProperty>
+                                    <requireProperty>
+                                        <property>keycloak.connectionsJpa.password</property>
+                                    </requireProperty>
+                                </rules>
+                            </configuration>
+                        </execution>
+                    </executions>
+                </plugin>
+                <plugin>
+                    <groupId>org.apache.maven.plugins</groupId>
+                    <artifactId>maven-dependency-plugin</artifactId>
+                    <executions>
+                        <execution>
+                            <id>unpack-server</id>
+                            <phase>generate-resources</phase>
+                            <goals>
+                                <goal>unpack</goal>
+                            </goals>
+                            <configuration>
+                                <artifactItems>
+                                    <artifactItem>
+                                        <groupId>org.keycloak</groupId>
+                                        <artifactId>keycloak-server-dist</artifactId>
+                                        <version>${server.version}</version>
+                                        <type>zip</type>
+                                        <outputDirectory>${project.build.directory}/unpacked</outputDirectory>
+                                    </artifactItem>
+                                </artifactItems>
+                            </configuration>
+                        </execution>
+                        <execution>
+                            <id>jdbc-driver</id>
+                            <phase>process-resources</phase>
+                            <goals>
+                                <goal>copy</goal>
+                            </goals>
+                            <configuration>
+                                <artifactItems>
+                                    <artifactItem>
+                                        <groupId>${jdbc.mvn.groupId}</groupId>
+                                        <artifactId>${jdbc.mvn.artifactId}</artifactId>
+                                        <version>${jdbc.mvn.version}</version>
+                                        <type>jar</type>
+                                    </artifactItem>
+                                </artifactItems>
+                                <outputDirectory>${jdbc.mvn.driver.deployment.dir}</outputDirectory>
+                                <overWriteIfNewer>true</overWriteIfNewer>
+                            </configuration>
+                        </execution>
+                    </executions>
+                </plugin>
+                <plugin>
+                    <groupId>org.codehaus.mojo</groupId>
+                    <artifactId>xml-maven-plugin</artifactId>
+                    <executions>
+                        <execution>
+                            <id>configure-wildfly-datasource</id>
+                            <phase>process-resources</phase>
+                            <goals>
+                                <goal>transform</goal>
+                            </goals>
+                            <configuration>
+                                <transformationSets>
+                                    <!-- create module.xml in modules -->
+                                    <transformationSet>
+                                        <dir>${keycloak.server.home}/modules/system/layers/base/com/h2database/h2/main</dir>
+                                        <stylesheet>src/main/xslt/module.xsl</stylesheet>
+                                        <includes>
+                                            <include>module.xml</include>
+                                        </includes>
+                                        <outputDir>${jdbc.mvn.driver.deployment.dir}</outputDir>
+                                        <parameters>
+                                            <parameter>
+                                                <name>database</name>
+                                                <value>${jdbc.mvn.artifactId}</value>
+                                            </parameter>
+                                            <parameter>
+                                                <name>version</name>
+                                                <value>${jdbc.mvn.version}</value>
+                                            </parameter>
+                                        </parameters>
+                                    </transformationSet>
+                                    <!-- add datasource to standalone.xml -->
+                                    <transformationSet>
+                                        <dir>${keycloak.server.home}/standalone/configuration</dir>
+                                        <stylesheet>src/main/xslt/datasource.xsl</stylesheet>
+                                        <includes>
+                                            <include>standalone.xml</include>
+                                        </includes>
+                                        <outputDir>${keycloak.server.home}/standalone/configuration</outputDir>
+                                        <parameters>
+                                            <parameter>
+                                                <name>jdbc.url</name>
+                                                <value>${keycloak.connectionsJpa.url}</value>
+                                            </parameter>
+                                            <parameter>
+                                                <name>driver</name>
+                                                <value>${jdbc.mvn.artifactId}</value>
+                                            </parameter>
+                                            <parameter>
+                                                <name>username</name>
+                                                <value>${keycloak.connectionsJpa.user}</value>
+                                            </parameter>
+                                            <parameter>
+                                                <name>password</name>
+                                                <value>${keycloak.connectionsJpa.password}</value>
+                                            </parameter>
+                                        </parameters>
+                                    </transformationSet>
+                                    <!-- add logger for org.hibernate.dialect.Dialect to standalone.xml-->
+                                    <transformationSet>
+                                        <dir>${keycloak.server.home}/standalone/configuration</dir>
+                                        <stylesheet>src/main/xslt/add-dialect-logger.xsl</stylesheet>
+                                        <includes>
+                                            <include>standalone.xml</include>
+                                        </includes>
+                                        <outputDir>${keycloak.server.home}/standalone/configuration</outputDir>
+                                    </transformationSet>
+                                </transformationSets>
+                            </configuration>
+                        </execution>
+                    </executions>
+                </plugin>
+                <plugin>
+                    <groupId>org.apache.maven.plugins</groupId>
+                    <artifactId>maven-assembly-plugin</artifactId>
+                    <executions>
+                        <execution>
+                            <id>create-zip</id>
+                            <phase>package</phase>
+                            <goals>
+                                <goal>single</goal>
+                            </goals>
+                            <configuration>
+                                <descriptors>
+                                    <descriptor>assembly.xml</descriptor>
+                                </descriptors>
+                                <appendAssemblyId>false</appendAssemblyId>
+                            </configuration>
+                        </execution>
+                    </executions>
+                </plugin>
+            </plugins>
+        </pluginManagement>
+    </build>
+</project>
diff --git a/testsuite/integration-arquillian/servers/wildfly_kc12/assembly.xml b/testsuite/integration-arquillian/servers/migration/wildfly_kc12/assembly.xml
similarity index 100%
rename from testsuite/integration-arquillian/servers/wildfly_kc12/assembly.xml
rename to testsuite/integration-arquillian/servers/migration/wildfly_kc12/assembly.xml
diff --git a/testsuite/integration-arquillian/servers/migration/wildfly_kc12/pom.xml b/testsuite/integration-arquillian/servers/migration/wildfly_kc12/pom.xml
new file mode 100644
index 00000000000..132b1af4e07
--- /dev/null
+++ b/testsuite/integration-arquillian/servers/migration/wildfly_kc12/pom.xml
@@ -0,0 +1,44 @@
+<?xml version="1.0"?>
+<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+    <parent>
+        <groupId>org.keycloak.testsuite</groupId>
+        <artifactId>integration-arquillian-migration-servers</artifactId>
+        <version>1.7.0.Final-SNAPSHOT</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>integration-arquillian-server-wildfly-kc12</artifactId>
+    <packaging>pom</packaging>
+    <name>Keycloak 1.2.0.Final on Wildfly</name>
+    
+    <properties>
+        <server.version>1.2.0.Final</server.version>
+        <keycloak.server.home>${project.build.directory}/unpacked/keycloak-${server.version}</keycloak.server.home>
+        <jdbc.mvn.driver.deployment.dir>${keycloak.server.home}/modules/system/layers/base/com/${jdbc.mvn.artifactId}/main</jdbc.mvn.driver.deployment.dir>
+    </properties>
+    
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-enforcer-plugin</artifactId>
+                <configuration>
+                    <skip>false</skip>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-dependency-plugin</artifactId>
+            </plugin>
+            <plugin>
+                <groupId>org.codehaus.mojo</groupId>
+                <artifactId>xml-maven-plugin</artifactId>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-assembly-plugin</artifactId>
+            </plugin>
+        </plugins>
+    </build>
+</project>
diff --git a/testsuite/integration-arquillian/servers/wildfly_kc12/src/main/xslt/add-dialect-logger.xsl b/testsuite/integration-arquillian/servers/migration/wildfly_kc12/src/main/xslt/add-dialect-logger.xsl
similarity index 100%
rename from testsuite/integration-arquillian/servers/wildfly_kc12/src/main/xslt/add-dialect-logger.xsl
rename to testsuite/integration-arquillian/servers/migration/wildfly_kc12/src/main/xslt/add-dialect-logger.xsl
diff --git a/testsuite/integration-arquillian/servers/wildfly_kc12/src/main/xslt/datasource.xsl b/testsuite/integration-arquillian/servers/migration/wildfly_kc12/src/main/xslt/datasource.xsl
similarity index 100%
rename from testsuite/integration-arquillian/servers/wildfly_kc12/src/main/xslt/datasource.xsl
rename to testsuite/integration-arquillian/servers/migration/wildfly_kc12/src/main/xslt/datasource.xsl
diff --git a/testsuite/integration-arquillian/servers/wildfly_kc12/src/main/xslt/module.xsl b/testsuite/integration-arquillian/servers/migration/wildfly_kc12/src/main/xslt/module.xsl
similarity index 100%
rename from testsuite/integration-arquillian/servers/wildfly_kc12/src/main/xslt/module.xsl
rename to testsuite/integration-arquillian/servers/migration/wildfly_kc12/src/main/xslt/module.xsl
diff --git a/testsuite/integration-arquillian/servers/wildfly_kc13/assembly.xml b/testsuite/integration-arquillian/servers/migration/wildfly_kc13/assembly.xml
similarity index 100%
rename from testsuite/integration-arquillian/servers/wildfly_kc13/assembly.xml
rename to testsuite/integration-arquillian/servers/migration/wildfly_kc13/assembly.xml
diff --git a/testsuite/integration-arquillian/servers/migration/wildfly_kc13/pom.xml b/testsuite/integration-arquillian/servers/migration/wildfly_kc13/pom.xml
new file mode 100644
index 00000000000..5d7bb1cc2c7
--- /dev/null
+++ b/testsuite/integration-arquillian/servers/migration/wildfly_kc13/pom.xml
@@ -0,0 +1,45 @@
+<?xml version="1.0"?>
+<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+    <parent>
+        <groupId>org.keycloak.testsuite</groupId>
+        <artifactId>integration-arquillian-migration-servers</artifactId>
+        <version>1.7.0.Final-SNAPSHOT</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>integration-arquillian-server-wildfly-kc13</artifactId>
+    <packaging>pom</packaging>
+    <name>Keycloak 1.3.1.Final on Wildfly</name>
+    
+    <properties>
+        <server.version>1.3.1.Final</server.version>
+        <keycloak.server.home>${project.build.directory}/unpacked/keycloak-${server.version}</keycloak.server.home>
+        <jdbc.mvn.driver.deployment.dir>${keycloak.server.home}/modules/system/layers/base/com/${jdbc.mvn.artifactId}/main</jdbc.mvn.driver.deployment.dir>
+    </properties>
+    
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-enforcer-plugin</artifactId>
+                <configuration>
+                    <skip>false</skip>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-dependency-plugin</artifactId>
+            </plugin>
+            <plugin>
+                <groupId>org.codehaus.mojo</groupId>
+                <artifactId>xml-maven-plugin</artifactId>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-assembly-plugin</artifactId>
+            </plugin>
+        </plugins>
+    </build>
+    
+</project>
diff --git a/testsuite/integration-arquillian/servers/wildfly_kc13/src/main/xslt/add-dialect-logger.xsl b/testsuite/integration-arquillian/servers/migration/wildfly_kc13/src/main/xslt/add-dialect-logger.xsl
similarity index 100%
rename from testsuite/integration-arquillian/servers/wildfly_kc13/src/main/xslt/add-dialect-logger.xsl
rename to testsuite/integration-arquillian/servers/migration/wildfly_kc13/src/main/xslt/add-dialect-logger.xsl
diff --git a/testsuite/integration-arquillian/servers/wildfly_kc13/src/main/xslt/datasource.xsl b/testsuite/integration-arquillian/servers/migration/wildfly_kc13/src/main/xslt/datasource.xsl
similarity index 100%
rename from testsuite/integration-arquillian/servers/wildfly_kc13/src/main/xslt/datasource.xsl
rename to testsuite/integration-arquillian/servers/migration/wildfly_kc13/src/main/xslt/datasource.xsl
diff --git a/testsuite/integration-arquillian/servers/wildfly_kc13/src/main/xslt/module.xsl b/testsuite/integration-arquillian/servers/migration/wildfly_kc13/src/main/xslt/module.xsl
similarity index 100%
rename from testsuite/integration-arquillian/servers/wildfly_kc13/src/main/xslt/module.xsl
rename to testsuite/integration-arquillian/servers/migration/wildfly_kc13/src/main/xslt/module.xsl
diff --git a/testsuite/integration-arquillian/servers/wildfly_kc14/assembly.xml b/testsuite/integration-arquillian/servers/migration/wildfly_kc14/assembly.xml
similarity index 100%
rename from testsuite/integration-arquillian/servers/wildfly_kc14/assembly.xml
rename to testsuite/integration-arquillian/servers/migration/wildfly_kc14/assembly.xml
diff --git a/testsuite/integration-arquillian/servers/migration/wildfly_kc14/pom.xml b/testsuite/integration-arquillian/servers/migration/wildfly_kc14/pom.xml
new file mode 100644
index 00000000000..85dcff31ee8
--- /dev/null
+++ b/testsuite/integration-arquillian/servers/migration/wildfly_kc14/pom.xml
@@ -0,0 +1,44 @@
+<?xml version="1.0"?>
+<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+    <parent>
+        <groupId>org.keycloak.testsuite</groupId>
+        <artifactId>integration-arquillian-migration-servers</artifactId>
+        <version>1.7.0.Final-SNAPSHOT</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>integration-arquillian-server-wildfly-kc14</artifactId>
+    <packaging>pom</packaging>
+    <name>Keycloak 1.4.0.Final on Wildfly</name>
+    
+    <properties>
+        <server.version>1.4.0.Final</server.version>
+        <keycloak.server.home>${project.build.directory}/unpacked/keycloak-${server.version}</keycloak.server.home>
+        <jdbc.mvn.driver.deployment.dir>${keycloak.server.home}/modules/system/layers/base/com/${jdbc.mvn.artifactId}/main</jdbc.mvn.driver.deployment.dir>
+    </properties>
+    
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-enforcer-plugin</artifactId>
+                <configuration>
+                    <skip>false</skip>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-dependency-plugin</artifactId>
+            </plugin>
+            <plugin>
+                <groupId>org.codehaus.mojo</groupId>
+                <artifactId>xml-maven-plugin</artifactId>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-assembly-plugin</artifactId>
+            </plugin>
+        </plugins>
+    </build>
+</project>
diff --git a/testsuite/integration-arquillian/servers/wildfly_kc14/src/main/xslt/add-dialect-logger.xsl b/testsuite/integration-arquillian/servers/migration/wildfly_kc14/src/main/xslt/add-dialect-logger.xsl
similarity index 100%
rename from testsuite/integration-arquillian/servers/wildfly_kc14/src/main/xslt/add-dialect-logger.xsl
rename to testsuite/integration-arquillian/servers/migration/wildfly_kc14/src/main/xslt/add-dialect-logger.xsl
diff --git a/testsuite/integration-arquillian/servers/wildfly_kc14/src/main/xslt/datasource.xsl b/testsuite/integration-arquillian/servers/migration/wildfly_kc14/src/main/xslt/datasource.xsl
similarity index 100%
rename from testsuite/integration-arquillian/servers/wildfly_kc14/src/main/xslt/datasource.xsl
rename to testsuite/integration-arquillian/servers/migration/wildfly_kc14/src/main/xslt/datasource.xsl
diff --git a/testsuite/integration-arquillian/servers/wildfly_kc14/src/main/xslt/module.xsl b/testsuite/integration-arquillian/servers/migration/wildfly_kc14/src/main/xslt/module.xsl
similarity index 100%
rename from testsuite/integration-arquillian/servers/wildfly_kc14/src/main/xslt/module.xsl
rename to testsuite/integration-arquillian/servers/migration/wildfly_kc14/src/main/xslt/module.xsl
diff --git a/testsuite/integration-arquillian/servers/wildfly_kc15/assembly.xml b/testsuite/integration-arquillian/servers/migration/wildfly_kc15/assembly.xml
similarity index 100%
rename from testsuite/integration-arquillian/servers/wildfly_kc15/assembly.xml
rename to testsuite/integration-arquillian/servers/migration/wildfly_kc15/assembly.xml
diff --git a/testsuite/integration-arquillian/servers/migration/wildfly_kc15/pom.xml b/testsuite/integration-arquillian/servers/migration/wildfly_kc15/pom.xml
new file mode 100644
index 00000000000..802f50aad95
--- /dev/null
+++ b/testsuite/integration-arquillian/servers/migration/wildfly_kc15/pom.xml
@@ -0,0 +1,44 @@
+<?xml version="1.0"?>
+<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+    <parent>
+        <groupId>org.keycloak.testsuite</groupId>
+        <artifactId>integration-arquillian-migration-servers</artifactId>
+        <version>1.7.0.Final-SNAPSHOT</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>integration-arquillian-server-wildfly-kc15</artifactId>
+    <packaging>pom</packaging>
+    <name>Keycloak 1.5.1.Final on Wildfly</name>
+    
+        <properties>
+        <server.version>1.5.1.Final</server.version>
+        <keycloak.server.home>${project.build.directory}/unpacked/keycloak-${server.version}</keycloak.server.home>
+        <jdbc.mvn.driver.deployment.dir>${keycloak.server.home}/modules/system/layers/base/com/${jdbc.mvn.artifactId}/main</jdbc.mvn.driver.deployment.dir>
+    </properties>
+    
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-enforcer-plugin</artifactId>
+                <configuration>
+                    <skip>false</skip>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-dependency-plugin</artifactId>
+            </plugin>
+            <plugin>
+                <groupId>org.codehaus.mojo</groupId>
+                <artifactId>xml-maven-plugin</artifactId>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-assembly-plugin</artifactId>
+            </plugin>
+        </plugins>
+    </build>
+</project>
diff --git a/testsuite/integration-arquillian/servers/wildfly_kc15/src/main/xslt/add-dialect-logger.xsl b/testsuite/integration-arquillian/servers/migration/wildfly_kc15/src/main/xslt/add-dialect-logger.xsl
similarity index 100%
rename from testsuite/integration-arquillian/servers/wildfly_kc15/src/main/xslt/add-dialect-logger.xsl
rename to testsuite/integration-arquillian/servers/migration/wildfly_kc15/src/main/xslt/add-dialect-logger.xsl
diff --git a/testsuite/integration-arquillian/servers/wildfly_kc15/src/main/xslt/datasource.xsl b/testsuite/integration-arquillian/servers/migration/wildfly_kc15/src/main/xslt/datasource.xsl
similarity index 100%
rename from testsuite/integration-arquillian/servers/wildfly_kc15/src/main/xslt/datasource.xsl
rename to testsuite/integration-arquillian/servers/migration/wildfly_kc15/src/main/xslt/datasource.xsl
diff --git a/testsuite/integration-arquillian/servers/wildfly_kc15/src/main/xslt/module.xsl b/testsuite/integration-arquillian/servers/migration/wildfly_kc15/src/main/xslt/module.xsl
similarity index 100%
rename from testsuite/integration-arquillian/servers/wildfly_kc15/src/main/xslt/module.xsl
rename to testsuite/integration-arquillian/servers/migration/wildfly_kc15/src/main/xslt/module.xsl
diff --git a/testsuite/integration-arquillian/servers/wildfly_kc16/assembly.xml b/testsuite/integration-arquillian/servers/migration/wildfly_kc16/assembly.xml
similarity index 100%
rename from testsuite/integration-arquillian/servers/wildfly_kc16/assembly.xml
rename to testsuite/integration-arquillian/servers/migration/wildfly_kc16/assembly.xml
diff --git a/testsuite/integration-arquillian/servers/migration/wildfly_kc16/pom.xml b/testsuite/integration-arquillian/servers/migration/wildfly_kc16/pom.xml
new file mode 100644
index 00000000000..1e8961d6df7
--- /dev/null
+++ b/testsuite/integration-arquillian/servers/migration/wildfly_kc16/pom.xml
@@ -0,0 +1,44 @@
+<?xml version="1.0"?>
+<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+    <parent>
+        <groupId>org.keycloak.testsuite</groupId>
+        <artifactId>integration-arquillian-migration-servers</artifactId>
+        <version>1.7.0.Final-SNAPSHOT</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>integration-arquillian-server-wildfly-kc16</artifactId>
+    <packaging>pom</packaging>
+    <name>Keycloak 1.6.0.Final on Wildfly</name>
+    
+    <properties>
+        <server.version>1.6.0.Final</server.version>
+        <keycloak.server.home>${project.build.directory}/unpacked/keycloak-${server.version}</keycloak.server.home>
+        <jdbc.mvn.driver.deployment.dir>${keycloak.server.home}/modules/system/layers/base/com/${jdbc.mvn.artifactId}/main</jdbc.mvn.driver.deployment.dir>
+    </properties>
+    
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-enforcer-plugin</artifactId>
+                <configuration>
+                    <skip>false</skip>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-dependency-plugin</artifactId>
+            </plugin>
+            <plugin>
+                <groupId>org.codehaus.mojo</groupId>
+                <artifactId>xml-maven-plugin</artifactId>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-assembly-plugin</artifactId>
+            </plugin>
+        </plugins>
+    </build>
+</project>
diff --git a/testsuite/integration-arquillian/servers/wildfly_kc16/src/main/xslt/add-dialect-logger.xsl b/testsuite/integration-arquillian/servers/migration/wildfly_kc16/src/main/xslt/add-dialect-logger.xsl
similarity index 100%
rename from testsuite/integration-arquillian/servers/wildfly_kc16/src/main/xslt/add-dialect-logger.xsl
rename to testsuite/integration-arquillian/servers/migration/wildfly_kc16/src/main/xslt/add-dialect-logger.xsl
diff --git a/testsuite/integration-arquillian/servers/wildfly_kc16/src/main/xslt/datasource.xsl b/testsuite/integration-arquillian/servers/migration/wildfly_kc16/src/main/xslt/datasource.xsl
similarity index 100%
rename from testsuite/integration-arquillian/servers/wildfly_kc16/src/main/xslt/datasource.xsl
rename to testsuite/integration-arquillian/servers/migration/wildfly_kc16/src/main/xslt/datasource.xsl
diff --git a/testsuite/integration-arquillian/servers/wildfly_kc16/src/main/xslt/module.xsl b/testsuite/integration-arquillian/servers/migration/wildfly_kc16/src/main/xslt/module.xsl
similarity index 100%
rename from testsuite/integration-arquillian/servers/wildfly_kc16/src/main/xslt/module.xsl
rename to testsuite/integration-arquillian/servers/migration/wildfly_kc16/src/main/xslt/module.xsl
diff --git a/testsuite/integration-arquillian/servers/pom.xml b/testsuite/integration-arquillian/servers/pom.xml
index d97c97c38f9..71758113e04 100644
--- a/testsuite/integration-arquillian/servers/pom.xml
+++ b/testsuite/integration-arquillian/servers/pom.xml
@@ -12,6 +12,10 @@
     <packaging>pom</packaging>
     <name>Servers</name>
 
+    <modules>
+        <module>migration</module>
+    </modules>
+    
     <profiles>
         <profile>
             <id>auth-server-wildfly</id>
@@ -26,36 +30,6 @@
                 <module>eap6</module>
             </modules>
         </profile>
-        <profile>
-            <id>migration-kc16</id>
-            <modules>
-                <module>wildfly_kc16</module>
-            </modules>
-        </profile>
-        <profile>
-            <id>migration-kc15</id>
-            <modules>
-                <module>wildfly_kc15</module>
-            </modules>
-        </profile>
-        <profile>
-            <id>migration-kc14</id>
-            <modules>
-                <module>wildfly_kc14</module>
-            </modules>
-        </profile>
-        <profile>
-            <id>migration-kc13</id>
-            <modules>
-                <module>wildfly_kc13</module>
-            </modules>
-        </profile>
-        <profile>
-            <id>migration-kc12</id>
-            <modules>
-                <module>wildfly_kc12</module>
-            </modules>
-        </profile>
     </profiles>    
 
 </project>
diff --git a/testsuite/integration-arquillian/servers/wildfly_kc12/pom.xml b/testsuite/integration-arquillian/servers/wildfly_kc12/pom.xml
deleted file mode 100644
index 295e8cc59d7..00000000000
--- a/testsuite/integration-arquillian/servers/wildfly_kc12/pom.xml
+++ /dev/null
@@ -1,199 +0,0 @@
-<?xml version="1.0"?>
-<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
-         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
-    <parent>
-        <groupId>org.keycloak.testsuite</groupId>
-        <artifactId>integration-arquillian-servers</artifactId>
-        <version>1.7.0.Final-SNAPSHOT</version>
-    </parent>
-    <modelVersion>4.0.0</modelVersion>
-
-    <artifactId>integration-arquillian-server-wildfly-kc12 </artifactId>
-    <packaging>pom</packaging>
-    <name>Keycloak 1.2.0.Final on Wildfly</name>
-    
-    <properties>
-        <keycloak.server.home>${project.build.directory}/unpacked/keycloak-1.2.0.Final</keycloak.server.home>
-        <jdbc.mvn.driver.deployment.dir>${keycloak.server.home}/modules/system/layers/base/com/${jdbc.mvn.artifactId}/main</jdbc.mvn.driver.deployment.dir>
-    </properties>
-    
-    <build>
-        <plugins>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-deploy-plugin</artifactId>
-                <configuration>
-                    <skip>true</skip>
-                </configuration>
-            </plugin>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-enforcer-plugin</artifactId>
-                <version>1.4</version>
-                <executions>
-                    <execution>
-                        <id>enforce-properties</id>
-                        <goals>
-                            <goal>enforce</goal>
-                        </goals>
-                        <configuration>
-                            <rules>
-                                <requireProperty>
-                                    <property>jdbc.mvn.groupId</property>
-                                </requireProperty>
-                                <requireProperty>
-                                    <property>jdbc.mvn.artifactId</property>
-                                </requireProperty>
-                                <requireProperty>
-                                    <property>jdbc.mvn.version</property>
-                                </requireProperty>
-                                <requireProperty>
-                                    <property>keycloak.connectionsJpa.url</property>
-                                </requireProperty>
-                                <requireProperty>
-                                    <property>keycloak.connectionsJpa.user</property>
-                                </requireProperty>
-                                <requireProperty>
-                                    <property>keycloak.connectionsJpa.password</property>
-                                </requireProperty>
-                            </rules>
-                        </configuration>
-                    </execution>
-                </executions>
-            </plugin>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-dependency-plugin</artifactId>
-                <executions>
-                    <execution>
-                        <id>unpack-server</id>
-                        <phase>generate-resources</phase>
-                        <goals>
-                            <goal>unpack</goal>
-                        </goals>
-                        <configuration>
-                            <artifactItems>
-                                <artifactItem>
-                                    <groupId>org.keycloak</groupId>
-                                    <artifactId>keycloak-server-dist</artifactId>
-                                    <version>1.2.0.Final</version>
-                                    <type>zip</type>
-                                    <outputDirectory>${project.build.directory}/unpacked</outputDirectory>
-                                </artifactItem>
-                            </artifactItems>
-                        </configuration>
-                    </execution>
-                    <execution>
-                        <id>jdbc-driver</id>
-                        <phase>process-resources</phase>
-                        <goals>
-                            <goal>copy</goal>
-                        </goals>
-                        <configuration>
-                            <artifactItems>
-                                <artifactItem>
-                                    <groupId>${jdbc.mvn.groupId}</groupId>
-                                    <artifactId>${jdbc.mvn.artifactId}</artifactId>
-                                    <version>${jdbc.mvn.version}</version>
-                                    <type>jar</type>
-                                </artifactItem>
-                            </artifactItems>
-                            <outputDirectory>${jdbc.mvn.driver.deployment.dir}</outputDirectory>
-                            <overWriteIfNewer>true</overWriteIfNewer>
-                        </configuration>
-                    </execution>
-                </executions>
-            </plugin>
-            <plugin>
-                <groupId>org.codehaus.mojo</groupId>
-                <artifactId>xml-maven-plugin</artifactId>
-                <executions>
-                    <execution>
-                        <id>configure-wildfly-datasource</id>
-                        <phase>process-resources</phase>
-                        <goals>
-                            <goal>transform</goal>
-                        </goals>
-                        <configuration>
-                            <transformationSets>
-                                <!-- create module.xml in modules -->
-                                <transformationSet>
-                                    <dir>${keycloak.server.home}/modules/system/layers/base/com/h2database/h2/main</dir>
-                                    <stylesheet>src/main/xslt/module.xsl</stylesheet>
-                                    <includes>
-                                        <include>module.xml</include>
-                                    </includes>
-                                    <outputDir>${jdbc.mvn.driver.deployment.dir}</outputDir>
-                                    <parameters>
-                                        <parameter>
-                                            <name>database</name>
-                                            <value>${jdbc.mvn.artifactId}</value>
-                                        </parameter>
-                                        <parameter>
-                                            <name>version</name>
-                                            <value>${jdbc.mvn.version}</value>
-                                        </parameter>
-                                    </parameters>
-                                </transformationSet>
-                                <!-- add datasource to standalone.xml -->
-                                <transformationSet>
-                                    <dir>${keycloak.server.home}/standalone/configuration</dir>
-                                    <stylesheet>src/main/xslt/datasource.xsl</stylesheet>
-                                    <includes>
-                                        <include>standalone.xml</include>
-                                    </includes>
-                                    <outputDir>${keycloak.server.home}/standalone/configuration</outputDir>
-                                    <parameters>
-                                        <parameter>
-                                            <name>jdbc.url</name>
-                                            <value>${keycloak.connectionsJpa.url}</value>
-                                        </parameter>
-                                        <parameter>
-                                            <name>driver</name>
-                                            <value>${jdbc.mvn.artifactId}</value>
-                                        </parameter>
-                                        <parameter>
-                                            <name>username</name>
-                                            <value>${keycloak.connectionsJpa.user}</value>
-                                        </parameter>
-                                        <parameter>
-                                            <name>password</name>
-                                            <value>${keycloak.connectionsJpa.password}</value>
-                                        </parameter>
-                                    </parameters>
-                                </transformationSet>
-                                <!-- add logger for org.hibernate.dialect.Dialect to standalone.xml-->
-                                <transformationSet>
-                                    <dir>${keycloak.server.home}/standalone/configuration</dir>
-                                    <stylesheet>src/main/xslt/add-dialect-logger.xsl</stylesheet>
-                                    <includes>
-                                        <include>standalone.xml</include>
-                                    </includes>
-                                    <outputDir>${keycloak.server.home}/standalone/configuration</outputDir>
-                                </transformationSet>
-                            </transformationSets>
-                        </configuration>
-                    </execution>
-                </executions>
-            </plugin>
-            <plugin>
-                <artifactId>maven-assembly-plugin</artifactId>
-                <executions>
-                    <execution>
-                        <id>create-zip</id>
-                        <phase>package</phase>
-                        <goals>
-                            <goal>single</goal>
-                        </goals>
-                        <configuration>
-                            <descriptors>
-                                <descriptor>assembly.xml</descriptor>
-                            </descriptors>
-                            <appendAssemblyId>false</appendAssemblyId>
-                        </configuration>
-                    </execution>
-                </executions>
-            </plugin>
-        </plugins>
-    </build>
-</project>
diff --git a/testsuite/integration-arquillian/servers/wildfly_kc13/pom.xml b/testsuite/integration-arquillian/servers/wildfly_kc13/pom.xml
deleted file mode 100644
index 26f1047450a..00000000000
--- a/testsuite/integration-arquillian/servers/wildfly_kc13/pom.xml
+++ /dev/null
@@ -1,199 +0,0 @@
-<?xml version="1.0"?>
-<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
-         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
-    <parent>
-        <groupId>org.keycloak.testsuite</groupId>
-        <artifactId>integration-arquillian-servers</artifactId>
-        <version>1.7.0.Final-SNAPSHOT</version>
-    </parent>
-    <modelVersion>4.0.0</modelVersion>
-
-    <artifactId>integration-arquillian-server-wildfly-kc13</artifactId>
-    <packaging>pom</packaging>
-    <name>Keycloak 1.3.1.Final on Wildfly</name>
-    
-    <properties>
-        <keycloak.server.home>${project.build.directory}/unpacked/keycloak-1.3.1.Final</keycloak.server.home>
-        <jdbc.mvn.driver.deployment.dir>${keycloak.server.home}/modules/system/layers/base/com/${jdbc.mvn.artifactId}/main</jdbc.mvn.driver.deployment.dir>
-    </properties>
-    
-    <build>
-        <plugins>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-deploy-plugin</artifactId>
-                <configuration>
-                    <skip>true</skip>
-                </configuration>
-            </plugin>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-enforcer-plugin</artifactId>
-                <version>1.4</version>
-                <executions>
-                    <execution>
-                        <id>enforce-properties</id>
-                        <goals>
-                            <goal>enforce</goal>
-                        </goals>
-                        <configuration>
-                            <rules>
-                                <requireProperty>
-                                    <property>jdbc.mvn.groupId</property>
-                                </requireProperty>
-                                <requireProperty>
-                                    <property>jdbc.mvn.artifactId</property>
-                                </requireProperty>
-                                <requireProperty>
-                                    <property>jdbc.mvn.version</property>
-                                </requireProperty>
-                                <requireProperty>
-                                    <property>keycloak.connectionsJpa.url</property>
-                                </requireProperty>
-                                <requireProperty>
-                                    <property>keycloak.connectionsJpa.user</property>
-                                </requireProperty>
-                                <requireProperty>
-                                    <property>keycloak.connectionsJpa.password</property>
-                                </requireProperty>
-                            </rules>
-                        </configuration>
-                    </execution>
-                </executions>
-            </plugin>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-dependency-plugin</artifactId>
-                <executions>
-                    <execution>
-                        <id>unpack-server</id>
-                        <phase>generate-resources</phase>
-                        <goals>
-                            <goal>unpack</goal>
-                        </goals>
-                        <configuration>
-                            <artifactItems>
-                                <artifactItem>
-                                    <groupId>org.keycloak</groupId>
-                                    <artifactId>keycloak-server-dist</artifactId>
-                                    <version>1.3.1.Final</version>
-                                    <type>zip</type>
-                                    <outputDirectory>${project.build.directory}/unpacked</outputDirectory>
-                                </artifactItem>
-                            </artifactItems>
-                        </configuration>
-                    </execution>
-                    <execution>
-                        <id>jdbc-driver</id>
-                        <phase>process-resources</phase>
-                        <goals>
-                            <goal>copy</goal>
-                        </goals>
-                        <configuration>
-                            <artifactItems>
-                                <artifactItem>
-                                    <groupId>${jdbc.mvn.groupId}</groupId>
-                                    <artifactId>${jdbc.mvn.artifactId}</artifactId>
-                                    <version>${jdbc.mvn.version}</version>
-                                    <type>jar</type>
-                                </artifactItem>
-                            </artifactItems>
-                            <outputDirectory>${jdbc.mvn.driver.deployment.dir}</outputDirectory>
-                            <overWriteIfNewer>true</overWriteIfNewer>
-                        </configuration>
-                    </execution>
-                </executions>
-            </plugin>
-            <plugin>
-                <groupId>org.codehaus.mojo</groupId>
-                <artifactId>xml-maven-plugin</artifactId>
-                <executions>
-                    <execution>
-                        <id>configure-wildfly-datasource</id>
-                        <phase>process-resources</phase>
-                        <goals>
-                            <goal>transform</goal>
-                        </goals>
-                        <configuration>
-                            <transformationSets>
-                                <!-- create module.xml in modules -->
-                                <transformationSet>
-                                    <dir>${keycloak.server.home}/modules/system/layers/base/com/h2database/h2/main</dir>
-                                    <stylesheet>src/main/xslt/module.xsl</stylesheet>
-                                    <includes>
-                                        <include>module.xml</include>
-                                    </includes>
-                                    <outputDir>${jdbc.mvn.driver.deployment.dir}</outputDir>
-                                    <parameters>
-                                        <parameter>
-                                            <name>database</name>
-                                            <value>${jdbc.mvn.artifactId}</value>
-                                        </parameter>
-                                        <parameter>
-                                            <name>version</name>
-                                            <value>${jdbc.mvn.version}</value>
-                                        </parameter>
-                                    </parameters>
-                                </transformationSet>
-                                <!-- add datasource to standalone.xml -->
-                                <transformationSet>
-                                    <dir>${keycloak.server.home}/standalone/configuration</dir>
-                                    <stylesheet>src/main/xslt/datasource.xsl</stylesheet>
-                                    <includes>
-                                        <include>standalone.xml</include>
-                                    </includes>
-                                    <outputDir>${keycloak.server.home}/standalone/configuration</outputDir>
-                                    <parameters>
-                                        <parameter>
-                                            <name>jdbc.url</name>
-                                            <value>${keycloak.connectionsJpa.url}</value>
-                                        </parameter>
-                                        <parameter>
-                                            <name>driver</name>
-                                            <value>${jdbc.mvn.artifactId}</value>
-                                        </parameter>
-                                        <parameter>
-                                            <name>username</name>
-                                            <value>${keycloak.connectionsJpa.user}</value>
-                                        </parameter>
-                                        <parameter>
-                                            <name>password</name>
-                                            <value>${keycloak.connectionsJpa.password}</value>
-                                        </parameter>
-                                    </parameters>
-                                </transformationSet>
-                                <!-- add logger for org.hibernate.dialect.Dialect to standalone.xml-->
-                                <transformationSet>
-                                    <dir>${keycloak.server.home}/standalone/configuration</dir>
-                                    <stylesheet>src/main/xslt/add-dialect-logger.xsl</stylesheet>
-                                    <includes>
-                                        <include>standalone.xml</include>
-                                    </includes>
-                                    <outputDir>${keycloak.server.home}/standalone/configuration</outputDir>
-                                </transformationSet>
-                            </transformationSets>
-                        </configuration>
-                    </execution>
-                </executions>
-            </plugin>
-            <plugin>
-                <artifactId>maven-assembly-plugin</artifactId>
-                <executions>
-                    <execution>
-                        <id>create-zip</id>
-                        <phase>package</phase>
-                        <goals>
-                            <goal>single</goal>
-                        </goals>
-                        <configuration>
-                            <descriptors>
-                                <descriptor>assembly.xml</descriptor>
-                            </descriptors>
-                            <appendAssemblyId>false</appendAssemblyId>
-                        </configuration>
-                    </execution>
-                </executions>
-            </plugin>
-        </plugins>
-    </build>
-</project>
diff --git a/testsuite/integration-arquillian/servers/wildfly_kc14/pom.xml b/testsuite/integration-arquillian/servers/wildfly_kc14/pom.xml
deleted file mode 100644
index 4eaf9036f76..00000000000
--- a/testsuite/integration-arquillian/servers/wildfly_kc14/pom.xml
+++ /dev/null
@@ -1,199 +0,0 @@
-<?xml version="1.0"?>
-<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
-         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
-    <parent>
-        <groupId>org.keycloak.testsuite</groupId>
-        <artifactId>integration-arquillian-servers</artifactId>
-        <version>1.7.0.Final-SNAPSHOT</version>
-    </parent>
-    <modelVersion>4.0.0</modelVersion>
-
-    <artifactId>integration-arquillian-server-wildfly-kc14</artifactId>
-    <packaging>pom</packaging>
-    <name>Keycloak 1.4.0.Final on Wildfly</name>
-    
-    <properties>
-        <keycloak.server.home>${project.build.directory}/unpacked/keycloak-1.4.0.Final</keycloak.server.home>
-        <jdbc.mvn.driver.deployment.dir>${keycloak.server.home}/modules/system/layers/base/com/${jdbc.mvn.artifactId}/main</jdbc.mvn.driver.deployment.dir>
-    </properties>
-    
-    <build>
-        <plugins>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-deploy-plugin</artifactId>
-                <configuration>
-                    <skip>true</skip>
-                </configuration>
-            </plugin>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-enforcer-plugin</artifactId>
-                <version>1.4</version>
-                <executions>
-                    <execution>
-                        <id>enforce-properties</id>
-                        <goals>
-                            <goal>enforce</goal>
-                        </goals>
-                        <configuration>
-                            <rules>
-                                <requireProperty>
-                                    <property>jdbc.mvn.groupId</property>
-                                </requireProperty>
-                                <requireProperty>
-                                    <property>jdbc.mvn.artifactId</property>
-                                </requireProperty>
-                                <requireProperty>
-                                    <property>jdbc.mvn.version</property>
-                                </requireProperty>
-                                <requireProperty>
-                                    <property>keycloak.connectionsJpa.url</property>
-                                </requireProperty>
-                                <requireProperty>
-                                    <property>keycloak.connectionsJpa.user</property>
-                                </requireProperty>
-                                <requireProperty>
-                                    <property>keycloak.connectionsJpa.password</property>
-                                </requireProperty>
-                            </rules>
-                        </configuration>
-                    </execution>
-                </executions>
-            </plugin>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-dependency-plugin</artifactId>
-                <executions>
-                    <execution>
-                        <id>unpack-server</id>
-                        <phase>generate-resources</phase>
-                        <goals>
-                            <goal>unpack</goal>
-                        </goals>
-                        <configuration>
-                            <artifactItems>
-                                <artifactItem>
-                                    <groupId>org.keycloak</groupId>
-                                    <artifactId>keycloak-server-dist</artifactId>
-                                    <version>1.4.0.Final</version>
-                                    <type>zip</type>
-                                    <outputDirectory>${project.build.directory}/unpacked</outputDirectory>
-                                </artifactItem>
-                            </artifactItems>
-                        </configuration>
-                    </execution>
-                    <execution>
-                        <id>jdbc-driver</id>
-                        <phase>process-resources</phase>
-                        <goals>
-                            <goal>copy</goal>
-                        </goals>
-                        <configuration>
-                            <artifactItems>
-                                <artifactItem>
-                                    <groupId>${jdbc.mvn.groupId}</groupId>
-                                    <artifactId>${jdbc.mvn.artifactId}</artifactId>
-                                    <version>${jdbc.mvn.version}</version>
-                                    <type>jar</type>
-                                </artifactItem>
-                            </artifactItems>
-                            <outputDirectory>${jdbc.mvn.driver.deployment.dir}</outputDirectory>
-                            <overWriteIfNewer>true</overWriteIfNewer>
-                        </configuration>
-                    </execution>
-                </executions>
-            </plugin>
-            <plugin>
-                <groupId>org.codehaus.mojo</groupId>
-                <artifactId>xml-maven-plugin</artifactId>
-                <executions>
-                    <execution>
-                        <id>configure-wildfly-datasource</id>
-                        <phase>process-resources</phase>
-                        <goals>
-                            <goal>transform</goal>
-                        </goals>
-                        <configuration>
-                            <transformationSets>
-                                <!-- create module.xml in modules -->
-                                <transformationSet>
-                                    <dir>${keycloak.server.home}/modules/system/layers/base/com/h2database/h2/main</dir>
-                                    <stylesheet>src/main/xslt/module.xsl</stylesheet>
-                                    <includes>
-                                        <include>module.xml</include>
-                                    </includes>
-                                    <outputDir>${jdbc.mvn.driver.deployment.dir}</outputDir>
-                                    <parameters>
-                                        <parameter>
-                                            <name>database</name>
-                                            <value>${jdbc.mvn.artifactId}</value>
-                                        </parameter>
-                                        <parameter>
-                                            <name>version</name>
-                                            <value>${jdbc.mvn.version}</value>
-                                        </parameter>
-                                    </parameters>
-                                </transformationSet>
-                                <!-- add datasource to standalone.xml -->
-                                <transformationSet>
-                                    <dir>${keycloak.server.home}/standalone/configuration</dir>
-                                    <stylesheet>src/main/xslt/datasource.xsl</stylesheet>
-                                    <includes>
-                                        <include>standalone.xml</include>
-                                    </includes>
-                                    <outputDir>${keycloak.server.home}/standalone/configuration</outputDir>
-                                    <parameters>
-                                        <parameter>
-                                            <name>jdbc.url</name>
-                                            <value>${keycloak.connectionsJpa.url}</value>
-                                        </parameter>
-                                        <parameter>
-                                            <name>driver</name>
-                                            <value>${jdbc.mvn.artifactId}</value>
-                                        </parameter>
-                                        <parameter>
-                                            <name>username</name>
-                                            <value>${keycloak.connectionsJpa.user}</value>
-                                        </parameter>
-                                        <parameter>
-                                            <name>password</name>
-                                            <value>${keycloak.connectionsJpa.password}</value>
-                                        </parameter>
-                                    </parameters>
-                                </transformationSet>
-                                <!-- add logger for org.hibernate.dialect.Dialect to standalone.xml-->
-                                <transformationSet>
-                                    <dir>${keycloak.server.home}/standalone/configuration</dir>
-                                    <stylesheet>src/main/xslt/add-dialect-logger.xsl</stylesheet>
-                                    <includes>
-                                        <include>standalone.xml</include>
-                                    </includes>
-                                    <outputDir>${keycloak.server.home}/standalone/configuration</outputDir>
-                                </transformationSet>
-                            </transformationSets>
-                        </configuration>
-                    </execution>
-                </executions>
-            </plugin>
-            <plugin>
-                <artifactId>maven-assembly-plugin</artifactId>
-                <executions>
-                    <execution>
-                        <id>create-zip</id>
-                        <phase>package</phase>
-                        <goals>
-                            <goal>single</goal>
-                        </goals>
-                        <configuration>
-                            <descriptors>
-                                <descriptor>assembly.xml</descriptor>
-                            </descriptors>
-                            <appendAssemblyId>false</appendAssemblyId>
-                        </configuration>
-                    </execution>
-                </executions>
-            </plugin>
-        </plugins>
-    </build>
-</project>
diff --git a/testsuite/integration-arquillian/servers/wildfly_kc15/pom.xml b/testsuite/integration-arquillian/servers/wildfly_kc15/pom.xml
deleted file mode 100644
index ebe450210cb..00000000000
--- a/testsuite/integration-arquillian/servers/wildfly_kc15/pom.xml
+++ /dev/null
@@ -1,199 +0,0 @@
-<?xml version="1.0"?>
-<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
-         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
-    <parent>
-        <groupId>org.keycloak.testsuite</groupId>
-        <artifactId>integration-arquillian-servers</artifactId>
-        <version>1.7.0.Final-SNAPSHOT</version>
-    </parent>
-    <modelVersion>4.0.0</modelVersion>
-
-    <artifactId>integration-arquillian-server-wildfly-kc15</artifactId>
-    <packaging>pom</packaging>
-    <name>Keycloak 1.5.1.Final on Wildfly</name>
-    
-    <properties>
-        <keycloak.server.home>${project.build.directory}/unpacked/keycloak-1.5.1.Final</keycloak.server.home>
-        <jdbc.mvn.driver.deployment.dir>${keycloak.server.home}/modules/system/layers/base/com/${jdbc.mvn.artifactId}/main</jdbc.mvn.driver.deployment.dir>
-    </properties>
-    
-    <build>
-        <plugins>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-deploy-plugin</artifactId>
-                <configuration>
-                    <skip>true</skip>
-                </configuration>
-            </plugin>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-enforcer-plugin</artifactId>
-                <version>1.4</version>
-                <executions>
-                    <execution>
-                        <id>enforce-properties</id>
-                        <goals>
-                            <goal>enforce</goal>
-                        </goals>
-                        <configuration>
-                            <rules>
-                                <requireProperty>
-                                    <property>jdbc.mvn.groupId</property>
-                                </requireProperty>
-                                <requireProperty>
-                                    <property>jdbc.mvn.artifactId</property>
-                                </requireProperty>
-                                <requireProperty>
-                                    <property>jdbc.mvn.version</property>
-                                </requireProperty>
-                                <requireProperty>
-                                    <property>keycloak.connectionsJpa.url</property>
-                                </requireProperty>
-                                <requireProperty>
-                                    <property>keycloak.connectionsJpa.user</property>
-                                </requireProperty>
-                                <requireProperty>
-                                    <property>keycloak.connectionsJpa.password</property>
-                                </requireProperty>
-                            </rules>
-                        </configuration>
-                    </execution>
-                </executions>
-            </plugin>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-dependency-plugin</artifactId>
-                <executions>
-                    <execution>
-                        <id>unpack-server</id>
-                        <phase>generate-resources</phase>
-                        <goals>
-                            <goal>unpack</goal>
-                        </goals>
-                        <configuration>
-                            <artifactItems>
-                                <artifactItem>
-                                    <groupId>org.keycloak</groupId>
-                                    <artifactId>keycloak-server-dist</artifactId>
-                                    <version>1.5.1.Final</version>
-                                    <type>zip</type>
-                                    <outputDirectory>${project.build.directory}/unpacked</outputDirectory>
-                                </artifactItem>
-                            </artifactItems>
-                        </configuration>
-                    </execution>
-                    <execution>
-                        <id>jdbc-driver</id>
-                        <phase>process-resources</phase>
-                        <goals>
-                            <goal>copy</goal>
-                        </goals>
-                        <configuration>
-                            <artifactItems>
-                                <artifactItem>
-                                    <groupId>${jdbc.mvn.groupId}</groupId>
-                                    <artifactId>${jdbc.mvn.artifactId}</artifactId>
-                                    <version>${jdbc.mvn.version}</version>
-                                    <type>jar</type>
-                                </artifactItem>
-                            </artifactItems>
-                            <outputDirectory>${jdbc.mvn.driver.deployment.dir}</outputDirectory>
-                            <overWriteIfNewer>true</overWriteIfNewer>
-                        </configuration>
-                    </execution>
-                </executions>
-            </plugin>
-            <plugin>
-                <groupId>org.codehaus.mojo</groupId>
-                <artifactId>xml-maven-plugin</artifactId>
-                <executions>
-                    <execution>
-                        <id>configure-wildfly-datasource</id>
-                        <phase>process-resources</phase>
-                        <goals>
-                            <goal>transform</goal>
-                        </goals>
-                        <configuration>
-                            <transformationSets>
-                                <!-- create module.xml in modules -->
-                                <transformationSet>
-                                    <dir>${keycloak.server.home}/modules/system/layers/base/com/h2database/h2/main</dir>
-                                    <stylesheet>src/main/xslt/module.xsl</stylesheet>
-                                    <includes>
-                                        <include>module.xml</include>
-                                    </includes>
-                                    <outputDir>${jdbc.mvn.driver.deployment.dir}</outputDir>
-                                    <parameters>
-                                        <parameter>
-                                            <name>database</name>
-                                            <value>${jdbc.mvn.artifactId}</value>
-                                        </parameter>
-                                        <parameter>
-                                            <name>version</name>
-                                            <value>${jdbc.mvn.version}</value>
-                                        </parameter>
-                                    </parameters>
-                                </transformationSet>
-                                <!-- add datasource to standalone.xml -->
-                                <transformationSet>
-                                    <dir>${keycloak.server.home}/standalone/configuration</dir>
-                                    <stylesheet>src/main/xslt/datasource.xsl</stylesheet>
-                                    <includes>
-                                        <include>standalone.xml</include>
-                                    </includes>
-                                    <outputDir>${keycloak.server.home}/standalone/configuration</outputDir>
-                                    <parameters>
-                                        <parameter>
-                                            <name>jdbc.url</name>
-                                            <value>${keycloak.connectionsJpa.url}</value>
-                                        </parameter>
-                                        <parameter>
-                                            <name>driver</name>
-                                            <value>${jdbc.mvn.artifactId}</value>
-                                        </parameter>
-                                        <parameter>
-                                            <name>username</name>
-                                            <value>${keycloak.connectionsJpa.user}</value>
-                                        </parameter>
-                                        <parameter>
-                                            <name>password</name>
-                                            <value>${keycloak.connectionsJpa.password}</value>
-                                        </parameter>
-                                    </parameters>
-                                </transformationSet>
-                                <!-- add logger for org.hibernate.dialect.Dialect to standalone.xml-->
-                                <transformationSet>
-                                    <dir>${keycloak.server.home}/standalone/configuration</dir>
-                                    <stylesheet>src/main/xslt/add-dialect-logger.xsl</stylesheet>
-                                    <includes>
-                                        <include>standalone.xml</include>
-                                    </includes>
-                                    <outputDir>${keycloak.server.home}/standalone/configuration</outputDir>
-                                </transformationSet>
-                            </transformationSets>
-                        </configuration>
-                    </execution>
-                </executions>
-            </plugin>
-            <plugin>
-                <artifactId>maven-assembly-plugin</artifactId>
-                <executions>
-                    <execution>
-                        <id>create-zip</id>
-                        <phase>package</phase>
-                        <goals>
-                            <goal>single</goal>
-                        </goals>
-                        <configuration>
-                            <descriptors>
-                                <descriptor>assembly.xml</descriptor>
-                            </descriptors>
-                            <appendAssemblyId>false</appendAssemblyId>
-                        </configuration>
-                    </execution>
-                </executions>
-            </plugin>
-        </plugins>
-    </build>
-</project>
diff --git a/testsuite/integration-arquillian/servers/wildfly_kc16/pom.xml b/testsuite/integration-arquillian/servers/wildfly_kc16/pom.xml
deleted file mode 100644
index c5e8ac147c1..00000000000
--- a/testsuite/integration-arquillian/servers/wildfly_kc16/pom.xml
+++ /dev/null
@@ -1,199 +0,0 @@
-<?xml version="1.0"?>
-<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
-         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
-    <parent>
-        <groupId>org.keycloak.testsuite</groupId>
-        <artifactId>integration-arquillian-servers</artifactId>
-        <version>1.7.0.Final-SNAPSHOT</version>
-    </parent>
-    <modelVersion>4.0.0</modelVersion>
-
-    <artifactId>integration-arquillian-server-wildfly-kc16</artifactId>
-    <packaging>pom</packaging>
-    <name>Keycloak 1.6.0.Final on Wildfly</name>
-    
-    <properties>
-        <keycloak.server.home>${project.build.directory}/unpacked/keycloak-1.6.0.Final</keycloak.server.home>
-        <jdbc.mvn.driver.deployment.dir>${keycloak.server.home}/modules/system/layers/base/com/${jdbc.mvn.artifactId}/main</jdbc.mvn.driver.deployment.dir>
-    </properties>
-    
-    <build>
-        <plugins>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-deploy-plugin</artifactId>
-                <configuration>
-                    <skip>true</skip>
-                </configuration>
-            </plugin>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-enforcer-plugin</artifactId>
-                <version>1.4</version>
-                <executions>
-                    <execution>
-                        <id>enforce-properties</id>
-                        <goals>
-                            <goal>enforce</goal>
-                        </goals>
-                        <configuration>
-                            <rules>
-                                <requireProperty>
-                                    <property>jdbc.mvn.groupId</property>
-                                </requireProperty>
-                                <requireProperty>
-                                    <property>jdbc.mvn.artifactId</property>
-                                </requireProperty>
-                                <requireProperty>
-                                    <property>jdbc.mvn.version</property>
-                                </requireProperty>
-                                <requireProperty>
-                                    <property>keycloak.connectionsJpa.url</property>
-                                </requireProperty>
-                                <requireProperty>
-                                    <property>keycloak.connectionsJpa.user</property>
-                                </requireProperty>
-                                <requireProperty>
-                                    <property>keycloak.connectionsJpa.password</property>
-                                </requireProperty>
-                            </rules>
-                        </configuration>
-                    </execution>
-                </executions>
-            </plugin>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-dependency-plugin</artifactId>
-                <executions>
-                    <execution>
-                        <id>unpack-server</id>
-                        <phase>generate-resources</phase>
-                        <goals>
-                            <goal>unpack</goal>
-                        </goals>
-                        <configuration>
-                            <artifactItems>
-                                <artifactItem>
-                                    <groupId>org.keycloak</groupId>
-                                    <artifactId>keycloak-server-dist</artifactId>
-                                    <version>1.6.0.Final</version>
-                                    <type>zip</type>
-                                    <outputDirectory>${project.build.directory}/unpacked</outputDirectory>
-                                </artifactItem>
-                            </artifactItems>
-                        </configuration>
-                    </execution>
-                    <execution>
-                        <id>jdbc-driver</id>
-                        <phase>process-resources</phase>
-                        <goals>
-                            <goal>copy</goal>
-                        </goals>
-                        <configuration>
-                            <artifactItems>
-                                <artifactItem>
-                                    <groupId>${jdbc.mvn.groupId}</groupId>
-                                    <artifactId>${jdbc.mvn.artifactId}</artifactId>
-                                    <version>${jdbc.mvn.version}</version>
-                                    <type>jar</type>
-                                </artifactItem>
-                            </artifactItems>
-                            <outputDirectory>${jdbc.mvn.driver.deployment.dir}</outputDirectory>
-                            <overWriteIfNewer>true</overWriteIfNewer>
-                        </configuration>
-                    </execution>
-                </executions>
-            </plugin>
-            <plugin>
-                <groupId>org.codehaus.mojo</groupId>
-                <artifactId>xml-maven-plugin</artifactId>
-                <executions>
-                    <execution>
-                        <id>configure-wildfly-datasource</id>
-                        <phase>process-resources</phase>
-                        <goals>
-                            <goal>transform</goal>
-                        </goals>
-                        <configuration>
-                            <transformationSets>
-                                <!-- create module.xml in modules -->
-                                <transformationSet>
-                                    <dir>${keycloak.server.home}/modules/system/layers/base/com/h2database/h2/main</dir>
-                                    <stylesheet>src/main/xslt/module.xsl</stylesheet>
-                                    <includes>
-                                        <include>module.xml</include>
-                                    </includes>
-                                    <outputDir>${jdbc.mvn.driver.deployment.dir}</outputDir>
-                                    <parameters>
-                                        <parameter>
-                                            <name>database</name>
-                                            <value>${jdbc.mvn.artifactId}</value>
-                                        </parameter>
-                                        <parameter>
-                                            <name>version</name>
-                                            <value>${jdbc.mvn.version}</value>
-                                        </parameter>
-                                    </parameters>
-                                </transformationSet>
-                                <!-- add datasource to standalone.xml -->
-                                <transformationSet>
-                                    <dir>${keycloak.server.home}/standalone/configuration</dir>
-                                    <stylesheet>src/main/xslt/datasource.xsl</stylesheet>
-                                    <includes>
-                                        <include>standalone.xml</include>
-                                    </includes>
-                                    <outputDir>${keycloak.server.home}/standalone/configuration</outputDir>
-                                    <parameters>
-                                        <parameter>
-                                            <name>jdbc.url</name>
-                                            <value>${keycloak.connectionsJpa.url}</value>
-                                        </parameter>
-                                        <parameter>
-                                            <name>driver</name>
-                                            <value>${jdbc.mvn.artifactId}</value>
-                                        </parameter>
-                                        <parameter>
-                                            <name>username</name>
-                                            <value>${keycloak.connectionsJpa.user}</value>
-                                        </parameter>
-                                        <parameter>
-                                            <name>password</name>
-                                            <value>${keycloak.connectionsJpa.password}</value>
-                                        </parameter>
-                                    </parameters>
-                                </transformationSet>
-                                <!-- add logger for org.hibernate.dialect.Dialect to standalone.xml-->
-                                <transformationSet>
-                                    <dir>${keycloak.server.home}/standalone/configuration</dir>
-                                    <stylesheet>src/main/xslt/add-dialect-logger.xsl</stylesheet>
-                                    <includes>
-                                        <include>standalone.xml</include>
-                                    </includes>
-                                    <outputDir>${keycloak.server.home}/standalone/configuration</outputDir>
-                                </transformationSet>
-                            </transformationSets>
-                        </configuration>
-                    </execution>
-                </executions>
-            </plugin>
-            <plugin>
-                <artifactId>maven-assembly-plugin</artifactId>
-                <executions>
-                    <execution>
-                        <id>create-zip</id>
-                        <phase>package</phase>
-                        <goals>
-                            <goal>single</goal>
-                        </goals>
-                        <configuration>
-                            <descriptors>
-                                <descriptor>assembly.xml</descriptor>
-                            </descriptors>
-                            <appendAssemblyId>false</appendAssemblyId>
-                        </configuration>
-                    </execution>
-                </executions>
-            </plugin>
-        </plugins>
-    </build>
-</project>

From f45e0aa387d1330379e235218f32c9e13e1b96b6 Mon Sep 17 00:00:00 2001
From: vramik <vramik@localhost.localdomain>
Date: Tue, 27 Oct 2015 11:41:33 +0100
Subject: [PATCH 20/34] arquillian-testsuite migration servers: removed unused
 properties

---
 .../integration-arquillian/servers/migration/pom.xml     | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/testsuite/integration-arquillian/servers/migration/pom.xml b/testsuite/integration-arquillian/servers/migration/pom.xml
index 6d0813c75e2..3ce948e2569 100644
--- a/testsuite/integration-arquillian/servers/migration/pom.xml
+++ b/testsuite/integration-arquillian/servers/migration/pom.xml
@@ -11,15 +11,6 @@
     <artifactId>integration-arquillian-migration-servers</artifactId>
     <packaging>pom</packaging>
     <name>Migration Servers</name>
-    
-    <properties>
-        <jdbc.mvn.groupId>test.jdbc.eap7</jdbc.mvn.groupId>
-        <jdbc.mvn.artifactId>mysql57</jdbc.mvn.artifactId>
-        <jdbc.mvn.version>EAP_7.0.0</jdbc.mvn.version>
-        <keycloak.connectionsJpa.url>jdbc:mysql://localhost:3306/keycloak</keycloak.connectionsJpa.url>
-        <keycloak.connectionsJpa.user>root</keycloak.connectionsJpa.user>
-        <keycloak.connectionsJpa.password>rot</keycloak.connectionsJpa.password>
-    </properties>
 
     <profiles>
         <profile>

From 2fd7e5b355a66b25501c5ea96d9e23d3f036bdb5 Mon Sep 17 00:00:00 2001
From: vramik <vramik@localhost.localdomain>
Date: Tue, 27 Oct 2015 11:43:49 +0100
Subject: [PATCH 21/34] arquillian-testsuite fixed whitespaces

---
 .../arquillian/jira/JBossJiraParser.java      | 14 ++--
 .../testsuite/arquillian/jira/Jira.java       |  2 +-
 .../jira/JiraTestExecutionDecider.java        | 68 +++++++++----------
 3 files changed, 42 insertions(+), 42 deletions(-)

diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/jira/JBossJiraParser.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/jira/JBossJiraParser.java
index ea606b88b43..adf513db303 100644
--- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/jira/JBossJiraParser.java
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/jira/JBossJiraParser.java
@@ -22,17 +22,17 @@ public class JBossJiraParser {
     private static final String JBOSS_TRACKER_REST_URL = "https://issues.jboss.org/rest/api/latest/issue/";
 
     public static boolean isIssueClosed(String issueId) {
-		Status issueStatus;
-		try {
-			issueStatus = getIssueStatus(issueId);
-		} catch(Exception e) {
-			issueStatus = Status.CLOSED; //let the test run in case there is no connection
-		}
+        Status issueStatus;
+        try {
+            issueStatus = getIssueStatus(issueId);
+        } catch (Exception e) {
+            issueStatus = Status.CLOSED; //let the test run in case there is no connection
+        }
         return issueStatus == Status.CLOSED || issueStatus == Status.RESOLVED;
     }
 
     private static Status getIssueStatus(String issueId) throws Exception {
-		Client client = ClientBuilder.newClient();
+        Client client = ClientBuilder.newClient();
         WebTarget target = client.target(JBOSS_TRACKER_REST_URL);
         String json = target.path(issueId).request().accept(MediaType.APPLICATION_JSON_TYPE).get(String.class);
         JsonObject jsonObject = new Gson().fromJson(json, JsonElement.class).getAsJsonObject();
diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/jira/Jira.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/jira/Jira.java
index 961ae82eae5..52b69b55533 100644
--- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/jira/Jira.java
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/jira/Jira.java
@@ -24,5 +24,5 @@ import java.lang.annotation.Target;
 public @interface Jira {
 
     String value();
-	boolean enabled() default true;
+    boolean enabled() default true;
 }
diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/jira/JiraTestExecutionDecider.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/jira/JiraTestExecutionDecider.java
index fa3c571a672..0ce98c54357 100644
--- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/jira/JiraTestExecutionDecider.java
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/jira/JiraTestExecutionDecider.java
@@ -19,43 +19,43 @@ import static org.keycloak.testsuite.arquillian.jira.JBossJiraParser.isIssueClos
  */
 public class JiraTestExecutionDecider implements TestExecutionDecider {
 
-	private static Map<String, Boolean> cache = new HashMap<String, Boolean>();
+    private static Map<String, Boolean> cache = new HashMap<>();
 
-	@Override
-	public ExecutionDecision decide(Method method) {
-		Jira jiraAnnotation = method.getAnnotation(Jira.class);
-		if (jiraAnnotation != null && jiraAnnotation.enabled()) {
-			boolean executeTest = true;
-			String[] issueIds = getIssuesId(jiraAnnotation.value());
-			for (String issueId : issueIds) {
-				if (cache.containsKey(issueId)) {
-					executeTest = cache.get(issueId);
-				} else {
-					if (isIssueClosed(issueId)) {
-						cache.put(issueId, true);
-					} else {
-						executeTest = false;
-						cache.put(issueId, false);
-					}
-				}
-			}
+    @Override
+    public ExecutionDecision decide(Method method) {
+        Jira jiraAnnotation = method.getAnnotation(Jira.class);
+        if (jiraAnnotation != null && jiraAnnotation.enabled()) {
+            boolean executeTest = true;
+            String[] issueIds = getIssuesId(jiraAnnotation.value());
+            for (String issueId : issueIds) {
+                if (cache.containsKey(issueId)) {
+                    executeTest = cache.get(issueId);
+                } else {
+                    if (isIssueClosed(issueId)) {
+                        cache.put(issueId, true);
+                    } else {
+                        executeTest = false;
+                        cache.put(issueId, false);
+                    }
+                }
+            }
 
-			if (executeTest) {
-				return ExecutionDecision.execute();
-			} else {
-				return ExecutionDecision.dontExecute("Issue is still opened, therefore skipping the test " + method.getName());
-			}
-		}
-		return ExecutionDecision.execute();
-	}
+            if (executeTest) {
+                return ExecutionDecision.execute();
+            } else {
+                return ExecutionDecision.dontExecute("Issue is still opened, therefore skipping the test " + method.getName());
+            }
+        }
+        return ExecutionDecision.execute();
+    }
 
-	private String[] getIssuesId(String value) {
-		return value.replaceAll("\\s+", "").split(",");
-	}
+    private String[] getIssuesId(String value) {
+        return value.replaceAll("\\s+", "").split(",");
+    }
 
-	@Override
-	public int precedence() {
-		return 0;
-	}
+    @Override
+    public int precedence() {
+        return 0;
+    }
 
 }

From e6620ca005a7f8037a4b7b09d213551c62e2d444 Mon Sep 17 00:00:00 2001
From: vramik <vramik@localhost.localdomain>
Date: Tue, 27 Oct 2015 14:31:15 +0100
Subject: [PATCH 22/34] arquillian-testsuite added initial version of migration
 test

---
 .../arquillian/ContainersTestEnricher.java    |  74 +-
 .../KeycloakArquillianExtension.java          |   4 +-
 .../arquillian/migration/Migration.java       |  39 +
 .../MigrationTestExecutionDecider.java        |  61 ++
 .../testsuite/AbstractKeycloakTest.java       |   1 +
 .../testsuite/migration/MigrationTest.java    |  44 +
 .../base/src/test/resources/arquillian.xml    |  20 +-
 .../migration-test/migration-realm-16.json    | 796 ++++++++++++++++++
 .../integration-arquillian/tests/pom.xml      | 183 +---
 9 files changed, 1067 insertions(+), 155 deletions(-)
 create mode 100644 testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/migration/Migration.java
 create mode 100644 testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/migration/MigrationTestExecutionDecider.java
 create mode 100644 testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java
 create mode 100644 testsuite/integration-arquillian/tests/base/src/test/resources/migration-test/migration-realm-16.json

diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/ContainersTestEnricher.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/ContainersTestEnricher.java
index 257fb55689e..01d8efd7a23 100644
--- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/ContainersTestEnricher.java
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/ContainersTestEnricher.java
@@ -1,7 +1,13 @@
 package org.keycloak.testsuite.arquillian;
 
+import java.io.File;
+import java.io.IOException;
 import java.net.MalformedURLException;
 import java.net.URL;
+import java.util.LinkedList;
+import org.apache.commons.io.FileUtils;
+import org.jboss.arquillian.container.spi.Container;
+import org.jboss.arquillian.container.spi.ContainerRegistry;
 import org.jboss.arquillian.container.spi.event.StartSuiteContainers;
 import org.jboss.arquillian.container.spi.event.StopSuiteContainers;
 import org.jboss.arquillian.container.test.api.ContainerController;
@@ -33,13 +39,16 @@ import static org.keycloak.testsuite.auth.page.AuthRealm.MASTER;
 public class ContainersTestEnricher {
 
     protected final Logger log = Logger.getLogger(this.getClass());
-    
+
     @Inject
     private Instance<ContainerController> containerController;
 
+    @Inject
+    private Instance<ContainerRegistry> containerRegistry;
+
     @Inject
     private Event<StopSuiteContainers> stopSuiteContainers;
-    
+
     private String appServerQualifier;
 
     private static final String AUTH_SERVER_CONTAINER_PROPERTY = "auth.server.container";
@@ -62,24 +71,77 @@ public class ContainersTestEnricher {
     private InstanceProducer<OAuthClient> oauthClient;
 
     private ContainerController controller;
+    private LinkedList<Container> containers;
 
     private final boolean migrationTests = System.getProperty("migration", "false").equals("true");
     private boolean alreadyStopped = false;
+    private boolean init = false;
 
+    private void init() {
+        if (!init) {
+            containers = new LinkedList(containerRegistry.get().getContainers());
+        }
+        init = true;
+    }
+
+    /*
+     * non-javadoc
+     *
+     * Before starting suite containers. Initialization of containers is done 
+     * (only once during class life cycle)
+     */
     public void startSuiteContainers(@Observes(precedence = 1) StartSuiteContainers event) {
+        init();
         if (migrationTests) {
-            log.info("\n### Starting keycloak with previous version ###\n");
+            log.info("\n\n### Starting keycloak with previous version ###\n");
         }
     }
 
-    public void stopMigrationContainer(@Observes AfterStart event) {
+    /*
+     * non-javadoc
+     *
+     * After start container. Server logs are checked (in case jboss based container).
+     * In case of migration scenario: previous container is stopped.
+     */
+    public void afterStart(@Observes AfterStart event) throws IOException {
+        if (System.getProperty("check.server.log", "true").equals("true")) {
+            checkServerLog();
+        }
+
         if (migrationTests && !alreadyStopped) {
-            log.info("\n### Stopping keycloak with previous version ###\n");
+            log.info("\n\n### Stopping keycloak with previous version ###\n");
             stopSuiteContainers.fire(new StopSuiteContainers());
+            log.info("\n\n### Starting keycloak with current version ###\n");
         }
         alreadyStopped = true;
     }
-    
+
+    /*
+     * non-javadoc
+     *
+     * check server logs (in case jboss based container) whether there are no ERRORs or SEVEREs
+     */
+    private void checkServerLog() throws IOException {
+        Container container = containers.removeFirst();
+        if (!container.getName().equals("auth-server-undertow")) {
+            String jbossHomePath = container.getContainerConfiguration().getContainerProperties().get("jbossHome");
+            log.debug("jbossHome: " + jbossHomePath + "\n");
+
+            String serverLogContent = FileUtils.readFileToString(new File(jbossHomePath + "/standalone/log/server.log"));
+
+            boolean containsError
+                    = serverLogContent.contains("ERROR")
+                    || serverLogContent.contains("SEVERE")
+                    || serverLogContent.contains("Exception ");
+                    //There is expected string "Exception" in server log: Adding provider 
+                    //singleton org.keycloak.services.resources.ModelExceptionMapper
+
+            if (containsError) {
+                throw new RuntimeException(container.getName() + ": Server log contains ERROR.");
+            }
+        }
+    }
+
     public void beforeSuite(@Observes BeforeSuite event) {
         suiteContext.set(new SuiteContext());
     }
diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/KeycloakArquillianExtension.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/KeycloakArquillianExtension.java
index 73583cf489d..a987a16371b 100644
--- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/KeycloakArquillianExtension.java
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/KeycloakArquillianExtension.java
@@ -10,6 +10,7 @@ import org.jboss.arquillian.graphene.location.CustomizableURLResourceProvider;
 import org.jboss.arquillian.test.spi.enricher.resource.ResourceProvider;
 import org.jboss.arquillian.test.spi.execution.TestExecutionDecider;
 import org.keycloak.testsuite.arquillian.jira.JiraTestExecutionDecider;
+import org.keycloak.testsuite.arquillian.migration.MigrationTestExecutionDecider;
 import org.keycloak.testsuite.arquillian.undertow.CustomUndertowContainer;
 
 /**
@@ -36,7 +37,8 @@ public class KeycloakArquillianExtension implements LoadableExtension {
                 .service(DeployableContainer.class, CustomUndertowContainer.class);
 
         builder
-                .service(TestExecutionDecider.class, JiraTestExecutionDecider.class);
+                .service(TestExecutionDecider.class, JiraTestExecutionDecider.class)
+                .service(TestExecutionDecider.class, MigrationTestExecutionDecider.class);
 
         builder
                 .override(ResourceProvider.class, URLResourceProvider.class, URLProvider.class)
diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/migration/Migration.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/migration/Migration.java
new file mode 100644
index 00000000000..791e5887117
--- /dev/null
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/migration/Migration.java
@@ -0,0 +1,39 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2012, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ * 
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ * 
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ * 
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.keycloak.testsuite.arquillian.migration;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import static java.lang.annotation.RetentionPolicy.RUNTIME;
+import java.lang.annotation.Target;
+
+/**
+ *
+ * @author <a href="mailto:vramik@redhat.com">Vlastislav Ramik</a>
+ */
+@Documented
+@Retention(RUNTIME)
+@Target({ElementType.METHOD})
+public @interface Migration {
+    String versionFrom();
+}
diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/migration/MigrationTestExecutionDecider.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/migration/MigrationTestExecutionDecider.java
new file mode 100644
index 00000000000..bfac24ba658
--- /dev/null
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/migration/MigrationTestExecutionDecider.java
@@ -0,0 +1,61 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2012, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ * 
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ * 
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ * 
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.keycloak.testsuite.arquillian.migration;
+
+import java.lang.reflect.Method;
+import org.jboss.arquillian.test.spi.execution.ExecutionDecision;
+import org.jboss.arquillian.test.spi.execution.TestExecutionDecider;
+
+/**
+ * @author <a href="mailto:vramik@redhat.com">Vlastislav Ramik</a>
+ */
+public class MigrationTestExecutionDecider implements TestExecutionDecider {
+
+    @Override
+    public ExecutionDecision decide(Method method) {
+        
+        boolean migrationTest = "true".equals(System.getProperty("migration", "false"));
+        Migration migrationAnnotation = method.getAnnotation(Migration.class);
+        
+        if (migrationTest && migrationAnnotation != null) {
+            String versionFrom = migrationAnnotation.versionFrom();
+            String version = System.getProperty("version");
+            
+
+            if (version.equals(versionFrom)) {
+                return ExecutionDecision.execute();
+            } else {
+                return ExecutionDecision.dontExecute(method.getName() + "doesn't fit with migration version.");
+            }
+        }
+        if ((migrationTest && migrationAnnotation == null) || (!migrationTest && migrationAnnotation != null)) {
+            return ExecutionDecision.dontExecute("Migration test and no migration annotation or no migration test and migration annotation");
+        }
+        return ExecutionDecision.execute();
+    }
+
+    @Override
+    public int precedence() {
+        return 1;
+    }
+
+}
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/AbstractKeycloakTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/AbstractKeycloakTest.java
index 99c5d670ce4..8ed6dcdd16a 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/AbstractKeycloakTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/AbstractKeycloakTest.java
@@ -86,6 +86,7 @@ public abstract class AbstractKeycloakTest {
         driverSettings();
 
         if (!suiteContext.isAdminPasswordUpdated()) {
+            log.debug("updating admin password");
             updateMasterAdminPassword();
             suiteContext.setAdminPasswordUpdated(true);
         }
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java
new file mode 100644
index 00000000000..3fd1b7c1358
--- /dev/null
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java
@@ -0,0 +1,44 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2012, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ * 
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ * 
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ * 
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.keycloak.testsuite.migration;
+
+import org.junit.Test;
+import org.keycloak.representations.idm.RealmRepresentation;
+import org.keycloak.testsuite.AbstractAuthTest;
+import org.keycloak.testsuite.arquillian.migration.Migration;
+
+/**
+ * @author <a href="mailto:vramik@redhat.com">Vlastislav Ramik</a>
+ */
+public class MigrationTest extends AbstractAuthTest {
+    
+    @Test
+    @Migration(versionFrom = "1.6.0.Final")
+    public void migration16Test() {
+        for (RealmRepresentation realm : adminClient.realms().findAll()) {
+            System.out.println(realm.getRealm());
+        }
+        
+        throw new RuntimeException("TODO");
+    }
+
+}
diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml b/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml
index bc82ac773cc..f8bbfc00a9c 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml
+++ b/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml
@@ -25,8 +25,16 @@
         <configuration>
             <property name="enabled">${migration.kc16}</property>
             <property name="adapterImplClass">org.jboss.as.arquillian.container.managed.ManagedDeployableContainer</property>
-            <property name="jbossHome">${keycloak-1.6.0.Final.home}</property>
-            <property name="javaVmArguments">-Djboss.socket.binding.port-offset=${auth.server.port.offset} -Xms64m -Xmx512m -XX:MaxPermSize=256m</property>
+            <property name="jbossHome">${keycloak.migration.home}</property>
+            <property name="javaVmArguments">
+                -Dkeycloak.migration.action=import 
+                -Dkeycloak.migration.provider=singleFile
+                -Dkeycloak.migration.file=${keycloak.migration.file}
+                -Dkeycloak.migration.strategy=OVERWRITE_EXISTING
+                -Dkeycloak.migration.realmName=Migration
+                -Djboss.socket.binding.port-offset=${auth.server.port.offset} 
+                -Xms64m -Xmx512m -XX:MaxPermSize=256m
+            </property>
             <property name="managementPort">${auth.server.management.port}</property>
             <property name="startupTimeoutInSeconds">${startup.timeout.sec}</property>
         </configuration>
@@ -36,7 +44,7 @@
         <configuration>
             <property name="enabled">${migration.kc15}</property>
             <property name="adapterImplClass">org.jboss.as.arquillian.container.managed.ManagedDeployableContainer</property>
-            <property name="jbossHome">${keycloak-1.5.1.Final.home}</property>
+            <property name="jbossHome">${keycloak.migration.homev}</property>
             <property name="javaVmArguments">-Djboss.socket.binding.port-offset=${auth.server.port.offset} -Xms64m -Xmx512m -XX:MaxPermSize=256m</property>
             <property name="managementPort">${auth.server.management.port}</property>
             <property name="startupTimeoutInSeconds">${startup.timeout.sec}</property>
@@ -47,7 +55,7 @@
         <configuration>
             <property name="enabled">${migration.kc14}</property>
             <property name="adapterImplClass">org.jboss.as.arquillian.container.managed.ManagedDeployableContainer</property>
-            <property name="jbossHome">${keycloak-1.4.0.Final.home}</property>
+            <property name="jbossHome">${keycloak.migration.home}</property>
             <property name="javaVmArguments">-Djboss.socket.binding.port-offset=${auth.server.port.offset} -Xms64m -Xmx512m -XX:MaxPermSize=256m</property>
             <property name="managementPort">${auth.server.management.port}</property>
             <property name="startupTimeoutInSeconds">${startup.timeout.sec}</property>
@@ -58,7 +66,7 @@
         <configuration>
             <property name="enabled">${migration.kc13}</property>
             <property name="adapterImplClass">org.jboss.as.arquillian.container.managed.ManagedDeployableContainer</property>
-            <property name="jbossHome">${keycloak-1.3.1.Final.home}</property>
+            <property name="jbossHome">${keycloak.migration.home}</property>
             <property name="javaVmArguments">-Djboss.socket.binding.port-offset=${auth.server.port.offset} -Xms64m -Xmx512m -XX:MaxPermSize=256m</property>
             <property name="managementPort">${auth.server.management.port}</property>
             <property name="startupTimeoutInSeconds">${startup.timeout.sec}</property>
@@ -69,7 +77,7 @@
         <configuration>
             <property name="enabled">${migration.kc12}</property>
             <property name="adapterImplClass">org.jboss.as.arquillian.container.managed.ManagedDeployableContainer</property>
-            <property name="jbossHome">${keycloak-1.2.0.Final.home}</property>
+            <property name="jbossHome">${keycloak.migration.homee}</property>
             <property name="javaVmArguments">-Djboss.socket.binding.port-offset=${auth.server.port.offset} -Xms64m -Xmx512m -XX:MaxPermSize=256m</property>
             <property name="managementPort">${auth.server.management.port}</property>
             <property name="startupTimeoutInSeconds">${startup.timeout.sec}</property>
diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/migration-test/migration-realm-16.json b/testsuite/integration-arquillian/tests/base/src/test/resources/migration-test/migration-realm-16.json
new file mode 100644
index 00000000000..4b7e19575b2
--- /dev/null
+++ b/testsuite/integration-arquillian/tests/base/src/test/resources/migration-test/migration-realm-16.json
@@ -0,0 +1,796 @@
+{
+  "id" : "Migration",
+  "realm" : "Migration",
+  "notBefore" : 0,
+  "revokeRefreshToken" : false,
+  "accessTokenLifespan" : 300,
+  "ssoSessionIdleTimeout" : 1800,
+  "ssoSessionMaxLifespan" : 36000,
+  "offlineSessionIdleTimeout" : 2592000,
+  "accessCodeLifespan" : 60,
+  "accessCodeLifespanUserAction" : 300,
+  "accessCodeLifespanLogin" : 1800,
+  "enabled" : true,
+  "sslRequired" : "external",
+  "registrationAllowed" : false,
+  "registrationEmailAsUsername" : false,
+  "rememberMe" : false,
+  "verifyEmail" : false,
+  "resetPasswordAllowed" : false,
+  "editUsernameAllowed" : false,
+  "bruteForceProtected" : false,
+  "maxFailureWaitSeconds" : 900,
+  "minimumQuickLoginWaitSeconds" : 60,
+  "waitIncrementSeconds" : 60,
+  "quickLoginCheckMilliSeconds" : 1000,
+  "maxDeltaTimeSeconds" : 43200,
+  "failureFactor" : 30,
+  "privateKey" : "MIIEogIBAAKCAQEArQLywI66vQOLm7qtYOTgyZAiKegCPnLM89Rb6ta4aktJ2eOc46yMXe7q6Cu0TiItABjeur3YMqYpWRLdUTBFkh5ZIQINtihiB57bCO7FCQB008a0yJLePyfljfRJ6l1MHyLGOGhPH8FNtw2urGpD+J59aApDzKercCFrdOz4A8sGT2NP+q8Bb/BJOb6XgkE/b9e3G4nvlxSVSxXKNgA+XOYGeLRuDzDp391F/rx5Nm/utCrKTakP5YC2jFNccv9XXMr/S6GIAb7Z1B7QZaP+snrIa06mF6LO+KsHRb1EYYIt/2jMw/buz/HxwIq43/bJMvI2GqFZKxRIT3X5KEzaeQIDAQABAoIBAGv43w6VBK1ZPRNfGTzTGgYw0WFdzaizdHznFsYkYsrTWa+FgTAFS0SECk4CmG/6nCLnYnkgaYCSelOAlmZIveJG1lDnOy9nXGZtGT0l5gmMI1zXMZPLNLAtcfF5d3ev6gW0aghh8J9cv+dxvoUTfH/4SUNYxJ9ANJmyAaHjEZUrY6JyiLqCo1y+iYyYRmmhYbj6qU6ld1mOVvWOF4ZFWKJ1ZCxWf9cUMpzphBQVqrBOW/OqOv6F7MotwBrRW8K/rnIq7sfO//+6RXMMmdCSseprBHWKC6NkS822lPSA3Co0j6TwL54cOrw7W7iEzY9WanyHQNiBnTyPqGmIXGwBnAECgYEA5FTYZTb2yLSo41LBPbvH2aRje+/yEESPTz+O60y6T3ZED8yzoGfyJd3OBkuNKEwFCztM0sZdyRvSJKXxyWCW+RwZ8JHRtYr476DGO6e/ZqW4IQuLGTwsExvbZGuYotrF1Eeyhy3TtEkkDuEsK5wwW+OMUkGcJpoEN8DGlROcJqECgYEAwfoA2E5TnM6YZwJktVKOQdoyvvSFLrhCUoOSNKJwYJGSBhVqdP0SFvKWCkL8DHP8zPn+GOw2DLokrby2Ac72XmQvXJKeRpeOk5C+uancRCUdfm+Fc6+5ownjH32LzYvwVw3qEbidM7a2GgdzJNxmGXgL8x8h9ClhWkhtaDWmnNkCgYBA2QwAawTZ6d1Req5hTxSqbnLGv1X7Ys1kz4NStp7vdIJODnAxrXPrZzxdM1XqzPRdxUDDWA1I0br0J6Es9V7Lbzy6w19Q9SBQRlQmmzTT/Vr3H6UozJsj7jR4J8rY7dNjv90nYU+QE3nHNBJsbFabslum/PVRTUrHXtvHeSNPIQKBgFhI9QF+BMglr2+Sw0tTm7OVH+uRVtyAuI7dmzmhhQwutQtXy/AbDpSrLGbXPehdEf4o+eFWAPOh9PeuIBiKnc8wQe4cPTVb3WSESIowKTRKwDW/hDm3DQKLiXfXqD2RJ343swUFxWa4DgGiymFIfp+w559r2ARMoSZ6OHFpmb9hAoGAKd4lA9rz7YRbL0S2dFjbZ2BLVZpjb8rvR1VQQuCGYxqlLkWlrSeiuhkqMyaUtL0PRuEcXrcobHV/IXrYq2WoWItmVCnWq2Wx7pmEa4HYJhhmIQXAthU0USWY77zEagpeTB+VPV8CpwLEsKQqhQeNkepxEI9fMYEYpwUo6bzDyeA=",
+  "publicKey" : "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQLywI66vQOLm7qtYOTgyZAiKegCPnLM89Rb6ta4aktJ2eOc46yMXe7q6Cu0TiItABjeur3YMqYpWRLdUTBFkh5ZIQINtihiB57bCO7FCQB008a0yJLePyfljfRJ6l1MHyLGOGhPH8FNtw2urGpD+J59aApDzKercCFrdOz4A8sGT2NP+q8Bb/BJOb6XgkE/b9e3G4nvlxSVSxXKNgA+XOYGeLRuDzDp391F/rx5Nm/utCrKTakP5YC2jFNccv9XXMr/S6GIAb7Z1B7QZaP+snrIa06mF6LO+KsHRb1EYYIt/2jMw/buz/HxwIq43/bJMvI2GqFZKxRIT3X5KEzaeQIDAQAB",
+  "certificate" : "MIICoTCCAYkCBgFQjuc8LjANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDDAlNaWdyYXRpb24wHhcNMTUxMDIyMDkzMzUwWhcNMjUxMDIyMDkzNTMwWjAUMRIwEAYDVQQDDAlNaWdyYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtAvLAjrq9A4ubuq1g5ODJkCIp6AI+cszz1Fvq1rhqS0nZ45zjrIxd7uroK7ROIi0AGN66vdgypilZEt1RMEWSHlkhAg22KGIHntsI7sUJAHTTxrTIkt4/J+WN9EnqXUwfIsY4aE8fwU23Da6sakP4nn1oCkPMp6twIWt07PgDywZPY0/6rwFv8Ek5vpeCQT9v17cbie+XFJVLFco2AD5c5gZ4tG4PMOnf3UX+vHk2b+60KspNqQ/lgLaMU1xy/1dcyv9LoYgBvtnUHtBlo/6yeshrTqYXos74qwdFvURhgi3/aMzD9u7P8fHAirjf9sky8jYaoVkrFEhPdfkoTNp5AgMBAAEwDQYJKoZIhvcNAQELBQADggEBAE6l3lMPlWPOgE6TFj/fJvCa5OH3exKdvN1mofiq3VmNRoxyPWcehezS0SvKjWvF79QXMHLidH4Wr8IDrc8JS5YrCy1GVwGcJecwZpoMgqeaJ0UcfWgDz6+n+uaXZ49kNZH0CD1zoxHc1A49AlGQMO4jd517lfwjyuKl1DbWymmplvOmE8PKGaDTMyohwJlvoZbAs3BNhHss5IIyfGESyYYG98tRfKdIvddZOBfTp1rbXzr8oE+bgJKlGuX+oun67jfdNuYC+2f7bzTkqeSF215T6aA0j1oAxEIlmBBsIiiGEre2Xk3Lr+/itNKBZPJv92GbTmcNq/EpLhvEMz0s84o=",
+  "codeSecret" : "5a609b38-3b83-482b-b2f1-d0289f21b6a2",
+  "roles" : {
+    "realm" : [ {
+      "id" : "748f1d8c-5f0a-4bce-a3b1-096360252e3f",
+      "name" : "offline_access",
+      "description" : "${role_offline-access}",
+      "scopeParamRequired" : true,
+      "composite" : false
+    } ],
+    "client" : {
+      "realm-management" : [ {
+        "id" : "9b4e8326-cc09-4d3d-ac48-f4b9576c9da2",
+        "name" : "manage-realm",
+        "description" : "${role_manage-realm}",
+        "scopeParamRequired" : false,
+        "composite" : false
+      }, {
+        "id" : "2283a92b-dcc3-4c6e-be62-140d27500115",
+        "name" : "view-realm",
+        "description" : "${role_view-realm}",
+        "scopeParamRequired" : false,
+        "composite" : false
+      }, {
+        "id" : "5a6653ea-91a9-4c15-9f6f-ed84970afd78",
+        "name" : "manage-events",
+        "description" : "${role_manage-events}",
+        "scopeParamRequired" : false,
+        "composite" : false
+      }, {
+        "id" : "61b3467d-d0db-4fa2-9241-17096961744d",
+        "name" : "manage-users",
+        "description" : "${role_manage-users}",
+        "scopeParamRequired" : false,
+        "composite" : false
+      }, {
+        "id" : "52741497-a533-4d23-b989-0054b961c8b2",
+        "name" : "impersonation",
+        "description" : "${role_impersonation}",
+        "scopeParamRequired" : false,
+        "composite" : false
+      }, {
+        "id" : "0744e5e8-ce96-4dbb-9eca-a3a1cb3a5903",
+        "name" : "view-identity-providers",
+        "description" : "${role_view-identity-providers}",
+        "scopeParamRequired" : false,
+        "composite" : false
+      }, {
+        "id" : "d1877efa-4bdd-4378-923a-fd1f8bd6ce71",
+        "name" : "manage-clients",
+        "description" : "${role_manage-clients}",
+        "scopeParamRequired" : false,
+        "composite" : false
+      }, {
+        "id" : "c0041a9a-38d2-41a7-a886-f47dcec2f49b",
+        "name" : "manage-identity-providers",
+        "description" : "${role_manage-identity-providers}",
+        "scopeParamRequired" : false,
+        "composite" : false
+      }, {
+        "id" : "e4fbf986-956b-4b6e-ba9a-0c2a604c5f0a",
+        "name" : "realm-admin",
+        "description" : "${role_realm-admin}",
+        "scopeParamRequired" : false,
+        "composite" : true,
+        "composites" : {
+          "client" : {
+            "realm-management" : [ "view-clients", "manage-realm", "view-realm", "manage-events", "view-events", "manage-users", "impersonation", "view-users", "view-identity-providers", "manage-clients", "create-client", "manage-identity-providers" ]
+          }
+        }
+      }, {
+        "id" : "c2786492-d49c-4893-807b-274b4eb6ec54",
+        "name" : "view-clients",
+        "description" : "${role_view-clients}",
+        "scopeParamRequired" : false,
+        "composite" : false
+      }, {
+        "id" : "fa92320c-3f12-44b3-b61f-3c5dacec755c",
+        "name" : "view-events",
+        "description" : "${role_view-events}",
+        "scopeParamRequired" : false,
+        "composite" : false
+      }, {
+        "id" : "033e98f0-21a1-44c8-a71d-03be8126c615",
+        "name" : "view-users",
+        "description" : "${role_view-users}",
+        "scopeParamRequired" : false,
+        "composite" : false
+      }, {
+        "id" : "c33f11a9-c82a-4218-a29f-a57c89d094b7",
+        "name" : "create-client",
+        "description" : "${role_create-client}",
+        "scopeParamRequired" : false,
+        "composite" : false
+      } ],
+      "security-admin-console" : [ ],
+      "broker" : [ {
+        "id" : "e57662f2-0206-4103-bfba-db54433d53f7",
+        "name" : "read-token",
+        "description" : "${role_read-token}",
+        "scopeParamRequired" : false,
+        "composite" : false
+      } ],
+      "account" : [ {
+        "id" : "b15e3ee9-033e-48d1-b9b0-267afa93f3c9",
+        "name" : "manage-account",
+        "description" : "${role_manage-account}",
+        "scopeParamRequired" : false,
+        "composite" : false
+      }, {
+        "id" : "686afa3d-4a43-43f1-9b17-b92d152944d2",
+        "name" : "view-profile",
+        "description" : "${role_view-profile}",
+        "scopeParamRequired" : false,
+        "composite" : false
+      } ]
+    }
+  },
+  "defaultRoles" : [ "offline_access" ],
+  "requiredCredentials" : [ "password" ],
+  "otpPolicyType" : "totp",
+  "otpPolicyAlgorithm" : "HmacSHA1",
+  "otpPolicyInitialCounter" : 0,
+  "otpPolicyDigits" : 6,
+  "otpPolicyLookAheadWindow" : 1,
+  "otpPolicyPeriod" : 30,
+  "clientScopeMappings" : {
+    "realm-management" : [ {
+      "client" : "security-admin-console",
+      "roles" : [ "realm-admin" ]
+    } ]
+  },
+  "clients" : [ {
+    "id" : "3793af8e-47ec-47b2-ac31-3cb813c395b8",
+    "clientId" : "realm-management",
+    "name" : "${client_realm-management}",
+    "surrogateAuthRequired" : false,
+    "enabled" : true,
+    "clientAuthenticatorType" : "client-secret",
+    "secret" : "1d5f503f-dc13-45e3-8b4f-e541743f7291",
+    "redirectUris" : [ ],
+    "webOrigins" : [ ],
+    "notBefore" : 0,
+    "bearerOnly" : true,
+    "consentRequired" : false,
+    "serviceAccountsEnabled" : false,
+    "directGrantsOnly" : false,
+    "publicClient" : false,
+    "frontchannelLogout" : false,
+    "attributes" : { },
+    "fullScopeAllowed" : false,
+    "nodeReRegistrationTimeout" : 0,
+    "protocolMappers" : [ {
+      "id" : "f232fbdf-b7fb-4b1d-b2e9-f54e3470bc7c",
+      "name" : "family name",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${familyName}",
+      "config" : {
+        "user.attribute" : "lastName",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "family_name",
+        "jsonType.label" : "String"
+      }
+    }, {
+      "id" : "8171f547-4738-4aeb-837e-cbfc7d0cc017",
+      "name" : "username",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${username}",
+      "config" : {
+        "user.attribute" : "username",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "preferred_username",
+        "jsonType.label" : "String"
+      }
+    }, {
+      "id" : "d9ca8f34-270d-4f9f-a6ff-320e57689a0a",
+      "name" : "email",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${email}",
+      "config" : {
+        "user.attribute" : "email",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "email",
+        "jsonType.label" : "String"
+      }
+    }, {
+      "id" : "a9a237e8-134d-4fc2-b41d-3b7f4023d7f8",
+      "name" : "role list",
+      "protocol" : "saml",
+      "protocolMapper" : "saml-role-list-mapper",
+      "consentRequired" : false,
+      "config" : {
+        "single" : "false",
+        "attribute.nameformat" : "Basic",
+        "attribute.name" : "Role"
+      }
+    }, {
+      "id" : "ef97b539-b493-4081-ae84-ac6ce162f24b",
+      "name" : "given name",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${givenName}",
+      "config" : {
+        "user.attribute" : "firstName",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "given_name",
+        "jsonType.label" : "String"
+      }
+    }, {
+      "id" : "ea669796-f1c5-41e3-a635-f4c2cd537cf1",
+      "name" : "full name",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-full-name-mapper",
+      "consentRequired" : true,
+      "consentText" : "${fullName}",
+      "config" : {
+        "id.token.claim" : "true",
+        "access.token.claim" : "true"
+      }
+    } ]
+  }, {
+    "id" : "1487423c-d03e-464e-aa8e-4db48c6b9977",
+    "clientId" : "security-admin-console",
+    "name" : "${client_security-admin-console}",
+    "baseUrl" : "/auth/admin/Migration/console/index.html",
+    "surrogateAuthRequired" : false,
+    "enabled" : true,
+    "clientAuthenticatorType" : "client-secret",
+    "secret" : "799f2249-0b27-4d8d-8bff-c8ed8ee98fcf",
+    "redirectUris" : [ "/auth/admin/Migration/console/*" ],
+    "webOrigins" : [ ],
+    "notBefore" : 0,
+    "bearerOnly" : false,
+    "consentRequired" : false,
+    "serviceAccountsEnabled" : false,
+    "directGrantsOnly" : false,
+    "publicClient" : true,
+    "frontchannelLogout" : false,
+    "attributes" : { },
+    "fullScopeAllowed" : false,
+    "nodeReRegistrationTimeout" : 0,
+    "protocolMappers" : [ {
+      "id" : "bc58f583-70f1-47a9-b64c-edd91e34a9d2",
+      "name" : "family name",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${familyName}",
+      "config" : {
+        "user.attribute" : "lastName",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "family_name",
+        "jsonType.label" : "String"
+      }
+    }, {
+      "id" : "222cd811-48b6-4f67-a959-42ef4b5422dd",
+      "name" : "email",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${email}",
+      "config" : {
+        "user.attribute" : "email",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "email",
+        "jsonType.label" : "String"
+      }
+    }, {
+      "id" : "4dcc8851-7f55-4ac2-a840-455789b5f012",
+      "name" : "locale",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-attribute-mapper",
+      "consentRequired" : false,
+      "consentText" : "${locale}",
+      "config" : {
+        "user.attribute" : "locale",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "locale",
+        "jsonType.label" : "String"
+      }
+    }, {
+      "id" : "4d536574-fa9b-40a2-aed3-8fe647ea3a2b",
+      "name" : "role list",
+      "protocol" : "saml",
+      "protocolMapper" : "saml-role-list-mapper",
+      "consentRequired" : false,
+      "config" : {
+        "single" : "false",
+        "attribute.nameformat" : "Basic",
+        "attribute.name" : "Role"
+      }
+    }, {
+      "id" : "36c6275c-fc00-4511-b1f2-b0a0db25c3c7",
+      "name" : "username",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${username}",
+      "config" : {
+        "user.attribute" : "username",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "preferred_username",
+        "jsonType.label" : "String"
+      }
+    }, {
+      "id" : "826950eb-8d2d-42ae-b2fa-df2d98cf09f8",
+      "name" : "full name",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-full-name-mapper",
+      "consentRequired" : true,
+      "consentText" : "${fullName}",
+      "config" : {
+        "id.token.claim" : "true",
+        "access.token.claim" : "true"
+      }
+    }, {
+      "id" : "b50a73f8-4f50-4cd0-8fdf-a23c59103bfc",
+      "name" : "given name",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${givenName}",
+      "config" : {
+        "user.attribute" : "firstName",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "given_name",
+        "jsonType.label" : "String"
+      }
+    } ]
+  }, {
+    "id" : "57690443-ad65-4198-ba24-73e0a9f0968c",
+    "clientId" : "broker",
+    "name" : "${client_broker}",
+    "surrogateAuthRequired" : false,
+    "enabled" : true,
+    "clientAuthenticatorType" : "client-secret",
+    "secret" : "633b0791-2877-4fba-9b99-32a793ced077",
+    "redirectUris" : [ ],
+    "webOrigins" : [ ],
+    "notBefore" : 0,
+    "bearerOnly" : false,
+    "consentRequired" : false,
+    "serviceAccountsEnabled" : false,
+    "directGrantsOnly" : false,
+    "publicClient" : false,
+    "frontchannelLogout" : false,
+    "attributes" : { },
+    "fullScopeAllowed" : false,
+    "nodeReRegistrationTimeout" : 0,
+    "protocolMappers" : [ {
+      "id" : "bdc92df4-9053-4651-9a95-4a36cc825b94",
+      "name" : "username",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${username}",
+      "config" : {
+        "user.attribute" : "username",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "preferred_username",
+        "jsonType.label" : "String"
+      }
+    }, {
+      "id" : "7a90d6af-b6a6-4d59-82fe-7c6b6206a3a8",
+      "name" : "given name",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${givenName}",
+      "config" : {
+        "user.attribute" : "firstName",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "given_name",
+        "jsonType.label" : "String"
+      }
+    }, {
+      "id" : "24179c32-d778-4ab9-a32c-305832e3581e",
+      "name" : "role list",
+      "protocol" : "saml",
+      "protocolMapper" : "saml-role-list-mapper",
+      "consentRequired" : false,
+      "config" : {
+        "single" : "false",
+        "attribute.nameformat" : "Basic",
+        "attribute.name" : "Role"
+      }
+    }, {
+      "id" : "30903d54-a53c-4238-9258-3aec427adc71",
+      "name" : "email",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${email}",
+      "config" : {
+        "user.attribute" : "email",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "email",
+        "jsonType.label" : "String"
+      }
+    }, {
+      "id" : "2dcc7b59-4a56-4e71-a763-5853a58fb3d1",
+      "name" : "full name",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-full-name-mapper",
+      "consentRequired" : true,
+      "consentText" : "${fullName}",
+      "config" : {
+        "id.token.claim" : "true",
+        "access.token.claim" : "true"
+      }
+    }, {
+      "id" : "f997c17d-e6a5-4bf1-a40a-0f240fd0e3f3",
+      "name" : "family name",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${familyName}",
+      "config" : {
+        "user.attribute" : "lastName",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "family_name",
+        "jsonType.label" : "String"
+      }
+    } ]
+  }, {
+    "id" : "dba6eddb-ad7f-46d7-8f69-c4b56b32566e",
+    "clientId" : "account",
+    "name" : "${client_account}",
+    "baseUrl" : "/auth/realms/Migration/account",
+    "surrogateAuthRequired" : false,
+    "enabled" : true,
+    "clientAuthenticatorType" : "client-secret",
+    "secret" : "6b602649-f42f-43bb-a2f0-c02043872cdc",
+    "defaultRoles" : [ "view-profile", "manage-account" ],
+    "redirectUris" : [ "/auth/realms/Migration/account/*" ],
+    "webOrigins" : [ ],
+    "notBefore" : 0,
+    "bearerOnly" : false,
+    "consentRequired" : false,
+    "serviceAccountsEnabled" : false,
+    "directGrantsOnly" : false,
+    "publicClient" : false,
+    "frontchannelLogout" : false,
+    "attributes" : { },
+    "fullScopeAllowed" : false,
+    "nodeReRegistrationTimeout" : 0,
+    "protocolMappers" : [ {
+      "id" : "47990dfe-a600-4301-bbfb-f41ab94b9dff",
+      "name" : "username",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${username}",
+      "config" : {
+        "user.attribute" : "username",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "preferred_username",
+        "jsonType.label" : "String"
+      }
+    }, {
+      "id" : "8a8e1c9e-9fff-4418-8941-66a77842bce7",
+      "name" : "full name",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-full-name-mapper",
+      "consentRequired" : true,
+      "consentText" : "${fullName}",
+      "config" : {
+        "id.token.claim" : "true",
+        "access.token.claim" : "true"
+      }
+    }, {
+      "id" : "581a2aef-ef7b-4a5a-95fe-f59b0c7e95a0",
+      "name" : "family name",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${familyName}",
+      "config" : {
+        "user.attribute" : "lastName",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "family_name",
+        "jsonType.label" : "String"
+      }
+    }, {
+      "id" : "8713a65f-f602-4973-9719-6b9ae792fb39",
+      "name" : "email",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${email}",
+      "config" : {
+        "user.attribute" : "email",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "email",
+        "jsonType.label" : "String"
+      }
+    }, {
+      "id" : "0f49eaee-4fd2-48da-9ca3-60f33f26b101",
+      "name" : "given name",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${givenName}",
+      "config" : {
+        "user.attribute" : "firstName",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "given_name",
+        "jsonType.label" : "String"
+      }
+    }, {
+      "id" : "964acb2b-9e6b-42e8-8f8d-382ac32a9da8",
+      "name" : "role list",
+      "protocol" : "saml",
+      "protocolMapper" : "saml-role-list-mapper",
+      "consentRequired" : false,
+      "config" : {
+        "single" : "false",
+        "attribute.nameformat" : "Basic",
+        "attribute.name" : "Role"
+      }
+    } ]
+  } ],
+  "browserSecurityHeaders" : {
+    "contentSecurityPolicy" : "frame-src 'self'",
+    "xFrameOptions" : "SAMEORIGIN"
+  },
+  "smtpServer" : { },
+  "eventsEnabled" : false,
+  "eventsListeners" : [ "jboss-logging" ],
+  "enabledEventTypes" : [ ],
+  "adminEventsEnabled" : false,
+  "adminEventsDetailsEnabled" : false,
+  "identityFederationEnabled" : false,
+  "internationalizationEnabled" : false,
+  "supportedLocales" : [ ],
+  "authenticationFlows" : [ {
+    "alias" : "clients",
+    "description" : "Base authentication for clients",
+    "providerId" : "client-flow",
+    "topLevel" : true,
+    "builtIn" : true,
+    "authenticationExecutions" : [ {
+      "authenticator" : "client-secret",
+      "autheticatorFlow" : false,
+      "requirement" : "ALTERNATIVE",
+      "userSetupAllowed" : false,
+      "priority" : 10
+    }, {
+      "authenticator" : "client-jwt",
+      "autheticatorFlow" : false,
+      "requirement" : "ALTERNATIVE",
+      "userSetupAllowed" : false,
+      "priority" : 20
+    } ]
+  }, {
+    "alias" : "forms",
+    "description" : "Username, password, otp and other auth forms.",
+    "providerId" : "basic-flow",
+    "topLevel" : false,
+    "builtIn" : true,
+    "authenticationExecutions" : [ {
+      "authenticator" : "auth-username-password-form",
+      "autheticatorFlow" : false,
+      "requirement" : "REQUIRED",
+      "userSetupAllowed" : false,
+      "priority" : 10
+    }, {
+      "authenticator" : "auth-otp-form",
+      "autheticatorFlow" : false,
+      "requirement" : "OPTIONAL",
+      "userSetupAllowed" : false,
+      "priority" : 20
+    } ]
+  }, {
+    "alias" : "browser",
+    "description" : "browser based authentication",
+    "providerId" : "basic-flow",
+    "topLevel" : true,
+    "builtIn" : true,
+    "authenticationExecutions" : [ {
+      "authenticator" : "auth-cookie",
+      "autheticatorFlow" : false,
+      "requirement" : "ALTERNATIVE",
+      "userSetupAllowed" : false,
+      "priority" : 10
+    }, {
+      "authenticator" : "auth-spnego",
+      "autheticatorFlow" : false,
+      "requirement" : "DISABLED",
+      "userSetupAllowed" : false,
+      "priority" : 20
+    }, {
+      "flowAlias" : "forms",
+      "autheticatorFlow" : true,
+      "requirement" : "ALTERNATIVE",
+      "userSetupAllowed" : false,
+      "priority" : 30
+    } ]
+  }, {
+    "alias" : "reset credentials",
+    "description" : "Reset credentials for a user if they forgot their password or something",
+    "providerId" : "basic-flow",
+    "topLevel" : true,
+    "builtIn" : true,
+    "authenticationExecutions" : [ {
+      "authenticator" : "reset-credentials-choose-user",
+      "autheticatorFlow" : false,
+      "requirement" : "REQUIRED",
+      "userSetupAllowed" : false,
+      "priority" : 10
+    }, {
+      "authenticator" : "reset-credential-email",
+      "autheticatorFlow" : false,
+      "requirement" : "REQUIRED",
+      "userSetupAllowed" : false,
+      "priority" : 20
+    }, {
+      "authenticator" : "reset-password",
+      "autheticatorFlow" : false,
+      "requirement" : "REQUIRED",
+      "userSetupAllowed" : false,
+      "priority" : 30
+    }, {
+      "authenticator" : "reset-otp",
+      "autheticatorFlow" : false,
+      "requirement" : "OPTIONAL",
+      "userSetupAllowed" : false,
+      "priority" : 40
+    } ]
+  }, {
+    "alias" : "registration",
+    "description" : "registration flow",
+    "providerId" : "basic-flow",
+    "topLevel" : true,
+    "builtIn" : true,
+    "authenticationExecutions" : [ {
+      "authenticator" : "registration-page-form",
+      "flowAlias" : "registration form",
+      "autheticatorFlow" : true,
+      "requirement" : "REQUIRED",
+      "userSetupAllowed" : false,
+      "priority" : 10
+    } ]
+  }, {
+    "alias" : "registration form",
+    "description" : "registration form",
+    "providerId" : "form-flow",
+    "topLevel" : false,
+    "builtIn" : true,
+    "authenticationExecutions" : [ {
+      "authenticator" : "registration-user-creation",
+      "autheticatorFlow" : false,
+      "requirement" : "REQUIRED",
+      "userSetupAllowed" : false,
+      "priority" : 20
+    }, {
+      "authenticator" : "registration-profile-action",
+      "autheticatorFlow" : false,
+      "requirement" : "REQUIRED",
+      "userSetupAllowed" : false,
+      "priority" : 40
+    }, {
+      "authenticator" : "registration-password-action",
+      "autheticatorFlow" : false,
+      "requirement" : "REQUIRED",
+      "userSetupAllowed" : false,
+      "priority" : 50
+    }, {
+      "authenticator" : "registration-recaptcha-action",
+      "autheticatorFlow" : false,
+      "requirement" : "DISABLED",
+      "userSetupAllowed" : false,
+      "priority" : 60
+    } ]
+  }, {
+    "alias" : "direct grant",
+    "description" : "OpenID Connect Resource Owner Grant",
+    "providerId" : "basic-flow",
+    "topLevel" : true,
+    "builtIn" : true,
+    "authenticationExecutions" : [ {
+      "authenticator" : "direct-grant-validate-username",
+      "autheticatorFlow" : false,
+      "requirement" : "REQUIRED",
+      "userSetupAllowed" : false,
+      "priority" : 10
+    }, {
+      "authenticator" : "direct-grant-validate-password",
+      "autheticatorFlow" : false,
+      "requirement" : "REQUIRED",
+      "userSetupAllowed" : false,
+      "priority" : 20
+    }, {
+      "authenticator" : "direct-grant-validate-otp",
+      "autheticatorFlow" : false,
+      "requirement" : "OPTIONAL",
+      "userSetupAllowed" : false,
+      "priority" : 30
+    } ]
+  } ],
+  "authenticatorConfig" : [ ],
+  "requiredActions" : [ {
+    "alias" : "terms_and_conditions",
+    "name" : "Terms and Conditions",
+    "providerId" : "terms_and_conditions",
+    "enabled" : false,
+    "defaultAction" : false,
+    "config" : { }
+  }, {
+    "alias" : "UPDATE_PASSWORD",
+    "name" : "Update Password",
+    "providerId" : "UPDATE_PASSWORD",
+    "enabled" : true,
+    "defaultAction" : false,
+    "config" : { }
+  }, {
+    "alias" : "UPDATE_PROFILE",
+    "name" : "Update Profile",
+    "providerId" : "UPDATE_PROFILE",
+    "enabled" : true,
+    "defaultAction" : false,
+    "config" : { }
+  }, {
+    "alias" : "CONFIGURE_TOTP",
+    "name" : "Configure Totp",
+    "providerId" : "CONFIGURE_TOTP",
+    "enabled" : true,
+    "defaultAction" : false,
+    "config" : { }
+  }, {
+    "alias" : "VERIFY_EMAIL",
+    "name" : "Verify Email",
+    "providerId" : "VERIFY_EMAIL",
+    "enabled" : true,
+    "defaultAction" : false,
+    "config" : { }
+  } ],
+  "browserFlow" : "browser",
+  "registrationFlow" : "registration",
+  "directGrantFlow" : "direct grant",
+  "resetCredentialsFlow" : "reset credentials",
+  "clientAuthenticationFlow" : "clients"
+}
\ No newline at end of file
diff --git a/testsuite/integration-arquillian/tests/pom.xml b/testsuite/integration-arquillian/tests/pom.xml
index cec51ebe6a4..2a4b2a8dff2 100644
--- a/testsuite/integration-arquillian/tests/pom.xml
+++ b/testsuite/integration-arquillian/tests/pom.xml
@@ -96,6 +96,31 @@
                         <failIfNoTests>false</failIfNoTests>
                     </configuration>
                 </plugin>
+                <plugin>
+                    <groupId>org.apache.maven.plugins</groupId>
+                    <artifactId>maven-dependency-plugin</artifactId>
+                    <executions>
+                        <execution>
+                            <id>unpack-previous</id>
+                            <phase>generate-test-resources</phase>
+                            <goals>
+                                <goal>unpack</goal>
+                            </goals>
+                            <configuration>
+                                <artifactItems>
+                                    <artifactItem>
+                                        <groupId>org.keycloak.testsuite</groupId>
+                                        <artifactId>${server.artifactId}</artifactId>
+                                        <version>${project.version}</version>
+                                        <type>zip</type>
+                                    </artifactItem>
+                                </artifactItems>
+                                <outputDirectory>${containers.home}</outputDirectory>
+                                <overWriteIfNewer>true</overWriteIfNewer>
+                            </configuration>
+                        </execution>
+                    </executions>
+                </plugin>
             </plugins>
         </pluginManagement>        
     </build>
@@ -348,7 +373,6 @@
                         <plugin>
                             <groupId>org.apache.maven.plugins</groupId>
                             <artifactId>maven-dependency-plugin</artifactId>
-                            <version>2.10</version>
                             <executions>
                                 <execution>
                                     <id>unpack</id>
@@ -409,7 +433,6 @@
                         <plugin>
                             <groupId>org.apache.maven.plugins</groupId>
                             <artifactId>maven-dependency-plugin</artifactId>
-                            <version>2.10</version>
                             <executions>
                                 <execution>
                                     <id>unpack</id>
@@ -454,37 +477,12 @@
         <profile>
             <id>migration-kc16</id>
             <properties>
-                <keycloak-1.6.0.Final.home>${containers.home}/keycloak-1.6.0.Final</keycloak-1.6.0.Final.home>
+                <server.version>1.6.0.Final</server.version>
+                <server.artifactId>integration-arquillian-server-wildfly-kc16</server.artifactId>
             </properties>
             <build>
                 <pluginManagement>
                     <plugins>
-                        <plugin>
-                            <groupId>org.apache.maven.plugins</groupId>
-                            <artifactId>maven-dependency-plugin</artifactId>
-                            <version>2.10</version>
-                            <executions>
-                                <execution>
-                                    <id>unpack-previous</id>
-                                    <phase>generate-test-resources</phase>
-                                    <goals>
-                                        <goal>unpack</goal>
-                                    </goals>
-                                    <configuration>
-                                        <artifactItems>
-                                            <artifactItem>
-                                                <groupId>org.keycloak.testsuite</groupId>
-                                                <artifactId>integration-arquillian-server-wildfly-kc16</artifactId>
-                                                <version>${project.version}</version>
-                                                <type>zip</type>
-                                            </artifactItem>
-                                        </artifactItems>
-                                        <outputDirectory>${containers.home}</outputDirectory>
-                                        <overWriteIfNewer>true</overWriteIfNewer>
-                                    </configuration>
-                                </execution>
-                            </executions>
-                        </plugin>
                         <plugin>
                             <groupId>org.apache.maven.plugins</groupId>
                             <artifactId>maven-surefire-plugin</artifactId>
@@ -492,8 +490,9 @@
                                 <systemPropertyVariables>
                                     <migration>true</migration>
                                     <migration.kc16>true</migration.kc16>
-                                    <keycloak-1.6.0.Final.home>${keycloak-1.6.0.Final.home}</keycloak-1.6.0.Final.home>
+                                    <keycloak.migration.home>${containers.home}/keycloak-${server.version}</keycloak.migration.home>
                                     <keycloak.migration.file>src/test/resources/migration-test/migration-realm-16.json</keycloak.migration.file>
+                                    <version>${server.version}</version>
                                 </systemPropertyVariables>
                             </configuration>
                         </plugin>
@@ -505,37 +504,12 @@
         <profile>
             <id>migration-kc15</id>
             <properties>
-                <keycloak-1.5.1.Final.home>${containers.home}/keycloak-1.5.1.Final</keycloak-1.5.1.Final.home>
+                <server.version>1.5.1.Final</server.version>
+                <server.artifactId>integration-arquillian-server-wildfly-kc15</server.artifactId>
             </properties>
             <build>
                 <pluginManagement>
                     <plugins>
-                        <plugin>
-                            <groupId>org.apache.maven.plugins</groupId>
-                            <artifactId>maven-dependency-plugin</artifactId>
-                            <version>2.10</version>
-                            <executions>
-                                <execution>
-                                    <id>unpack-previous</id>
-                                    <phase>generate-test-resources</phase>
-                                    <goals>
-                                        <goal>unpack</goal>
-                                    </goals>
-                                    <configuration>
-                                        <artifactItems>
-                                            <artifactItem>
-                                                <groupId>org.keycloak.testsuite</groupId>
-                                                <artifactId>integration-arquillian-server-wildfly-kc15</artifactId>
-                                                <version>${project.version}</version>
-                                                <type>zip</type>
-                                            </artifactItem>
-                                        </artifactItems>
-                                        <outputDirectory>${containers.home}</outputDirectory>
-                                        <overWriteIfNewer>true</overWriteIfNewer>
-                                    </configuration>
-                                </execution>
-                            </executions>
-                        </plugin>
                         <plugin>
                             <groupId>org.apache.maven.plugins</groupId>
                             <artifactId>maven-surefire-plugin</artifactId>
@@ -543,7 +517,7 @@
                                 <systemPropertyVariables>
                                     <migration>true</migration>
                                     <migration.kc15>true</migration.kc15>
-                                    <keycloak-1.5.1.Final.home>${keycloak-1.5.1.Final.home}</keycloak-1.5.1.Final.home>
+                                    <keycloak.migration.home>${containers.home}/keycloak-${server.version}</keycloak.migration.home>
                                 </systemPropertyVariables>
                             </configuration>
                         </plugin>
@@ -555,37 +529,12 @@
         <profile>
             <id>migration-kc14</id>
             <properties>
-                <keycloak-1.4.0.Final.home>${containers.home}/keycloak-1.4.0.Final</keycloak-1.4.0.Final.home>
+                <server.version>1.4.0.Final</server.version>
+                <server.artifactId>integration-arquillian-server-wildfly-kc14</server.artifactId>
             </properties>
             <build>
                 <pluginManagement>
                     <plugins>
-                        <plugin>
-                            <groupId>org.apache.maven.plugins</groupId>
-                            <artifactId>maven-dependency-plugin</artifactId>
-                            <version>2.10</version>
-                            <executions>
-                                <execution>
-                                    <id>unpack-previous</id>
-                                    <phase>generate-test-resources</phase>
-                                    <goals>
-                                        <goal>unpack</goal>
-                                    </goals>
-                                    <configuration>
-                                        <artifactItems>
-                                            <artifactItem>
-                                                <groupId>org.keycloak.testsuite</groupId>
-                                                <artifactId>integration-arquillian-server-wildfly-kc14</artifactId>
-                                                <version>${project.version}</version>
-                                                <type>zip</type>
-                                            </artifactItem>
-                                        </artifactItems>
-                                        <outputDirectory>${containers.home}</outputDirectory>
-                                        <overWriteIfNewer>true</overWriteIfNewer>
-                                    </configuration>
-                                </execution>
-                            </executions>
-                        </plugin>
                         <plugin>
                             <groupId>org.apache.maven.plugins</groupId>
                             <artifactId>maven-surefire-plugin</artifactId>
@@ -593,7 +542,7 @@
                                 <systemPropertyVariables>
                                     <migration>true</migration>
                                     <migration.kc14>true</migration.kc14>
-                                    <keycloak-1.4.0.Final.home>${keycloak-1.4.0.Final.home}</keycloak-1.4.0.Final.home>
+                                    <keycloak.migration.home>${containers.home}/keycloak-${server.version}</keycloak.migration.home>
                                 </systemPropertyVariables>
                             </configuration>
                         </plugin>
@@ -605,37 +554,12 @@
         <profile>
             <id>migration-kc13</id>
             <properties>
-                <keycloak-1.3.1.Final.home>${containers.home}/keycloak-1.3.1.Final</keycloak-1.3.1.Final.home>
+                <server.version>1.3.1.Final</server.version>
+                <server.artifactId>integration-arquillian-server-wildfly-kc13</server.artifactId>
             </properties>
             <build>
                 <pluginManagement>
                     <plugins>
-                        <plugin>
-                            <groupId>org.apache.maven.plugins</groupId>
-                            <artifactId>maven-dependency-plugin</artifactId>
-                            <version>2.10</version>
-                            <executions>
-                                <execution>
-                                    <id>unpack-previous</id>
-                                    <phase>generate-test-resources</phase>
-                                    <goals>
-                                        <goal>unpack</goal>
-                                    </goals>
-                                    <configuration>
-                                        <artifactItems>
-                                            <artifactItem>
-                                                <groupId>org.keycloak.testsuite</groupId>
-                                                <artifactId>integration-arquillian-server-wildfly-kc13</artifactId>
-                                                <version>${project.version}</version>
-                                                <type>zip</type>
-                                            </artifactItem>
-                                        </artifactItems>
-                                        <outputDirectory>${containers.home}</outputDirectory>
-                                        <overWriteIfNewer>true</overWriteIfNewer>
-                                    </configuration>
-                                </execution>
-                            </executions>
-                        </plugin>
                         <plugin>
                             <groupId>org.apache.maven.plugins</groupId>
                             <artifactId>maven-surefire-plugin</artifactId>
@@ -643,7 +567,7 @@
                                 <systemPropertyVariables>
                                     <migration>true</migration>
                                     <migration.kc13>true</migration.kc13>
-                                    <keycloak-1.3.1.Final.home>${keycloak-1.3.1.Final.home}</keycloak-1.3.1.Final.home>
+                                    <keycloak.migration.home>${containers.home}/keycloak-${server.version}</keycloak.migration.home>
                                 </systemPropertyVariables>
                             </configuration>
                         </plugin>
@@ -655,37 +579,12 @@
         <profile>
             <id>migration-kc12</id>
             <properties>
-                <keycloak-1.2.0.Final.home>${containers.home}/keycloak-1.2.0.Final</keycloak-1.2.0.Final.home>
+                <server.version>1.2.0.Final</server.version>
+                <server.artifactId>integration-arquillian-server-wildfly-kc12</server.artifactId>
             </properties>
             <build>
                 <pluginManagement>
                     <plugins>
-                        <plugin>
-                            <groupId>org.apache.maven.plugins</groupId>
-                            <artifactId>maven-dependency-plugin</artifactId>
-                            <version>2.10</version>
-                            <executions>
-                                <execution>
-                                    <id>unpack-previous</id>
-                                    <phase>generate-test-resources</phase>
-                                    <goals>
-                                        <goal>unpack</goal>
-                                    </goals>
-                                    <configuration>
-                                        <artifactItems>
-                                            <artifactItem>
-                                                <groupId>org.keycloak.testsuite</groupId>
-                                                <artifactId>integration-arquillian-server-wildfly-kc12</artifactId>
-                                                <version>${project.version}</version>
-                                                <type>zip</type>
-                                            </artifactItem>
-                                        </artifactItems>
-                                        <outputDirectory>${containers.home}</outputDirectory>
-                                        <overWriteIfNewer>true</overWriteIfNewer>
-                                    </configuration>
-                                </execution>
-                            </executions>
-                        </plugin>
                         <plugin>
                             <groupId>org.apache.maven.plugins</groupId>
                             <artifactId>maven-surefire-plugin</artifactId>
@@ -693,7 +592,7 @@
                                 <systemPropertyVariables>
                                     <migration>true</migration>
                                     <migration.kc12>true</migration.kc12>
-                                    <keycloak-1.2.0.Final.home>${keycloak-1.2.0.Final.home}</keycloak-1.2.0.Final.home>
+                                    <keycloak.migration.home>${containers.home}/keycloak-${server.version}</keycloak.migration.home>
                                 </systemPropertyVariables>
                             </configuration>
                         </plugin>

From 52804da4970e4a45b0d4636a3841a892b7425c01 Mon Sep 17 00:00:00 2001
From: vramik <vramik@localhost.localdomain>
Date: Thu, 29 Oct 2015 11:36:29 +0100
Subject: [PATCH 23/34] arquillian testsuite: improve log messages for
 migration test

---
 .../testsuite/arquillian/ContainersTestEnricher.java        | 6 +++---
 .../org/keycloak/testsuite/migration/MigrationTest.java     | 3 ++-
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/ContainersTestEnricher.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/ContainersTestEnricher.java
index 01d8efd7a23..67271089d41 100644
--- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/ContainersTestEnricher.java
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/ContainersTestEnricher.java
@@ -93,7 +93,7 @@ public class ContainersTestEnricher {
     public void startSuiteContainers(@Observes(precedence = 1) StartSuiteContainers event) {
         init();
         if (migrationTests) {
-            log.info("\n\n### Starting keycloak with previous version ###\n");
+            log.info("\n\n### Starting keycloak " + System.getProperty("version", "- previous") + " ###\n");
         }
     }
 
@@ -109,9 +109,9 @@ public class ContainersTestEnricher {
         }
 
         if (migrationTests && !alreadyStopped) {
-            log.info("\n\n### Stopping keycloak with previous version ###\n");
+            log.info("\n\n### Stopping keycloak " + System.getProperty("version", "- previous") + " ###\n");
             stopSuiteContainers.fire(new StopSuiteContainers());
-            log.info("\n\n### Starting keycloak with current version ###\n");
+            log.info("\n\n### Starting keycloak current version ###\n");
         }
         alreadyStopped = true;
     }
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java
index 3fd1b7c1358..6e7e2c89122 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java
@@ -21,6 +21,7 @@
  */
 package org.keycloak.testsuite.migration;
 
+import org.junit.Assert;
 import org.junit.Test;
 import org.keycloak.representations.idm.RealmRepresentation;
 import org.keycloak.testsuite.AbstractAuthTest;
@@ -38,7 +39,7 @@ public class MigrationTest extends AbstractAuthTest {
             System.out.println(realm.getRealm());
         }
         
-        throw new RuntimeException("TODO");
+        Assert.fail("TODO");
     }
 
 }

From 0392ebab32e949925269263e40578d91eed8d9fe Mon Sep 17 00:00:00 2001
From: vramik <vramik@localhost.localdomain>
Date: Thu, 29 Oct 2015 12:22:33 +0100
Subject: [PATCH 24/34] arquillian testsuite: remove adding test realm in
 migration scenario

---
 .../keycloak/testsuite/migration/MigrationTest.java    | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java
index 6e7e2c89122..f84e1db3fcd 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java
@@ -21,16 +21,17 @@
  */
 package org.keycloak.testsuite.migration;
 
+import java.util.List;
 import org.junit.Assert;
 import org.junit.Test;
 import org.keycloak.representations.idm.RealmRepresentation;
-import org.keycloak.testsuite.AbstractAuthTest;
+import org.keycloak.testsuite.AbstractKeycloakTest;
 import org.keycloak.testsuite.arquillian.migration.Migration;
 
 /**
  * @author <a href="mailto:vramik@redhat.com">Vlastislav Ramik</a>
  */
-public class MigrationTest extends AbstractAuthTest {
+public class MigrationTest extends AbstractKeycloakTest {
     
     @Test
     @Migration(versionFrom = "1.6.0.Final")
@@ -42,4 +43,9 @@ public class MigrationTest extends AbstractAuthTest {
         Assert.fail("TODO");
     }
 
+    @Override
+    public void addTestRealms(List<RealmRepresentation> testRealms) {
+        log.info("Adding no test realms for migration test. Test realm should be migrated from previous vesrion.");
+    }
+
 }

From 03acad9b9d62e91731e1403d80bf937005a7e3c9 Mon Sep 17 00:00:00 2001
From: vramik <vramik@localhost.localdomain>
Date: Thu, 29 Oct 2015 13:41:38 +0100
Subject: [PATCH 25/34] arquillian testsuite: increased startup timeout for
 containers

---
 testsuite/integration-arquillian/tests/pom.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/testsuite/integration-arquillian/tests/pom.xml b/testsuite/integration-arquillian/tests/pom.xml
index 2a4b2a8dff2..fd4f8d4afdc 100644
--- a/testsuite/integration-arquillian/tests/pom.xml
+++ b/testsuite/integration-arquillian/tests/pom.xml
@@ -358,7 +358,7 @@
             <properties>
                 <auth.server.container>auth-server-wildfly</auth.server.container>
                 <auth.server.wildfly.home>${containers.home}/keycloak-${project.version}</auth.server.wildfly.home>
-                <startup.timeout.sec>150</startup.timeout.sec>
+                <startup.timeout.sec>300</startup.timeout.sec>
                 <adapter.test.props/>
             </properties>
             <dependencies>
@@ -417,7 +417,7 @@
             <properties>
                 <auth.server.container>auth-server-eap6</auth.server.container>
                 <auth.server.eap6.home>${containers.home}/keycloak-${project.version}</auth.server.eap6.home>
-                <startup.timeout.sec>150</startup.timeout.sec>
+                <startup.timeout.sec>300</startup.timeout.sec>
                 <adapter.test.props/>
             </properties>
             <dependencies>

From 515f049ce600108c271c57b646160dc2f2d3a5eb Mon Sep 17 00:00:00 2001
From: vramik <vramik@localhost.localdomain>
Date: Thu, 29 Oct 2015 14:27:23 +0100
Subject: [PATCH 26/34] arquillian testsuite, migration test: update version
 from 1.6.0.Final to 1.6.1.Final

---
 .../servers/migration/wildfly_kc16/pom.xml           |  4 ++--
 .../keycloak/testsuite/migration/MigrationTest.java  | 12 ++++++------
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/testsuite/integration-arquillian/servers/migration/wildfly_kc16/pom.xml b/testsuite/integration-arquillian/servers/migration/wildfly_kc16/pom.xml
index 1e8961d6df7..5e27a3a81ab 100644
--- a/testsuite/integration-arquillian/servers/migration/wildfly_kc16/pom.xml
+++ b/testsuite/integration-arquillian/servers/migration/wildfly_kc16/pom.xml
@@ -10,10 +10,10 @@
 
     <artifactId>integration-arquillian-server-wildfly-kc16</artifactId>
     <packaging>pom</packaging>
-    <name>Keycloak 1.6.0.Final on Wildfly</name>
+    <name>Keycloak 1.6.1.Final on Wildfly</name>
     
     <properties>
-        <server.version>1.6.0.Final</server.version>
+        <server.version>1.6.1.Final</server.version>
         <keycloak.server.home>${project.build.directory}/unpacked/keycloak-${server.version}</keycloak.server.home>
         <jdbc.mvn.driver.deployment.dir>${keycloak.server.home}/modules/system/layers/base/com/${jdbc.mvn.artifactId}/main</jdbc.mvn.driver.deployment.dir>
     </properties>
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java
index f84e1db3fcd..b3776c3c77a 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java
@@ -33,8 +33,13 @@ import org.keycloak.testsuite.arquillian.migration.Migration;
  */
 public class MigrationTest extends AbstractKeycloakTest {
     
+    @Override
+    public void addTestRealms(List<RealmRepresentation> testRealms) {
+        log.info("Adding no test realms for migration test. Test realm should be migrated from previous vesrion.");
+    }
+    
     @Test
-    @Migration(versionFrom = "1.6.0.Final")
+    @Migration(versionFrom = "1.6.1.Final")
     public void migration16Test() {
         for (RealmRepresentation realm : adminClient.realms().findAll()) {
             System.out.println(realm.getRealm());
@@ -43,9 +48,4 @@ public class MigrationTest extends AbstractKeycloakTest {
         Assert.fail("TODO");
     }
 
-    @Override
-    public void addTestRealms(List<RealmRepresentation> testRealms) {
-        log.info("Adding no test realms for migration test. Test realm should be migrated from previous vesrion.");
-    }
-
 }

From 2c3958ce27c46a2b0eedeadc2d57db7684d1c651 Mon Sep 17 00:00:00 2001
From: vramik <vramik@localhost.localdomain>
Date: Thu, 29 Oct 2015 14:43:23 +0100
Subject: [PATCH 27/34] arquillian testsuite, migration test: update test realm
 to 1.6.1.Final

---
 .../migration-test/migration-realm-16.json    | 734 +++++++++---------
 1 file changed, 367 insertions(+), 367 deletions(-)

diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/migration-test/migration-realm-16.json b/testsuite/integration-arquillian/tests/base/src/test/resources/migration-test/migration-realm-16.json
index 4b7e19575b2..3719d043f0e 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/resources/migration-test/migration-realm-16.json
+++ b/testsuite/integration-arquillian/tests/base/src/test/resources/migration-test/migration-realm-16.json
@@ -25,13 +25,13 @@
   "quickLoginCheckMilliSeconds" : 1000,
   "maxDeltaTimeSeconds" : 43200,
   "failureFactor" : 30,
-  "privateKey" : "MIIEogIBAAKCAQEArQLywI66vQOLm7qtYOTgyZAiKegCPnLM89Rb6ta4aktJ2eOc46yMXe7q6Cu0TiItABjeur3YMqYpWRLdUTBFkh5ZIQINtihiB57bCO7FCQB008a0yJLePyfljfRJ6l1MHyLGOGhPH8FNtw2urGpD+J59aApDzKercCFrdOz4A8sGT2NP+q8Bb/BJOb6XgkE/b9e3G4nvlxSVSxXKNgA+XOYGeLRuDzDp391F/rx5Nm/utCrKTakP5YC2jFNccv9XXMr/S6GIAb7Z1B7QZaP+snrIa06mF6LO+KsHRb1EYYIt/2jMw/buz/HxwIq43/bJMvI2GqFZKxRIT3X5KEzaeQIDAQABAoIBAGv43w6VBK1ZPRNfGTzTGgYw0WFdzaizdHznFsYkYsrTWa+FgTAFS0SECk4CmG/6nCLnYnkgaYCSelOAlmZIveJG1lDnOy9nXGZtGT0l5gmMI1zXMZPLNLAtcfF5d3ev6gW0aghh8J9cv+dxvoUTfH/4SUNYxJ9ANJmyAaHjEZUrY6JyiLqCo1y+iYyYRmmhYbj6qU6ld1mOVvWOF4ZFWKJ1ZCxWf9cUMpzphBQVqrBOW/OqOv6F7MotwBrRW8K/rnIq7sfO//+6RXMMmdCSseprBHWKC6NkS822lPSA3Co0j6TwL54cOrw7W7iEzY9WanyHQNiBnTyPqGmIXGwBnAECgYEA5FTYZTb2yLSo41LBPbvH2aRje+/yEESPTz+O60y6T3ZED8yzoGfyJd3OBkuNKEwFCztM0sZdyRvSJKXxyWCW+RwZ8JHRtYr476DGO6e/ZqW4IQuLGTwsExvbZGuYotrF1Eeyhy3TtEkkDuEsK5wwW+OMUkGcJpoEN8DGlROcJqECgYEAwfoA2E5TnM6YZwJktVKOQdoyvvSFLrhCUoOSNKJwYJGSBhVqdP0SFvKWCkL8DHP8zPn+GOw2DLokrby2Ac72XmQvXJKeRpeOk5C+uancRCUdfm+Fc6+5ownjH32LzYvwVw3qEbidM7a2GgdzJNxmGXgL8x8h9ClhWkhtaDWmnNkCgYBA2QwAawTZ6d1Req5hTxSqbnLGv1X7Ys1kz4NStp7vdIJODnAxrXPrZzxdM1XqzPRdxUDDWA1I0br0J6Es9V7Lbzy6w19Q9SBQRlQmmzTT/Vr3H6UozJsj7jR4J8rY7dNjv90nYU+QE3nHNBJsbFabslum/PVRTUrHXtvHeSNPIQKBgFhI9QF+BMglr2+Sw0tTm7OVH+uRVtyAuI7dmzmhhQwutQtXy/AbDpSrLGbXPehdEf4o+eFWAPOh9PeuIBiKnc8wQe4cPTVb3WSESIowKTRKwDW/hDm3DQKLiXfXqD2RJ343swUFxWa4DgGiymFIfp+w559r2ARMoSZ6OHFpmb9hAoGAKd4lA9rz7YRbL0S2dFjbZ2BLVZpjb8rvR1VQQuCGYxqlLkWlrSeiuhkqMyaUtL0PRuEcXrcobHV/IXrYq2WoWItmVCnWq2Wx7pmEa4HYJhhmIQXAthU0USWY77zEagpeTB+VPV8CpwLEsKQqhQeNkepxEI9fMYEYpwUo6bzDyeA=",
-  "publicKey" : "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQLywI66vQOLm7qtYOTgyZAiKegCPnLM89Rb6ta4aktJ2eOc46yMXe7q6Cu0TiItABjeur3YMqYpWRLdUTBFkh5ZIQINtihiB57bCO7FCQB008a0yJLePyfljfRJ6l1MHyLGOGhPH8FNtw2urGpD+J59aApDzKercCFrdOz4A8sGT2NP+q8Bb/BJOb6XgkE/b9e3G4nvlxSVSxXKNgA+XOYGeLRuDzDp391F/rx5Nm/utCrKTakP5YC2jFNccv9XXMr/S6GIAb7Z1B7QZaP+snrIa06mF6LO+KsHRb1EYYIt/2jMw/buz/HxwIq43/bJMvI2GqFZKxRIT3X5KEzaeQIDAQAB",
-  "certificate" : "MIICoTCCAYkCBgFQjuc8LjANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDDAlNaWdyYXRpb24wHhcNMTUxMDIyMDkzMzUwWhcNMjUxMDIyMDkzNTMwWjAUMRIwEAYDVQQDDAlNaWdyYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtAvLAjrq9A4ubuq1g5ODJkCIp6AI+cszz1Fvq1rhqS0nZ45zjrIxd7uroK7ROIi0AGN66vdgypilZEt1RMEWSHlkhAg22KGIHntsI7sUJAHTTxrTIkt4/J+WN9EnqXUwfIsY4aE8fwU23Da6sakP4nn1oCkPMp6twIWt07PgDywZPY0/6rwFv8Ek5vpeCQT9v17cbie+XFJVLFco2AD5c5gZ4tG4PMOnf3UX+vHk2b+60KspNqQ/lgLaMU1xy/1dcyv9LoYgBvtnUHtBlo/6yeshrTqYXos74qwdFvURhgi3/aMzD9u7P8fHAirjf9sky8jYaoVkrFEhPdfkoTNp5AgMBAAEwDQYJKoZIhvcNAQELBQADggEBAE6l3lMPlWPOgE6TFj/fJvCa5OH3exKdvN1mofiq3VmNRoxyPWcehezS0SvKjWvF79QXMHLidH4Wr8IDrc8JS5YrCy1GVwGcJecwZpoMgqeaJ0UcfWgDz6+n+uaXZ49kNZH0CD1zoxHc1A49AlGQMO4jd517lfwjyuKl1DbWymmplvOmE8PKGaDTMyohwJlvoZbAs3BNhHss5IIyfGESyYYG98tRfKdIvddZOBfTp1rbXzr8oE+bgJKlGuX+oun67jfdNuYC+2f7bzTkqeSF215T6aA0j1oAxEIlmBBsIiiGEre2Xk3Lr+/itNKBZPJv92GbTmcNq/EpLhvEMz0s84o=",
-  "codeSecret" : "5a609b38-3b83-482b-b2f1-d0289f21b6a2",
+  "privateKey" : "MIIEowIBAAKCAQEAg/XlZqOYbYHyzHjWKwCD35JKloSyBBaIQgQbUjmWSBLw6xyNLSSvI45lmhoxcJTjxeZ+LKudfcoDVcLah1kYmTiS5YtNROeqmdWTkekdsAW8PYQJ0ScpatJ3jQ6xpe2E/AQWel5h6HI07O/r1mc3JDCXSe5zKdV9C0aGZpQSU2jWkVmP1cc2EZg5bVD1v057CUpKAX3qkloXpRedq6tMgwRSurhgnWDt93xWcv/+zz1Rw400batHmAm8Xa792jfZhSjvxtv9Q83Eb9jqi+c3BnxC3hucUDc6ivm8UgKYha054IOVbG8wDtmhZF8LlvLpjPk9iHuygS0zRnRuCo1+pQIDAQABAoIBACx5B8oSooFthS2CH/O4JbmIbRjTOceE7IELL0YD4HED6SvjoHSxY1EhYX6RC05871K3/pgBcn99QKh7lfh9f3vMBD3WN8FcLjPQNf67yOSU2j8FK+XQQ/YbXm0soZRhOytQGV8+RdL4AnxD04CboorQ0Xv6H9feelj9eLhDePWg5qEGHZJA6zGYiOUBALAL+SXoL59LWWLEM48TQWM0yGCA3mQM0iWCclbLNM1ls5gwMxSDdJeKC/3qlB6egGqPtXCEJdQXYqt3do8UUnxdQEkRGlJx14cSoH7fmZyZjLsEBcQT5uoAHI7/NMVN1DoFgwMTsq/MAATh3ngHqSl6J2ECgYEA3Ati3EaI0Vb8KzdjwZVgk9/KKnGLcswOl+cfU+lL9Vv5W4lVht3zvNAO8mUjtTSpjCF7LlY2lD9JEsv4cA9T3v2L7ZjkBiD6S/YYnEZYGAOjJb+LniRLqSVgN3beUgSiG/zzwuJm92J3dIcqMIPi4gdLMJ7KAv9qgbOddAy4b3kCgYEAmYXlqAu+Vgyjj3wzfgeXKzYkUfbEXUzsdugpW2gCvKi2/lJwmzORfsvSL88CxKZvzbEb1AJOrW+aPUbO0vPWo07ztphPKed+Gydp2G837f24eGZpBpxG6ATIa5MjtCHgX5guTMA3sJCFyLdMacRmlkmZEwbk7e9QxCp9HOmFoY0CgYB5u1LVya+nIBghUGM/lQP4yrVtBaO/vmPUZWhPY6FB+7/XhAJsuh09N10NfCZk+N1TSLJ8z/UhzmD+pRir5c7gbiQbLZn4SgYuP9cdnUze/CQlnfH/atTwnly8UmZruWR1V1sDVXzhHvg23w/YBx5dLOvL2gyn2+VwG43fxanDAQKBgFpFqWzOuvTOKb7NQVnyDKmUBHdNqtlRyhmBGhBtcG6OpkuVHjGkeQEdyFHkX7RSSZuhcMORN8IzxXYSlLrmNmeAnT3ZAXOac0R0QIDLpQ+ECVyCm28PpYH4jgDzXCMnaE/NpCvtOtHPqVsErSHkIo5saF4Px71A4zT15uuBRNphAoGBAMXV0eqeZOr/iHGIie3Ol0atZuB9b/BgLJBTFsCbFoVLdMAah4i2MXDm3vOUWlPf2VFL1LcKXYQ1GZ79We5LqG5w1CLA5WNt93U3yyl3/V5w02My5dVhz9BD4kWhZcvih+uVuHBxeI8Q8AvU63qqT4punQW4SSAHC+9e3U62aNc+",
+  "publicKey" : "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/XlZqOYbYHyzHjWKwCD35JKloSyBBaIQgQbUjmWSBLw6xyNLSSvI45lmhoxcJTjxeZ+LKudfcoDVcLah1kYmTiS5YtNROeqmdWTkekdsAW8PYQJ0ScpatJ3jQ6xpe2E/AQWel5h6HI07O/r1mc3JDCXSe5zKdV9C0aGZpQSU2jWkVmP1cc2EZg5bVD1v057CUpKAX3qkloXpRedq6tMgwRSurhgnWDt93xWcv/+zz1Rw400batHmAm8Xa792jfZhSjvxtv9Q83Eb9jqi+c3BnxC3hucUDc6ivm8UgKYha054IOVbG8wDtmhZF8LlvLpjPk9iHuygS0zRnRuCo1+pQIDAQAB",
+  "certificate" : "MIICoTCCAYkCBgFQs9TiPDANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDDAlNaWdyYXRpb24wHhcNMTUxMDI5MTMzOTQ0WhcNMjUxMDI5MTM0MTI0WjAUMRIwEAYDVQQDDAlNaWdyYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCD9eVmo5htgfLMeNYrAIPfkkqWhLIEFohCBBtSOZZIEvDrHI0tJK8jjmWaGjFwlOPF5n4sq519ygNVwtqHWRiZOJLli01E56qZ1ZOR6R2wBbw9hAnRJylq0neNDrGl7YT8BBZ6XmHocjTs7+vWZzckMJdJ7nMp1X0LRoZmlBJTaNaRWY/VxzYRmDltUPW/TnsJSkoBfeqSWhelF52rq0yDBFK6uGCdYO33fFZy//7PPVHDjTRtq0eYCbxdrv3aN9mFKO/G2/1DzcRv2OqL5zcGfELeG5xQNzqK+bxSApiFrTngg5VsbzAO2aFkXwuW8umM+T2Ie7KBLTNGdG4KjX6lAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIOonQw/DIwSDU2oFyoaZ7VfFcT6Uh3QXfLB4ZYDek4m6Y8onrtqzuGo2Z2tcokV9PPkBAQtefSxIqx4COC9OeDBy1DeY04AkpprywLuOzCL/OBCV9QwiMkuBYYC5JJCIyTuo3qYxkuDA/iwDdH7vNDGohE6TDYmrC3Yp3lsLaHZ1lG52Df3qL8wo3/PdwzCOmyRGfm3vscTY+PqVCYcfxg9nPkoU3FwUJDAshjMxRw7/aafG8OmQ2EeYH4HV/FsULFrwoVF0Up8TkqAhmdJJ+vaGqaHHXQyiIPTMCdrkE58jAvtpbX0XCEDiNXT9qORhmjKP8Xq13XOQTfI5DRo8Qc=",
+  "codeSecret" : "56227bc5-edb9-419c-a019-d61a7c6ffb74",
   "roles" : {
     "realm" : [ {
-      "id" : "748f1d8c-5f0a-4bce-a3b1-096360252e3f",
+      "id" : "c4aae789-de76-4130-a06b-a28113ada698",
       "name" : "offline_access",
       "description" : "${role_offline-access}",
       "scopeParamRequired" : true,
@@ -39,105 +39,105 @@
     } ],
     "client" : {
       "realm-management" : [ {
-        "id" : "9b4e8326-cc09-4d3d-ac48-f4b9576c9da2",
-        "name" : "manage-realm",
-        "description" : "${role_manage-realm}",
-        "scopeParamRequired" : false,
-        "composite" : false
-      }, {
-        "id" : "2283a92b-dcc3-4c6e-be62-140d27500115",
-        "name" : "view-realm",
-        "description" : "${role_view-realm}",
-        "scopeParamRequired" : false,
-        "composite" : false
-      }, {
-        "id" : "5a6653ea-91a9-4c15-9f6f-ed84970afd78",
-        "name" : "manage-events",
-        "description" : "${role_manage-events}",
-        "scopeParamRequired" : false,
-        "composite" : false
-      }, {
-        "id" : "61b3467d-d0db-4fa2-9241-17096961744d",
-        "name" : "manage-users",
-        "description" : "${role_manage-users}",
-        "scopeParamRequired" : false,
-        "composite" : false
-      }, {
-        "id" : "52741497-a533-4d23-b989-0054b961c8b2",
-        "name" : "impersonation",
-        "description" : "${role_impersonation}",
-        "scopeParamRequired" : false,
-        "composite" : false
-      }, {
-        "id" : "0744e5e8-ce96-4dbb-9eca-a3a1cb3a5903",
+        "id" : "22345bd8-afee-44c3-9958-a134e729aaa7",
         "name" : "view-identity-providers",
         "description" : "${role_view-identity-providers}",
         "scopeParamRequired" : false,
         "composite" : false
       }, {
-        "id" : "d1877efa-4bdd-4378-923a-fd1f8bd6ce71",
-        "name" : "manage-clients",
-        "description" : "${role_manage-clients}",
+        "id" : "6c6bb910-a769-4e92-b009-db4b9ab32c67",
+        "name" : "manage-events",
+        "description" : "${role_manage-events}",
         "scopeParamRequired" : false,
         "composite" : false
       }, {
-        "id" : "c0041a9a-38d2-41a7-a886-f47dcec2f49b",
+        "id" : "5327bf34-5a16-4f36-bb15-100a25aac33e",
+        "name" : "view-realm",
+        "description" : "${role_view-realm}",
+        "scopeParamRequired" : false,
+        "composite" : false
+      }, {
+        "id" : "3c52d428-e3e5-40b3-92d4-ab6195b7dce5",
+        "name" : "create-client",
+        "description" : "${role_create-client}",
+        "scopeParamRequired" : false,
+        "composite" : false
+      }, {
+        "id" : "9999e081-5321-4c19-a8ac-27cea3bbde3a",
+        "name" : "impersonation",
+        "description" : "${role_impersonation}",
+        "scopeParamRequired" : false,
+        "composite" : false
+      }, {
+        "id" : "7c857cf1-b66e-4935-8749-580062d4719a",
         "name" : "manage-identity-providers",
         "description" : "${role_manage-identity-providers}",
         "scopeParamRequired" : false,
         "composite" : false
       }, {
-        "id" : "e4fbf986-956b-4b6e-ba9a-0c2a604c5f0a",
+        "id" : "549d2e65-d347-4221-bde0-65fff6580fc2",
+        "name" : "view-events",
+        "description" : "${role_view-events}",
+        "scopeParamRequired" : false,
+        "composite" : false
+      }, {
+        "id" : "aa1676b8-a92a-4c99-b266-54858129942d",
+        "name" : "view-users",
+        "description" : "${role_view-users}",
+        "scopeParamRequired" : false,
+        "composite" : false
+      }, {
+        "id" : "6c9a78fa-0e37-48bf-a9b5-2062312b0f33",
+        "name" : "manage-clients",
+        "description" : "${role_manage-clients}",
+        "scopeParamRequired" : false,
+        "composite" : false
+      }, {
+        "id" : "d38072d6-66fe-4102-8d4d-b5e8e2721e43",
+        "name" : "manage-realm",
+        "description" : "${role_manage-realm}",
+        "scopeParamRequired" : false,
+        "composite" : false
+      }, {
+        "id" : "a85da016-830e-42dd-8318-3cc8c28d3382",
+        "name" : "manage-users",
+        "description" : "${role_manage-users}",
+        "scopeParamRequired" : false,
+        "composite" : false
+      }, {
+        "id" : "0ab22444-1235-4391-ac10-571b33065177",
         "name" : "realm-admin",
         "description" : "${role_realm-admin}",
         "scopeParamRequired" : false,
         "composite" : true,
         "composites" : {
           "client" : {
-            "realm-management" : [ "view-clients", "manage-realm", "view-realm", "manage-events", "view-events", "manage-users", "impersonation", "view-users", "view-identity-providers", "manage-clients", "create-client", "manage-identity-providers" ]
+            "realm-management" : [ "view-identity-providers", "manage-clients", "manage-events", "view-realm", "manage-realm", "manage-users", "create-client", "impersonation", "view-events", "manage-identity-providers", "view-clients", "view-users" ]
           }
         }
       }, {
-        "id" : "c2786492-d49c-4893-807b-274b4eb6ec54",
+        "id" : "442fcc9e-46af-495a-9cdf-64d32dabc808",
         "name" : "view-clients",
         "description" : "${role_view-clients}",
         "scopeParamRequired" : false,
         "composite" : false
-      }, {
-        "id" : "fa92320c-3f12-44b3-b61f-3c5dacec755c",
-        "name" : "view-events",
-        "description" : "${role_view-events}",
-        "scopeParamRequired" : false,
-        "composite" : false
-      }, {
-        "id" : "033e98f0-21a1-44c8-a71d-03be8126c615",
-        "name" : "view-users",
-        "description" : "${role_view-users}",
-        "scopeParamRequired" : false,
-        "composite" : false
-      }, {
-        "id" : "c33f11a9-c82a-4218-a29f-a57c89d094b7",
-        "name" : "create-client",
-        "description" : "${role_create-client}",
-        "scopeParamRequired" : false,
-        "composite" : false
       } ],
       "security-admin-console" : [ ],
       "broker" : [ {
-        "id" : "e57662f2-0206-4103-bfba-db54433d53f7",
+        "id" : "8d46836e-eb6c-4cf5-97fe-8b1b24a69e10",
         "name" : "read-token",
         "description" : "${role_read-token}",
         "scopeParamRequired" : false,
         "composite" : false
       } ],
       "account" : [ {
-        "id" : "b15e3ee9-033e-48d1-b9b0-267afa93f3c9",
+        "id" : "40799d46-6574-4d45-a157-33cc15e3e2f1",
         "name" : "manage-account",
         "description" : "${role_manage-account}",
         "scopeParamRequired" : false,
         "composite" : false
       }, {
-        "id" : "686afa3d-4a43-43f1-9b17-b92d152944d2",
+        "id" : "d6056197-e9a3-4922-8b1b-ce6e99a71a43",
         "name" : "view-profile",
         "description" : "${role_view-profile}",
         "scopeParamRequired" : false,
@@ -160,13 +160,13 @@
     } ]
   },
   "clients" : [ {
-    "id" : "3793af8e-47ec-47b2-ac31-3cb813c395b8",
+    "id" : "cdf6e789-79b9-41ad-b4a3-f02abd2aeab6",
     "clientId" : "realm-management",
     "name" : "${client_realm-management}",
     "surrogateAuthRequired" : false,
     "enabled" : true,
     "clientAuthenticatorType" : "client-secret",
-    "secret" : "1d5f503f-dc13-45e3-8b4f-e541743f7291",
+    "secret" : "c51e802e-e33b-431e-8e74-c2ebd4ba6abf",
     "redirectUris" : [ ],
     "webOrigins" : [ ],
     "notBefore" : 0,
@@ -180,35 +180,7 @@
     "fullScopeAllowed" : false,
     "nodeReRegistrationTimeout" : 0,
     "protocolMappers" : [ {
-      "id" : "f232fbdf-b7fb-4b1d-b2e9-f54e3470bc7c",
-      "name" : "family name",
-      "protocol" : "openid-connect",
-      "protocolMapper" : "oidc-usermodel-property-mapper",
-      "consentRequired" : true,
-      "consentText" : "${familyName}",
-      "config" : {
-        "user.attribute" : "lastName",
-        "id.token.claim" : "true",
-        "access.token.claim" : "true",
-        "claim.name" : "family_name",
-        "jsonType.label" : "String"
-      }
-    }, {
-      "id" : "8171f547-4738-4aeb-837e-cbfc7d0cc017",
-      "name" : "username",
-      "protocol" : "openid-connect",
-      "protocolMapper" : "oidc-usermodel-property-mapper",
-      "consentRequired" : true,
-      "consentText" : "${username}",
-      "config" : {
-        "user.attribute" : "username",
-        "id.token.claim" : "true",
-        "access.token.claim" : "true",
-        "claim.name" : "preferred_username",
-        "jsonType.label" : "String"
-      }
-    }, {
-      "id" : "d9ca8f34-270d-4f9f-a6ff-320e57689a0a",
+      "id" : "cfaff5c8-a0e3-42af-8dcd-f7ae6000a240",
       "name" : "email",
       "protocol" : "openid-connect",
       "protocolMapper" : "oidc-usermodel-property-mapper",
@@ -222,7 +194,18 @@
         "jsonType.label" : "String"
       }
     }, {
-      "id" : "a9a237e8-134d-4fc2-b41d-3b7f4023d7f8",
+      "id" : "5a68a544-0373-4cf3-9978-aed944df478f",
+      "name" : "full name",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-full-name-mapper",
+      "consentRequired" : true,
+      "consentText" : "${fullName}",
+      "config" : {
+        "id.token.claim" : "true",
+        "access.token.claim" : "true"
+      }
+    }, {
+      "id" : "41c006db-88d6-42a6-addd-8efb535f1a7d",
       "name" : "role list",
       "protocol" : "saml",
       "protocolMapper" : "saml-role-list-mapper",
@@ -233,7 +216,21 @@
         "attribute.name" : "Role"
       }
     }, {
-      "id" : "ef97b539-b493-4081-ae84-ac6ce162f24b",
+      "id" : "d6fd0e72-aa1e-417d-b28b-ec31946dc6fd",
+      "name" : "username",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${username}",
+      "config" : {
+        "user.attribute" : "username",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "preferred_username",
+        "jsonType.label" : "String"
+      }
+    }, {
+      "id" : "d8692a7a-366d-407d-abc1-a6f45742c47c",
       "name" : "given name",
       "protocol" : "openid-connect",
       "protocolMapper" : "oidc-usermodel-property-mapper",
@@ -247,26 +244,29 @@
         "jsonType.label" : "String"
       }
     }, {
-      "id" : "ea669796-f1c5-41e3-a635-f4c2cd537cf1",
-      "name" : "full name",
+      "id" : "54f4844b-aaa5-4260-b2aa-5dc446c8b978",
+      "name" : "family name",
       "protocol" : "openid-connect",
-      "protocolMapper" : "oidc-full-name-mapper",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
       "consentRequired" : true,
-      "consentText" : "${fullName}",
+      "consentText" : "${familyName}",
       "config" : {
+        "user.attribute" : "lastName",
         "id.token.claim" : "true",
-        "access.token.claim" : "true"
+        "access.token.claim" : "true",
+        "claim.name" : "family_name",
+        "jsonType.label" : "String"
       }
     } ]
   }, {
-    "id" : "1487423c-d03e-464e-aa8e-4db48c6b9977",
+    "id" : "7776fa56-ab87-4638-b42b-cc9537ab2fc2",
     "clientId" : "security-admin-console",
     "name" : "${client_security-admin-console}",
     "baseUrl" : "/auth/admin/Migration/console/index.html",
     "surrogateAuthRequired" : false,
     "enabled" : true,
     "clientAuthenticatorType" : "client-secret",
-    "secret" : "799f2249-0b27-4d8d-8bff-c8ed8ee98fcf",
+    "secret" : "5e0673fa-921d-4415-9d92-3a4197d87e46",
     "redirectUris" : [ "/auth/admin/Migration/console/*" ],
     "webOrigins" : [ ],
     "notBefore" : 0,
@@ -280,35 +280,7 @@
     "fullScopeAllowed" : false,
     "nodeReRegistrationTimeout" : 0,
     "protocolMappers" : [ {
-      "id" : "bc58f583-70f1-47a9-b64c-edd91e34a9d2",
-      "name" : "family name",
-      "protocol" : "openid-connect",
-      "protocolMapper" : "oidc-usermodel-property-mapper",
-      "consentRequired" : true,
-      "consentText" : "${familyName}",
-      "config" : {
-        "user.attribute" : "lastName",
-        "id.token.claim" : "true",
-        "access.token.claim" : "true",
-        "claim.name" : "family_name",
-        "jsonType.label" : "String"
-      }
-    }, {
-      "id" : "222cd811-48b6-4f67-a959-42ef4b5422dd",
-      "name" : "email",
-      "protocol" : "openid-connect",
-      "protocolMapper" : "oidc-usermodel-property-mapper",
-      "consentRequired" : true,
-      "consentText" : "${email}",
-      "config" : {
-        "user.attribute" : "email",
-        "id.token.claim" : "true",
-        "access.token.claim" : "true",
-        "claim.name" : "email",
-        "jsonType.label" : "String"
-      }
-    }, {
-      "id" : "4dcc8851-7f55-4ac2-a840-455789b5f012",
+      "id" : "9ed45252-c571-44fe-ac5f-b30cea378ff1",
       "name" : "locale",
       "protocol" : "openid-connect",
       "protocolMapper" : "oidc-usermodel-attribute-mapper",
@@ -322,117 +294,7 @@
         "jsonType.label" : "String"
       }
     }, {
-      "id" : "4d536574-fa9b-40a2-aed3-8fe647ea3a2b",
-      "name" : "role list",
-      "protocol" : "saml",
-      "protocolMapper" : "saml-role-list-mapper",
-      "consentRequired" : false,
-      "config" : {
-        "single" : "false",
-        "attribute.nameformat" : "Basic",
-        "attribute.name" : "Role"
-      }
-    }, {
-      "id" : "36c6275c-fc00-4511-b1f2-b0a0db25c3c7",
-      "name" : "username",
-      "protocol" : "openid-connect",
-      "protocolMapper" : "oidc-usermodel-property-mapper",
-      "consentRequired" : true,
-      "consentText" : "${username}",
-      "config" : {
-        "user.attribute" : "username",
-        "id.token.claim" : "true",
-        "access.token.claim" : "true",
-        "claim.name" : "preferred_username",
-        "jsonType.label" : "String"
-      }
-    }, {
-      "id" : "826950eb-8d2d-42ae-b2fa-df2d98cf09f8",
-      "name" : "full name",
-      "protocol" : "openid-connect",
-      "protocolMapper" : "oidc-full-name-mapper",
-      "consentRequired" : true,
-      "consentText" : "${fullName}",
-      "config" : {
-        "id.token.claim" : "true",
-        "access.token.claim" : "true"
-      }
-    }, {
-      "id" : "b50a73f8-4f50-4cd0-8fdf-a23c59103bfc",
-      "name" : "given name",
-      "protocol" : "openid-connect",
-      "protocolMapper" : "oidc-usermodel-property-mapper",
-      "consentRequired" : true,
-      "consentText" : "${givenName}",
-      "config" : {
-        "user.attribute" : "firstName",
-        "id.token.claim" : "true",
-        "access.token.claim" : "true",
-        "claim.name" : "given_name",
-        "jsonType.label" : "String"
-      }
-    } ]
-  }, {
-    "id" : "57690443-ad65-4198-ba24-73e0a9f0968c",
-    "clientId" : "broker",
-    "name" : "${client_broker}",
-    "surrogateAuthRequired" : false,
-    "enabled" : true,
-    "clientAuthenticatorType" : "client-secret",
-    "secret" : "633b0791-2877-4fba-9b99-32a793ced077",
-    "redirectUris" : [ ],
-    "webOrigins" : [ ],
-    "notBefore" : 0,
-    "bearerOnly" : false,
-    "consentRequired" : false,
-    "serviceAccountsEnabled" : false,
-    "directGrantsOnly" : false,
-    "publicClient" : false,
-    "frontchannelLogout" : false,
-    "attributes" : { },
-    "fullScopeAllowed" : false,
-    "nodeReRegistrationTimeout" : 0,
-    "protocolMappers" : [ {
-      "id" : "bdc92df4-9053-4651-9a95-4a36cc825b94",
-      "name" : "username",
-      "protocol" : "openid-connect",
-      "protocolMapper" : "oidc-usermodel-property-mapper",
-      "consentRequired" : true,
-      "consentText" : "${username}",
-      "config" : {
-        "user.attribute" : "username",
-        "id.token.claim" : "true",
-        "access.token.claim" : "true",
-        "claim.name" : "preferred_username",
-        "jsonType.label" : "String"
-      }
-    }, {
-      "id" : "7a90d6af-b6a6-4d59-82fe-7c6b6206a3a8",
-      "name" : "given name",
-      "protocol" : "openid-connect",
-      "protocolMapper" : "oidc-usermodel-property-mapper",
-      "consentRequired" : true,
-      "consentText" : "${givenName}",
-      "config" : {
-        "user.attribute" : "firstName",
-        "id.token.claim" : "true",
-        "access.token.claim" : "true",
-        "claim.name" : "given_name",
-        "jsonType.label" : "String"
-      }
-    }, {
-      "id" : "24179c32-d778-4ab9-a32c-305832e3581e",
-      "name" : "role list",
-      "protocol" : "saml",
-      "protocolMapper" : "saml-role-list-mapper",
-      "consentRequired" : false,
-      "config" : {
-        "single" : "false",
-        "attribute.nameformat" : "Basic",
-        "attribute.name" : "Role"
-      }
-    }, {
-      "id" : "30903d54-a53c-4238-9258-3aec427adc71",
+      "id" : "d1b5694e-e9e2-4d56-9019-bc658cdcded8",
       "name" : "email",
       "protocol" : "openid-connect",
       "protocolMapper" : "oidc-usermodel-property-mapper",
@@ -446,7 +308,7 @@
         "jsonType.label" : "String"
       }
     }, {
-      "id" : "2dcc7b59-4a56-4e71-a763-5853a58fb3d1",
+      "id" : "497fee7a-23b4-4345-a872-63444a8b1a27",
       "name" : "full name",
       "protocol" : "openid-connect",
       "protocolMapper" : "oidc-full-name-mapper",
@@ -457,7 +319,21 @@
         "access.token.claim" : "true"
       }
     }, {
-      "id" : "f997c17d-e6a5-4bf1-a40a-0f240fd0e3f3",
+      "id" : "57881d46-deca-421e-a4c5-e023e747f68e",
+      "name" : "username",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${username}",
+      "config" : {
+        "user.attribute" : "username",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "preferred_username",
+        "jsonType.label" : "String"
+      }
+    }, {
+      "id" : "9cfe7043-ba2b-49e2-8a1b-f1b23fcb5eb5",
       "name" : "family name",
       "protocol" : "openid-connect",
       "protocolMapper" : "oidc-usermodel-property-mapper",
@@ -470,16 +346,140 @@
         "claim.name" : "family_name",
         "jsonType.label" : "String"
       }
+    }, {
+      "id" : "c37a3c4a-8999-4111-ae2a-98954a5a8674",
+      "name" : "role list",
+      "protocol" : "saml",
+      "protocolMapper" : "saml-role-list-mapper",
+      "consentRequired" : false,
+      "config" : {
+        "single" : "false",
+        "attribute.nameformat" : "Basic",
+        "attribute.name" : "Role"
+      }
+    }, {
+      "id" : "a7917c74-f18a-43a0-a787-7afc7b45a247",
+      "name" : "given name",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${givenName}",
+      "config" : {
+        "user.attribute" : "firstName",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "given_name",
+        "jsonType.label" : "String"
+      }
     } ]
   }, {
-    "id" : "dba6eddb-ad7f-46d7-8f69-c4b56b32566e",
+    "id" : "e7faae41-f5e8-4571-b280-5bbe0d5bcb12",
+    "clientId" : "broker",
+    "name" : "${client_broker}",
+    "surrogateAuthRequired" : false,
+    "enabled" : true,
+    "clientAuthenticatorType" : "client-secret",
+    "secret" : "b2a1f1ff-5157-4240-9354-69a6deb13ccb",
+    "redirectUris" : [ ],
+    "webOrigins" : [ ],
+    "notBefore" : 0,
+    "bearerOnly" : false,
+    "consentRequired" : false,
+    "serviceAccountsEnabled" : false,
+    "directGrantsOnly" : false,
+    "publicClient" : false,
+    "frontchannelLogout" : false,
+    "attributes" : { },
+    "fullScopeAllowed" : false,
+    "nodeReRegistrationTimeout" : 0,
+    "protocolMappers" : [ {
+      "id" : "b843f1fd-da0a-4d49-b367-3fb39f11383b",
+      "name" : "family name",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${familyName}",
+      "config" : {
+        "user.attribute" : "lastName",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "family_name",
+        "jsonType.label" : "String"
+      }
+    }, {
+      "id" : "3b18c534-1e0a-474c-adf8-e9fbc33c05e8",
+      "name" : "full name",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-full-name-mapper",
+      "consentRequired" : true,
+      "consentText" : "${fullName}",
+      "config" : {
+        "id.token.claim" : "true",
+        "access.token.claim" : "true"
+      }
+    }, {
+      "id" : "b7e9db64-52f6-4aba-9437-deefab06abee",
+      "name" : "role list",
+      "protocol" : "saml",
+      "protocolMapper" : "saml-role-list-mapper",
+      "consentRequired" : false,
+      "config" : {
+        "single" : "false",
+        "attribute.nameformat" : "Basic",
+        "attribute.name" : "Role"
+      }
+    }, {
+      "id" : "2da52efa-e9d9-4b68-a296-0310059b7df2",
+      "name" : "username",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${username}",
+      "config" : {
+        "user.attribute" : "username",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "preferred_username",
+        "jsonType.label" : "String"
+      }
+    }, {
+      "id" : "2d2df25d-26d1-4e7c-a85a-c485ab2cc0fe",
+      "name" : "given name",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${givenName}",
+      "config" : {
+        "user.attribute" : "firstName",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "given_name",
+        "jsonType.label" : "String"
+      }
+    }, {
+      "id" : "d096910d-13ac-43a7-bad8-4d1bbfd34171",
+      "name" : "email",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${email}",
+      "config" : {
+        "user.attribute" : "email",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "email",
+        "jsonType.label" : "String"
+      }
+    } ]
+  }, {
+    "id" : "a2864762-7cc1-4784-a540-439e611f29ba",
     "clientId" : "account",
     "name" : "${client_account}",
     "baseUrl" : "/auth/realms/Migration/account",
     "surrogateAuthRequired" : false,
     "enabled" : true,
     "clientAuthenticatorType" : "client-secret",
-    "secret" : "6b602649-f42f-43bb-a2f0-c02043872cdc",
+    "secret" : "68cbd7a8-3b48-4751-a396-df7ab39a2fdf",
     "defaultRoles" : [ "view-profile", "manage-account" ],
     "redirectUris" : [ "/auth/realms/Migration/account/*" ],
     "webOrigins" : [ ],
@@ -494,46 +494,7 @@
     "fullScopeAllowed" : false,
     "nodeReRegistrationTimeout" : 0,
     "protocolMappers" : [ {
-      "id" : "47990dfe-a600-4301-bbfb-f41ab94b9dff",
-      "name" : "username",
-      "protocol" : "openid-connect",
-      "protocolMapper" : "oidc-usermodel-property-mapper",
-      "consentRequired" : true,
-      "consentText" : "${username}",
-      "config" : {
-        "user.attribute" : "username",
-        "id.token.claim" : "true",
-        "access.token.claim" : "true",
-        "claim.name" : "preferred_username",
-        "jsonType.label" : "String"
-      }
-    }, {
-      "id" : "8a8e1c9e-9fff-4418-8941-66a77842bce7",
-      "name" : "full name",
-      "protocol" : "openid-connect",
-      "protocolMapper" : "oidc-full-name-mapper",
-      "consentRequired" : true,
-      "consentText" : "${fullName}",
-      "config" : {
-        "id.token.claim" : "true",
-        "access.token.claim" : "true"
-      }
-    }, {
-      "id" : "581a2aef-ef7b-4a5a-95fe-f59b0c7e95a0",
-      "name" : "family name",
-      "protocol" : "openid-connect",
-      "protocolMapper" : "oidc-usermodel-property-mapper",
-      "consentRequired" : true,
-      "consentText" : "${familyName}",
-      "config" : {
-        "user.attribute" : "lastName",
-        "id.token.claim" : "true",
-        "access.token.claim" : "true",
-        "claim.name" : "family_name",
-        "jsonType.label" : "String"
-      }
-    }, {
-      "id" : "8713a65f-f602-4973-9719-6b9ae792fb39",
+      "id" : "ed2c87d0-299a-40ac-a11c-df7af41bb365",
       "name" : "email",
       "protocol" : "openid-connect",
       "protocolMapper" : "oidc-usermodel-property-mapper",
@@ -547,7 +508,7 @@
         "jsonType.label" : "String"
       }
     }, {
-      "id" : "0f49eaee-4fd2-48da-9ca3-60f33f26b101",
+      "id" : "80bc8d1f-3cb8-4362-890c-68d1a5c7263d",
       "name" : "given name",
       "protocol" : "openid-connect",
       "protocolMapper" : "oidc-usermodel-property-mapper",
@@ -561,7 +522,35 @@
         "jsonType.label" : "String"
       }
     }, {
-      "id" : "964acb2b-9e6b-42e8-8f8d-382ac32a9da8",
+      "id" : "af93478f-176d-4be4-be5d-78a65dd88717",
+      "name" : "username",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${username}",
+      "config" : {
+        "user.attribute" : "username",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "preferred_username",
+        "jsonType.label" : "String"
+      }
+    }, {
+      "id" : "b6c1704d-39fc-4b63-8f70-74561849654f",
+      "name" : "family name",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${familyName}",
+      "config" : {
+        "user.attribute" : "lastName",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "family_name",
+        "jsonType.label" : "String"
+      }
+    }, {
+      "id" : "928dbc26-41a1-4342-ba92-c230a85e830c",
       "name" : "role list",
       "protocol" : "saml",
       "protocolMapper" : "saml-role-list-mapper",
@@ -571,6 +560,17 @@
         "attribute.nameformat" : "Basic",
         "attribute.name" : "Role"
       }
+    }, {
+      "id" : "03a967ab-ed2b-402f-ae2f-10729084376c",
+      "name" : "full name",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-full-name-mapper",
+      "consentRequired" : true,
+      "consentText" : "${fullName}",
+      "config" : {
+        "id.token.claim" : "true",
+        "access.token.claim" : "true"
+      }
     } ]
   } ],
   "browserSecurityHeaders" : {
@@ -587,69 +587,6 @@
   "internationalizationEnabled" : false,
   "supportedLocales" : [ ],
   "authenticationFlows" : [ {
-    "alias" : "clients",
-    "description" : "Base authentication for clients",
-    "providerId" : "client-flow",
-    "topLevel" : true,
-    "builtIn" : true,
-    "authenticationExecutions" : [ {
-      "authenticator" : "client-secret",
-      "autheticatorFlow" : false,
-      "requirement" : "ALTERNATIVE",
-      "userSetupAllowed" : false,
-      "priority" : 10
-    }, {
-      "authenticator" : "client-jwt",
-      "autheticatorFlow" : false,
-      "requirement" : "ALTERNATIVE",
-      "userSetupAllowed" : false,
-      "priority" : 20
-    } ]
-  }, {
-    "alias" : "forms",
-    "description" : "Username, password, otp and other auth forms.",
-    "providerId" : "basic-flow",
-    "topLevel" : false,
-    "builtIn" : true,
-    "authenticationExecutions" : [ {
-      "authenticator" : "auth-username-password-form",
-      "autheticatorFlow" : false,
-      "requirement" : "REQUIRED",
-      "userSetupAllowed" : false,
-      "priority" : 10
-    }, {
-      "authenticator" : "auth-otp-form",
-      "autheticatorFlow" : false,
-      "requirement" : "OPTIONAL",
-      "userSetupAllowed" : false,
-      "priority" : 20
-    } ]
-  }, {
-    "alias" : "browser",
-    "description" : "browser based authentication",
-    "providerId" : "basic-flow",
-    "topLevel" : true,
-    "builtIn" : true,
-    "authenticationExecutions" : [ {
-      "authenticator" : "auth-cookie",
-      "autheticatorFlow" : false,
-      "requirement" : "ALTERNATIVE",
-      "userSetupAllowed" : false,
-      "priority" : 10
-    }, {
-      "authenticator" : "auth-spnego",
-      "autheticatorFlow" : false,
-      "requirement" : "DISABLED",
-      "userSetupAllowed" : false,
-      "priority" : 20
-    }, {
-      "flowAlias" : "forms",
-      "autheticatorFlow" : true,
-      "requirement" : "ALTERNATIVE",
-      "userSetupAllowed" : false,
-      "priority" : 30
-    } ]
-  }, {
     "alias" : "reset credentials",
     "description" : "Reset credentials for a user if they forgot their password or something",
     "providerId" : "basic-flow",
@@ -681,18 +618,23 @@
       "priority" : 40
     } ]
   }, {
-    "alias" : "registration",
-    "description" : "registration flow",
-    "providerId" : "basic-flow",
+    "alias" : "clients",
+    "description" : "Base authentication for clients",
+    "providerId" : "client-flow",
     "topLevel" : true,
     "builtIn" : true,
     "authenticationExecutions" : [ {
-      "authenticator" : "registration-page-form",
-      "flowAlias" : "registration form",
-      "autheticatorFlow" : true,
-      "requirement" : "REQUIRED",
+      "authenticator" : "client-secret",
+      "autheticatorFlow" : false,
+      "requirement" : "ALTERNATIVE",
       "userSetupAllowed" : false,
       "priority" : 10
+    }, {
+      "authenticator" : "client-jwt",
+      "autheticatorFlow" : false,
+      "requirement" : "ALTERNATIVE",
+      "userSetupAllowed" : false,
+      "priority" : 20
     } ]
   }, {
     "alias" : "registration form",
@@ -750,6 +692,64 @@
       "userSetupAllowed" : false,
       "priority" : 30
     } ]
+  }, {
+    "alias" : "registration",
+    "description" : "registration flow",
+    "providerId" : "basic-flow",
+    "topLevel" : true,
+    "builtIn" : true,
+    "authenticationExecutions" : [ {
+      "authenticator" : "registration-page-form",
+      "flowAlias" : "registration form",
+      "autheticatorFlow" : true,
+      "requirement" : "REQUIRED",
+      "userSetupAllowed" : false,
+      "priority" : 10
+    } ]
+  }, {
+    "alias" : "browser",
+    "description" : "browser based authentication",
+    "providerId" : "basic-flow",
+    "topLevel" : true,
+    "builtIn" : true,
+    "authenticationExecutions" : [ {
+      "authenticator" : "auth-cookie",
+      "autheticatorFlow" : false,
+      "requirement" : "ALTERNATIVE",
+      "userSetupAllowed" : false,
+      "priority" : 10
+    }, {
+      "authenticator" : "auth-spnego",
+      "autheticatorFlow" : false,
+      "requirement" : "DISABLED",
+      "userSetupAllowed" : false,
+      "priority" : 20
+    }, {
+      "flowAlias" : "forms",
+      "autheticatorFlow" : true,
+      "requirement" : "ALTERNATIVE",
+      "userSetupAllowed" : false,
+      "priority" : 30
+    } ]
+  }, {
+    "alias" : "forms",
+    "description" : "Username, password, otp and other auth forms.",
+    "providerId" : "basic-flow",
+    "topLevel" : false,
+    "builtIn" : true,
+    "authenticationExecutions" : [ {
+      "authenticator" : "auth-username-password-form",
+      "autheticatorFlow" : false,
+      "requirement" : "REQUIRED",
+      "userSetupAllowed" : false,
+      "priority" : 10
+    }, {
+      "authenticator" : "auth-otp-form",
+      "autheticatorFlow" : false,
+      "requirement" : "OPTIONAL",
+      "userSetupAllowed" : false,
+      "priority" : 20
+    } ]
   } ],
   "authenticatorConfig" : [ ],
   "requiredActions" : [ {
@@ -759,6 +759,13 @@
     "enabled" : false,
     "defaultAction" : false,
     "config" : { }
+  }, {
+    "alias" : "CONFIGURE_TOTP",
+    "name" : "Configure Totp",
+    "providerId" : "CONFIGURE_TOTP",
+    "enabled" : true,
+    "defaultAction" : false,
+    "config" : { }
   }, {
     "alias" : "UPDATE_PASSWORD",
     "name" : "Update Password",
@@ -773,13 +780,6 @@
     "enabled" : true,
     "defaultAction" : false,
     "config" : { }
-  }, {
-    "alias" : "CONFIGURE_TOTP",
-    "name" : "Configure Totp",
-    "providerId" : "CONFIGURE_TOTP",
-    "enabled" : true,
-    "defaultAction" : false,
-    "config" : { }
   }, {
     "alias" : "VERIFY_EMAIL",
     "name" : "Verify Email",

From 84da341912c375f148c5741e80256d4e1ec765df Mon Sep 17 00:00:00 2001
From: vramik <vramik@localhost.localdomain>
Date: Thu, 29 Oct 2015 14:48:05 +0100
Subject: [PATCH 28/34] arquillian testsuite, migration test: add support for
 1.5.1.Final

---
 .../base/src/test/resources/arquillian.xml    |  10 +-
 .../migration-test/migration-realm-15.json    | 751 ++++++++++++++++++
 .../integration-arquillian/tests/pom.xml      |   4 +-
 3 files changed, 763 insertions(+), 2 deletions(-)
 create mode 100644 testsuite/integration-arquillian/tests/base/src/test/resources/migration-test/migration-realm-15.json

diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml b/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml
index f8bbfc00a9c..e44efadcee4 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml
+++ b/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml
@@ -45,7 +45,15 @@
             <property name="enabled">${migration.kc15}</property>
             <property name="adapterImplClass">org.jboss.as.arquillian.container.managed.ManagedDeployableContainer</property>
             <property name="jbossHome">${keycloak.migration.homev}</property>
-            <property name="javaVmArguments">-Djboss.socket.binding.port-offset=${auth.server.port.offset} -Xms64m -Xmx512m -XX:MaxPermSize=256m</property>
+            <property name="javaVmArguments">
+                -Dkeycloak.migration.action=import 
+                -Dkeycloak.migration.provider=singleFile
+                -Dkeycloak.migration.file=${keycloak.migration.file}
+                -Dkeycloak.migration.strategy=OVERWRITE_EXISTING
+                -Dkeycloak.migration.realmName=Migration
+                -Djboss.socket.binding.port-offset=${auth.server.port.offset} 
+                -Xms64m -Xmx512m -XX:MaxPermSize=256m
+            </property>
             <property name="managementPort">${auth.server.management.port}</property>
             <property name="startupTimeoutInSeconds">${startup.timeout.sec}</property>
         </configuration>
diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/migration-test/migration-realm-15.json b/testsuite/integration-arquillian/tests/base/src/test/resources/migration-test/migration-realm-15.json
new file mode 100644
index 00000000000..86e4606f94d
--- /dev/null
+++ b/testsuite/integration-arquillian/tests/base/src/test/resources/migration-test/migration-realm-15.json
@@ -0,0 +1,751 @@
+{
+  "id" : "9c3a9824-cc8b-46f6-8922-cd576a92850f",
+  "realm" : "Migration",
+  "notBefore" : 0,
+  "accessTokenLifespan" : 300,
+  "ssoSessionIdleTimeout" : 1800,
+  "ssoSessionMaxLifespan" : 36000,
+  "accessCodeLifespan" : 60,
+  "accessCodeLifespanUserAction" : 300,
+  "accessCodeLifespanLogin" : 1800,
+  "enabled" : true,
+  "sslRequired" : "external",
+  "registrationAllowed" : false,
+  "registrationEmailAsUsername" : false,
+  "rememberMe" : false,
+  "verifyEmail" : false,
+  "resetPasswordAllowed" : false,
+  "editUsernameAllowed" : false,
+  "bruteForceProtected" : false,
+  "maxFailureWaitSeconds" : 900,
+  "minimumQuickLoginWaitSeconds" : 60,
+  "waitIncrementSeconds" : 60,
+  "quickLoginCheckMilliSeconds" : 1000,
+  "maxDeltaTimeSeconds" : 43200,
+  "failureFactor" : 30,
+  "privateKey" : "MIIEpAIBAAKCAQEA29+/bYOEg+RFlDgKjX0nv+UMkV8X06E1XvRobuQjXKOV613VJIa1F/nGabXthkM3tC7DadJ5y1tBwhF+bJzMA4w38zNfJdjEp3DRND6ypUn0SJZrSw6l3u3w+s5uemgTWUZk463Xr3HbDxtnG+4t5GuHA2Oq6O2OLniVZKbDTpgF1HxzCBQiAxi2jNJm3tMlTdN6D/nV3Rwp2T1250T3ldkM3TDK/Nlup3oOejy+qRGEmh+omuABOOJ8icCULZ5S2AbiqfojP5ZN3WEpyCqcQvsdop4IawUbTDyy9BCE2K5CCZ6ZgQaSnpJZGUy91crPJXnI4tlg5Mh88l8aSrBLsQIDAQABAoIBAA5J7SPNzzfPBuKJ/c2SG5ox5W4xEthS+qfwFDVYqB+mFeEU2PwlsPEc71MBWq1GAwG3pEVlQzr+9DgLcP7X9b4pR52LchyAiM8k2sOda3ioZLKu68wV6JujNOznq3BTASblFztgmcqyCH1j14COKvdUMZL70CiQ/5NvjK3c1IZv5d/S9B7Qhd2o/6cO51xIodE87Lc4Pghq8cQ/AJJUJokyFtjkCpTNAYxcZgyiEMNbyjrbNMMEpiuspZ50eRbi7SOKOg6mSjwuTeK0cQ57JDuMhE/iyaMwh98uqSTccqeKS672z+7QCu89ce1YZMnWtjfwKEiIcTWB71pvy2gGwgECgYEA9Afv+5Zop4j1kmZvQcdr+UpW3Ia91nNelvlkMYPMrsC24xwrGhO9Hx76VxdBFCzDuYBIyOzbPLV7kFojSKmcWB6hb/S/j6eMd46ZetycrfH5sRpJHmqJpGZiARrWTLsFRNDwi2jwEl2qt3wkq/IBvuzNt9bwbnsajgRVSVWUBtECgYEA5qh+hl1f8R6KcrUro9kSSxjmlqzSIeAYNJ0VJkr2ZjRd984xTRSnUcuVJnbfNgfmywCB9s7QGgcMrs9BejKuP1bq2hnjjA1WOvz0Dq1FRw3wqYSZWHtVO2h/QDaKIcGjQ/PyWAyrOTBaL+bzKrNO66L7CQK63A4/Gj7QivFA7uECgYEAmYW81pyDbpLdW6MR72IUbZr1Fnu2RooCQhzXiccPKAmZhTudaiRs4H1OpSe+C4E2CSfJoo5QRtstx1zNwdLixxVOHu7s7OVNm5GcwQy1jUEkAuU0huwjd8fpdCR8GX23DNod2rbEAennktOJBpuTuZekvDl+vSK5TAsx1JcAL2ECgYB7rPTKjt6Wps2NW98eZ5ILejqJp/iz+TiBXYitk5wyiPmpmYGN1vkwPnymty5QBkSVrJwC/jlO+2CtiquNHgeYJr6eWytLOQt3bZJfHED9LFhSTKr8aoT06b7xa0z9dJpaIT9cPs7AR1DURn0z9Bjo9+aqmjAfNfRX2j5vgZRTgQKBgQC7+9bt4yZ0MAxJYTMVqU/LnyjPuDrgXZJYw5ZYO6r5xF0mdovE9+lY6I8OeAUg428Zk8mxMYeqOFUHF8nVBxofHrZbXR2eJxJLRO8f2GPRFYanA9MNe1Jc0WV5bi1gF+ifC0j//W1kGxCHJX1OeMSV/h8r3OaIHEwuu30ZLHFxRg==",
+  "publicKey" : "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29+/bYOEg+RFlDgKjX0nv+UMkV8X06E1XvRobuQjXKOV613VJIa1F/nGabXthkM3tC7DadJ5y1tBwhF+bJzMA4w38zNfJdjEp3DRND6ypUn0SJZrSw6l3u3w+s5uemgTWUZk463Xr3HbDxtnG+4t5GuHA2Oq6O2OLniVZKbDTpgF1HxzCBQiAxi2jNJm3tMlTdN6D/nV3Rwp2T1250T3ldkM3TDK/Nlup3oOejy+qRGEmh+omuABOOJ8icCULZ5S2AbiqfojP5ZN3WEpyCqcQvsdop4IawUbTDyy9BCE2K5CCZ6ZgQaSnpJZGUy91crPJXnI4tlg5Mh88l8aSrBLsQIDAQAB",
+  "certificate" : "MIICoTCCAYkCBgFQs81zNDANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDDAlNaWdyYXRpb24wHhcNMTUxMDI5MTMzMTM3WhcNMjUxMDI5MTMzMzE3WjAUMRIwEAYDVQQDDAlNaWdyYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDb379tg4SD5EWUOAqNfSe/5QyRXxfToTVe9Ghu5CNco5XrXdUkhrUX+cZpte2GQze0LsNp0nnLW0HCEX5snMwDjDfzM18l2MSncNE0PrKlSfRIlmtLDqXe7fD6zm56aBNZRmTjrdevcdsPG2cb7i3ka4cDY6ro7Y4ueJVkpsNOmAXUfHMIFCIDGLaM0mbe0yVN03oP+dXdHCnZPXbnRPeV2QzdMMr82W6neg56PL6pEYSaH6ia4AE44nyJwJQtnlLYBuKp+iM/lk3dYSnIKpxC+x2inghrBRtMPLL0EITYrkIJnpmBBpKeklkZTL3Vys8lecji2WDkyHzyXxpKsEuxAgMBAAEwDQYJKoZIhvcNAQELBQADggEBALaDK+wutEjdgY3Ux06Amp0k5qK16dz4jn+QKjdKPB1yThfzY1pisuyCUXPBlkn1OjB5ZvYl6ouwdNXgB8aeblbHZoyXh9ODeywi1xZd7pGxNXSfx0UzRk/YEEy0DAi9pxTyRYxiZ6/XJalS9PembTQvj+mVKqg1SDv7dyv4byvndEYSaUISrtGGrM3bb68PW4zInD793PJYWDSVxmEPOYtdgBJv4HAhPIJhjw15EOGlPv5QxW9P76OgISCutHaEe3UDP+TzIBBxYQFb1ZXA6ob3TFga78mFAkY4g98gEC11QSvZqhaRtLAz6PEisHRV+xDJVROgQ4Qew4qKgwE0gGE=",
+  "codeSecret" : "32f8634c-2be2-4d4d-8118-f4f7fee80b9f",
+  "roles" : {
+    "client" : {
+      "realm-management" : [ {
+        "id" : "dad7b3a4-b533-47c8-aba5-32e6429865a2",
+        "name" : "manage-identity-providers",
+        "description" : "${role_manage-identity-providers}",
+        "composite" : false
+      }, {
+        "id" : "a1dd3971-3906-4f4a-b4cd-3a198d2d7150",
+        "name" : "view-users",
+        "description" : "${role_view-users}",
+        "composite" : false
+      }, {
+        "id" : "6c2d766f-cfa5-4cae-b1ca-81f1f9f242c8",
+        "name" : "view-clients",
+        "description" : "${role_view-clients}",
+        "composite" : false
+      }, {
+        "id" : "60bb5b3e-8067-43fe-803e-a7e367967c7c",
+        "name" : "manage-realm",
+        "description" : "${role_manage-realm}",
+        "composite" : false
+      }, {
+        "id" : "c55cb35a-2602-47a6-a628-fc5a55341426",
+        "name" : "manage-users",
+        "description" : "${role_manage-users}",
+        "composite" : false
+      }, {
+        "id" : "4dc834d0-766b-45aa-ab3b-b7b976baa65d",
+        "name" : "realm-admin",
+        "description" : "${role_realm-admin}",
+        "composite" : true,
+        "composites" : {
+          "client" : {
+            "realm-management" : [ "view-users", "manage-identity-providers", "view-clients", "manage-realm", "manage-users", "impersonation", "view-realm", "view-events", "manage-clients", "manage-events", "view-identity-providers" ]
+          }
+        }
+      }, {
+        "id" : "d444a98f-ab5e-4857-9300-496e04e498f5",
+        "name" : "impersonation",
+        "description" : "${role_impersonation}",
+        "composite" : false
+      }, {
+        "id" : "2f6f1407-f334-434f-becf-771e3ebb5625",
+        "name" : "view-realm",
+        "description" : "${role_view-realm}",
+        "composite" : false
+      }, {
+        "id" : "a40d3211-5244-4d92-80c0-0d3215580250",
+        "name" : "manage-events",
+        "description" : "${role_manage-events}",
+        "composite" : false
+      }, {
+        "id" : "d11c407e-504f-4923-b243-e794afa0247e",
+        "name" : "view-events",
+        "description" : "${role_view-events}",
+        "composite" : false
+      }, {
+        "id" : "3ef6ace4-4e87-4c30-a8b3-1f0df25868c6",
+        "name" : "manage-clients",
+        "description" : "${role_manage-clients}",
+        "composite" : false
+      }, {
+        "id" : "fa2a4972-b8d0-452e-8e13-d2cf7eaac7aa",
+        "name" : "view-identity-providers",
+        "description" : "${role_view-identity-providers}",
+        "composite" : false
+      } ],
+      "security-admin-console" : [ ],
+      "broker" : [ {
+        "id" : "1bc5aeb4-1df1-4402-8195-e2a72f6dca30",
+        "name" : "read-token",
+        "description" : "${role_read-token}",
+        "composite" : false
+      } ],
+      "account" : [ {
+        "id" : "71b5b5ff-b372-41a1-a427-7883fa64a8c7",
+        "name" : "manage-account",
+        "description" : "${role_manage-account}",
+        "composite" : false
+      }, {
+        "id" : "04daa556-8aeb-43ba-99c6-b393ec2a32d4",
+        "name" : "view-profile",
+        "description" : "${role_view-profile}",
+        "composite" : false
+      } ]
+    }
+  },
+  "requiredCredentials" : [ "password" ],
+  "otpPolicyType" : "totp",
+  "otpPolicyAlgorithm" : "HmacSHA1",
+  "otpPolicyInitialCounter" : 0,
+  "otpPolicyDigits" : 6,
+  "otpPolicyLookAheadWindow" : 1,
+  "otpPolicyPeriod" : 30,
+  "clientScopeMappings" : {
+    "realm-management" : [ {
+      "client" : "security-admin-console",
+      "roles" : [ "realm-admin" ]
+    } ]
+  },
+  "clients" : [ {
+    "id" : "ba27336f-3f89-471d-98d2-b8856bd6dbf1",
+    "clientId" : "realm-management",
+    "name" : "${client_realm-management}",
+    "surrogateAuthRequired" : false,
+    "enabled" : true,
+    "clientAuthenticatorType" : "client-secret",
+    "secret" : "26aee4e9-8eec-421b-90a9-238538f5897a",
+    "redirectUris" : [ ],
+    "webOrigins" : [ ],
+    "notBefore" : 0,
+    "bearerOnly" : true,
+    "consentRequired" : false,
+    "serviceAccountsEnabled" : false,
+    "directGrantsOnly" : false,
+    "publicClient" : false,
+    "frontchannelLogout" : false,
+    "attributes" : { },
+    "fullScopeAllowed" : false,
+    "nodeReRegistrationTimeout" : 0,
+    "protocolMappers" : [ {
+      "id" : "5d56eba1-724e-4904-a8f8-86ca264a82cf",
+      "name" : "family name",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${familyName}",
+      "config" : {
+        "user.attribute" : "lastName",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "family_name",
+        "Claim JSON Type" : "String"
+      }
+    }, {
+      "id" : "18a30786-89f9-4744-8f36-4de811a591ae",
+      "name" : "email",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${email}",
+      "config" : {
+        "user.attribute" : "email",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "email",
+        "Claim JSON Type" : "String"
+      }
+    }, {
+      "id" : "4d1c4456-0c0d-49b9-bfba-c2c83645aeb2",
+      "name" : "username",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${username}",
+      "config" : {
+        "user.attribute" : "username",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "preferred_username",
+        "Claim JSON Type" : "String"
+      }
+    }, {
+      "id" : "1a19db43-2346-4a24-b6f0-1b8d7fc1353e",
+      "name" : "role list",
+      "protocol" : "saml",
+      "protocolMapper" : "saml-role-list-mapper",
+      "consentRequired" : false,
+      "config" : {
+        "single" : "false",
+        "attribute.nameformat" : "Basic",
+        "attribute.name" : "Role"
+      }
+    }, {
+      "id" : "a18612f0-9eb3-4d81-af0c-b0749b83fbd3",
+      "name" : "given name",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${givenName}",
+      "config" : {
+        "user.attribute" : "firstName",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "given_name",
+        "Claim JSON Type" : "String"
+      }
+    }, {
+      "id" : "70c26044-c7fc-4090-98e1-670fef006e25",
+      "name" : "full name",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-full-name-mapper",
+      "consentRequired" : true,
+      "consentText" : "${fullName}",
+      "config" : {
+        "id.token.claim" : "true",
+        "access.token.claim" : "true"
+      }
+    } ]
+  }, {
+    "id" : "3fdddd5e-0022-4f6d-8fdf-212266db7fd4",
+    "clientId" : "security-admin-console",
+    "name" : "${client_security-admin-console}",
+    "baseUrl" : "/auth/admin/Migration/console/index.html",
+    "surrogateAuthRequired" : false,
+    "enabled" : true,
+    "clientAuthenticatorType" : "client-secret",
+    "secret" : "38ce8135-738d-4103-85ac-c3470ac8824d",
+    "redirectUris" : [ "/auth/admin/Migration/console/*" ],
+    "webOrigins" : [ ],
+    "notBefore" : 0,
+    "bearerOnly" : false,
+    "consentRequired" : false,
+    "serviceAccountsEnabled" : false,
+    "directGrantsOnly" : false,
+    "publicClient" : true,
+    "frontchannelLogout" : false,
+    "attributes" : { },
+    "fullScopeAllowed" : false,
+    "nodeReRegistrationTimeout" : 0,
+    "protocolMappers" : [ {
+      "id" : "be58fe30-b767-4566-9192-a4fa81fafa2c",
+      "name" : "role list",
+      "protocol" : "saml",
+      "protocolMapper" : "saml-role-list-mapper",
+      "consentRequired" : false,
+      "config" : {
+        "single" : "false",
+        "attribute.nameformat" : "Basic",
+        "attribute.name" : "Role"
+      }
+    }, {
+      "id" : "c97523fd-fd4f-48d7-8937-bd434fa374fd",
+      "name" : "given name",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${givenName}",
+      "config" : {
+        "user.attribute" : "firstName",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "given_name",
+        "Claim JSON Type" : "String"
+      }
+    }, {
+      "id" : "2323a85d-2686-46d4-bea8-e36524920f2e",
+      "name" : "email",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${email}",
+      "config" : {
+        "user.attribute" : "email",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "email",
+        "Claim JSON Type" : "String"
+      }
+    }, {
+      "id" : "56f8a80e-9e99-4add-b918-b864ca3f6f5c",
+      "name" : "username",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${username}",
+      "config" : {
+        "user.attribute" : "username",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "preferred_username",
+        "Claim JSON Type" : "String"
+      }
+    }, {
+      "id" : "f9f51e8d-d5af-456c-be5a-3019fb8c0910",
+      "name" : "family name",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${familyName}",
+      "config" : {
+        "user.attribute" : "lastName",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "family_name",
+        "Claim JSON Type" : "String"
+      }
+    }, {
+      "id" : "3d8fbb0c-9058-4dde-b675-ca77a153ceb8",
+      "name" : "full name",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-full-name-mapper",
+      "consentRequired" : true,
+      "consentText" : "${fullName}",
+      "config" : {
+        "id.token.claim" : "true",
+        "access.token.claim" : "true"
+      }
+    } ]
+  }, {
+    "id" : "068fcf1a-7048-43df-b3dd-e6c484e8b051",
+    "clientId" : "broker",
+    "name" : "${client_broker}",
+    "surrogateAuthRequired" : false,
+    "enabled" : true,
+    "clientAuthenticatorType" : "client-secret",
+    "secret" : "041b50a6-54b5-4cff-84ef-1b7c388d3395",
+    "redirectUris" : [ ],
+    "webOrigins" : [ ],
+    "notBefore" : 0,
+    "bearerOnly" : false,
+    "consentRequired" : false,
+    "serviceAccountsEnabled" : false,
+    "directGrantsOnly" : false,
+    "publicClient" : false,
+    "frontchannelLogout" : false,
+    "attributes" : { },
+    "fullScopeAllowed" : false,
+    "nodeReRegistrationTimeout" : 0,
+    "protocolMappers" : [ {
+      "id" : "57c6f779-c96b-4f03-b268-354af2a8731e",
+      "name" : "email",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${email}",
+      "config" : {
+        "user.attribute" : "email",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "email",
+        "Claim JSON Type" : "String"
+      }
+    }, {
+      "id" : "f17a7b9f-9363-44bd-8320-df36f22ca712",
+      "name" : "given name",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${givenName}",
+      "config" : {
+        "user.attribute" : "firstName",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "given_name",
+        "Claim JSON Type" : "String"
+      }
+    }, {
+      "id" : "ec1bf022-9e98-4f29-9bf0-f0a49bd844ad",
+      "name" : "role list",
+      "protocol" : "saml",
+      "protocolMapper" : "saml-role-list-mapper",
+      "consentRequired" : false,
+      "config" : {
+        "single" : "false",
+        "attribute.nameformat" : "Basic",
+        "attribute.name" : "Role"
+      }
+    }, {
+      "id" : "0d54c616-326b-4fe7-bbfa-af9a28304dc5",
+      "name" : "username",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${username}",
+      "config" : {
+        "user.attribute" : "username",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "preferred_username",
+        "Claim JSON Type" : "String"
+      }
+    }, {
+      "id" : "89ce95b9-a268-4306-a1ad-86066d0cdd03",
+      "name" : "family name",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${familyName}",
+      "config" : {
+        "user.attribute" : "lastName",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "family_name",
+        "Claim JSON Type" : "String"
+      }
+    }, {
+      "id" : "8236274d-af69-4fc4-8804-a02d4af66157",
+      "name" : "full name",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-full-name-mapper",
+      "consentRequired" : true,
+      "consentText" : "${fullName}",
+      "config" : {
+        "id.token.claim" : "true",
+        "access.token.claim" : "true"
+      }
+    } ]
+  }, {
+    "id" : "717b9e58-87ed-402d-a8f8-a37fd5e7c951",
+    "clientId" : "account",
+    "name" : "${client_account}",
+    "baseUrl" : "/auth/realms/Migration/account",
+    "surrogateAuthRequired" : false,
+    "enabled" : true,
+    "clientAuthenticatorType" : "client-secret",
+    "secret" : "9ea62eb5-5478-454a-a479-4012f8967f9c",
+    "defaultRoles" : [ "view-profile", "manage-account" ],
+    "redirectUris" : [ "/auth/realms/Migration/account/*" ],
+    "webOrigins" : [ ],
+    "notBefore" : 0,
+    "bearerOnly" : false,
+    "consentRequired" : false,
+    "serviceAccountsEnabled" : false,
+    "directGrantsOnly" : false,
+    "publicClient" : false,
+    "frontchannelLogout" : false,
+    "attributes" : { },
+    "fullScopeAllowed" : false,
+    "nodeReRegistrationTimeout" : 0,
+    "protocolMappers" : [ {
+      "id" : "bfb4a165-2a55-4e4b-9b13-05e68822f5d6",
+      "name" : "family name",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${familyName}",
+      "config" : {
+        "user.attribute" : "lastName",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "family_name",
+        "Claim JSON Type" : "String"
+      }
+    }, {
+      "id" : "c505e313-d478-4b1d-94df-c2c9b6036a95",
+      "name" : "role list",
+      "protocol" : "saml",
+      "protocolMapper" : "saml-role-list-mapper",
+      "consentRequired" : false,
+      "config" : {
+        "single" : "false",
+        "attribute.nameformat" : "Basic",
+        "attribute.name" : "Role"
+      }
+    }, {
+      "id" : "12fc43f0-19b7-4b4a-b50a-40b6fc344ede",
+      "name" : "email",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${email}",
+      "config" : {
+        "user.attribute" : "email",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "email",
+        "Claim JSON Type" : "String"
+      }
+    }, {
+      "id" : "250f3bf3-2655-4482-a814-3adcc7cef5a4",
+      "name" : "full name",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-full-name-mapper",
+      "consentRequired" : true,
+      "consentText" : "${fullName}",
+      "config" : {
+        "id.token.claim" : "true",
+        "access.token.claim" : "true"
+      }
+    }, {
+      "id" : "6cf70d19-6a9e-4abf-8917-38b87bac15d6",
+      "name" : "username",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${username}",
+      "config" : {
+        "user.attribute" : "username",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "preferred_username",
+        "Claim JSON Type" : "String"
+      }
+    }, {
+      "id" : "6cdeae21-ca97-4723-b880-d5aa35fa77b0",
+      "name" : "given name",
+      "protocol" : "openid-connect",
+      "protocolMapper" : "oidc-usermodel-property-mapper",
+      "consentRequired" : true,
+      "consentText" : "${givenName}",
+      "config" : {
+        "user.attribute" : "firstName",
+        "id.token.claim" : "true",
+        "access.token.claim" : "true",
+        "claim.name" : "given_name",
+        "Claim JSON Type" : "String"
+      }
+    } ]
+  } ],
+  "browserSecurityHeaders" : {
+    "contentSecurityPolicy" : "frame-src 'self'",
+    "xFrameOptions" : "SAMEORIGIN"
+  },
+  "smtpServer" : { },
+  "eventsEnabled" : false,
+  "eventsListeners" : [ "jboss-logging" ],
+  "enabledEventTypes" : [ ],
+  "adminEventsEnabled" : false,
+  "adminEventsDetailsEnabled" : false,
+  "identityFederationEnabled" : false,
+  "internationalizationEnabled" : false,
+  "supportedLocales" : [ ],
+  "authenticationFlows" : [ {
+    "alias" : "registration form",
+    "description" : "registration form",
+    "providerId" : "form-flow",
+    "topLevel" : false,
+    "builtIn" : true,
+    "authenticationExecutions" : [ {
+      "authenticator" : "registration-user-creation",
+      "autheticatorFlow" : false,
+      "requirement" : "REQUIRED",
+      "userSetupAllowed" : false,
+      "priority" : 20
+    }, {
+      "authenticator" : "registration-profile-action",
+      "autheticatorFlow" : false,
+      "requirement" : "REQUIRED",
+      "userSetupAllowed" : false,
+      "priority" : 40
+    }, {
+      "authenticator" : "registration-password-action",
+      "autheticatorFlow" : false,
+      "requirement" : "REQUIRED",
+      "userSetupAllowed" : false,
+      "priority" : 50
+    }, {
+      "authenticator" : "registration-recaptcha-action",
+      "autheticatorFlow" : false,
+      "requirement" : "DISABLED",
+      "userSetupAllowed" : false,
+      "priority" : 60
+    } ]
+  }, {
+    "alias" : "direct grant",
+    "description" : "OpenID Connect Resource Owner Grant",
+    "providerId" : "basic-flow",
+    "topLevel" : true,
+    "builtIn" : true,
+    "authenticationExecutions" : [ {
+      "authenticator" : "direct-grant-validate-username",
+      "autheticatorFlow" : false,
+      "requirement" : "REQUIRED",
+      "userSetupAllowed" : false,
+      "priority" : 10
+    }, {
+      "authenticator" : "direct-grant-validate-password",
+      "autheticatorFlow" : false,
+      "requirement" : "REQUIRED",
+      "userSetupAllowed" : false,
+      "priority" : 20
+    }, {
+      "authenticator" : "direct-grant-validate-otp",
+      "autheticatorFlow" : false,
+      "requirement" : "OPTIONAL",
+      "userSetupAllowed" : false,
+      "priority" : 30
+    } ]
+  }, {
+    "alias" : "reset credentials",
+    "description" : "Reset credentials for a user if they forgot their password or something",
+    "providerId" : "basic-flow",
+    "topLevel" : true,
+    "builtIn" : true,
+    "authenticationExecutions" : [ {
+      "authenticator" : "reset-credentials-choose-user",
+      "autheticatorFlow" : false,
+      "requirement" : "REQUIRED",
+      "userSetupAllowed" : false,
+      "priority" : 10
+    }, {
+      "authenticator" : "reset-credential-email",
+      "autheticatorFlow" : false,
+      "requirement" : "REQUIRED",
+      "userSetupAllowed" : false,
+      "priority" : 20
+    }, {
+      "authenticator" : "reset-password",
+      "autheticatorFlow" : false,
+      "requirement" : "REQUIRED",
+      "userSetupAllowed" : false,
+      "priority" : 30
+    }, {
+      "authenticator" : "reset-otp",
+      "autheticatorFlow" : false,
+      "requirement" : "OPTIONAL",
+      "userSetupAllowed" : false,
+      "priority" : 40
+    } ]
+  }, {
+    "alias" : "forms",
+    "description" : "Username, password, otp and other auth forms.",
+    "providerId" : "basic-flow",
+    "topLevel" : false,
+    "builtIn" : true,
+    "authenticationExecutions" : [ {
+      "authenticator" : "auth-username-password-form",
+      "autheticatorFlow" : false,
+      "requirement" : "REQUIRED",
+      "userSetupAllowed" : false,
+      "priority" : 10
+    }, {
+      "authenticator" : "auth-otp-form",
+      "autheticatorFlow" : false,
+      "requirement" : "OPTIONAL",
+      "userSetupAllowed" : false,
+      "priority" : 20
+    } ]
+  }, {
+    "alias" : "clients",
+    "description" : "Base authentication for clients",
+    "providerId" : "client-flow",
+    "topLevel" : true,
+    "builtIn" : true,
+    "authenticationExecutions" : [ {
+      "authenticator" : "client-secret",
+      "autheticatorFlow" : false,
+      "requirement" : "ALTERNATIVE",
+      "userSetupAllowed" : false,
+      "priority" : 10
+    }, {
+      "authenticator" : "client-jwt",
+      "autheticatorFlow" : false,
+      "requirement" : "ALTERNATIVE",
+      "userSetupAllowed" : false,
+      "priority" : 20
+    } ]
+  }, {
+    "alias" : "browser",
+    "description" : "browser based authentication",
+    "providerId" : "basic-flow",
+    "topLevel" : true,
+    "builtIn" : true,
+    "authenticationExecutions" : [ {
+      "authenticator" : "auth-cookie",
+      "autheticatorFlow" : false,
+      "requirement" : "ALTERNATIVE",
+      "userSetupAllowed" : false,
+      "priority" : 10
+    }, {
+      "authenticator" : "auth-spnego",
+      "autheticatorFlow" : false,
+      "requirement" : "DISABLED",
+      "userSetupAllowed" : false,
+      "priority" : 20
+    }, {
+      "flowAlias" : "forms",
+      "autheticatorFlow" : true,
+      "requirement" : "ALTERNATIVE",
+      "userSetupAllowed" : false,
+      "priority" : 30
+    } ]
+  }, {
+    "alias" : "registration",
+    "description" : "registration flow",
+    "providerId" : "basic-flow",
+    "topLevel" : true,
+    "builtIn" : true,
+    "authenticationExecutions" : [ {
+      "authenticator" : "registration-page-form",
+      "flowAlias" : "registration form",
+      "autheticatorFlow" : true,
+      "requirement" : "REQUIRED",
+      "userSetupAllowed" : false,
+      "priority" : 10
+    } ]
+  } ],
+  "authenticatorConfig" : [ ],
+  "requiredActions" : [ {
+    "alias" : "CONFIGURE_TOTP",
+    "name" : "Configure Totp",
+    "providerId" : "CONFIGURE_TOTP",
+    "enabled" : true,
+    "defaultAction" : false,
+    "config" : { }
+  }, {
+    "alias" : "VERIFY_EMAIL",
+    "name" : "Verify Email",
+    "providerId" : "VERIFY_EMAIL",
+    "enabled" : true,
+    "defaultAction" : false,
+    "config" : { }
+  }, {
+    "alias" : "terms_and_conditions",
+    "name" : "Terms and Conditions",
+    "providerId" : "terms_and_conditions",
+    "enabled" : false,
+    "defaultAction" : false,
+    "config" : { }
+  }, {
+    "alias" : "UPDATE_PASSWORD",
+    "name" : "Update Password",
+    "providerId" : "UPDATE_PASSWORD",
+    "enabled" : true,
+    "defaultAction" : false,
+    "config" : { }
+  }, {
+    "alias" : "UPDATE_PROFILE",
+    "name" : "Update Profile",
+    "providerId" : "UPDATE_PROFILE",
+    "enabled" : true,
+    "defaultAction" : false,
+    "config" : { }
+  } ],
+  "browserFlow" : "browser",
+  "registrationFlow" : "registration",
+  "directGrantFlow" : "direct grant",
+  "resetCredentialsFlow" : "reset credentials",
+  "clientAuthenticationFlow" : "clients"
+}
\ No newline at end of file
diff --git a/testsuite/integration-arquillian/tests/pom.xml b/testsuite/integration-arquillian/tests/pom.xml
index fd4f8d4afdc..28abfc7201e 100644
--- a/testsuite/integration-arquillian/tests/pom.xml
+++ b/testsuite/integration-arquillian/tests/pom.xml
@@ -477,7 +477,7 @@
         <profile>
             <id>migration-kc16</id>
             <properties>
-                <server.version>1.6.0.Final</server.version>
+                <server.version>1.6.1.Final</server.version>
                 <server.artifactId>integration-arquillian-server-wildfly-kc16</server.artifactId>
             </properties>
             <build>
@@ -518,6 +518,8 @@
                                     <migration>true</migration>
                                     <migration.kc15>true</migration.kc15>
                                     <keycloak.migration.home>${containers.home}/keycloak-${server.version}</keycloak.migration.home>
+                                    <keycloak.migration.file>src/test/resources/migration-test/migration-realm-15.json</keycloak.migration.file>
+                                    <version>${server.version}</version>
                                 </systemPropertyVariables>
                             </configuration>
                         </plugin>

From 52c02f03ae37866239dbb928525f0b771c3f0ce9 Mon Sep 17 00:00:00 2001
From: vramik <vramik@localhost.localdomain>
Date: Thu, 29 Oct 2015 15:09:33 +0100
Subject: [PATCH 29/34] arquillian testsuite, migration test: fixed
 assembly.xml for 1.6.1.Final

---
 .../tests/base/src/test/resources/arquillian.xml                | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml b/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml
index e44efadcee4..15ae31e60c1 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml
+++ b/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml
@@ -21,7 +21,7 @@
     <!-- PREVIOUS VERSIONS KEYCLOAK FOR MIGRATION TESTS -->
     <!-- IT HAS TO BE LISTED ABOWE KEYCLOAK AUTH SERVERS -->
     
-    <container qualifier="keycloak-1.6.0.Final" mode="suite" >
+    <container qualifier="keycloak-1.6.1.Final" mode="suite" >
         <configuration>
             <property name="enabled">${migration.kc16}</property>
             <property name="adapterImplClass">org.jboss.as.arquillian.container.managed.ManagedDeployableContainer</property>

From cd640339fc9760b412a9548a79b13af19b9a71b1 Mon Sep 17 00:00:00 2001
From: vramik <vramik@localhost.localdomain>
Date: Thu, 29 Oct 2015 15:11:50 +0100
Subject: [PATCH 30/34] arquillian testsuite, migration test: fixed
 assembly.xml for 1.6.1.Final

---
 .../servers/migration/wildfly_kc16/assembly.xml               | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/testsuite/integration-arquillian/servers/migration/wildfly_kc16/assembly.xml b/testsuite/integration-arquillian/servers/migration/wildfly_kc16/assembly.xml
index 46782886cb7..0a990ecb581 100644
--- a/testsuite/integration-arquillian/servers/migration/wildfly_kc16/assembly.xml
+++ b/testsuite/integration-arquillian/servers/migration/wildfly_kc16/assembly.xml
@@ -11,14 +11,14 @@
     <fileSets>
         <fileSet>
             <directory>${keycloak.server.home}</directory>
-            <outputDirectory>keycloak-1.6.0.Final</outputDirectory>
+            <outputDirectory>keycloak-1.6.1.Final</outputDirectory>
             <excludes>
                 <exclude>**/*.sh</exclude>
             </excludes>
         </fileSet>
         <fileSet>
             <directory>${keycloak.server.home}</directory>
-            <outputDirectory>keycloak-1.6.0.Final</outputDirectory>
+            <outputDirectory>keycloak-1.6.1.Final</outputDirectory>
             <includes>
                 <include>**/*.sh</include>
             </includes>

From c2e14cb924f98ec546e871b7dda536f0b4529c04 Mon Sep 17 00:00:00 2001
From: vramik <vramik@localhost.localdomain>
Date: Fri, 30 Oct 2015 11:32:01 +0100
Subject: [PATCH 31/34] arquillian testsuite, migration test: fixed typo in
 arquillian.xml, add migration test for 1.5.1.Final

---
 .../keycloak/testsuite/migration/MigrationTest.java    | 10 ++++++++++
 .../tests/base/src/test/resources/arquillian.xml       |  2 +-
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java
index b3776c3c77a..7dcdeee7cc2 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java
@@ -47,5 +47,15 @@ public class MigrationTest extends AbstractKeycloakTest {
         
         Assert.fail("TODO");
     }
+    
+    @Test
+    @Migration(versionFrom = "1.5.1.Final")
+    public void migration15Test() {
+        for (RealmRepresentation realm : adminClient.realms().findAll()) {
+            System.out.println(realm.getRealm());
+        }
+        
+        Assert.fail("TODO");
+    }
 
 }
diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml b/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml
index 15ae31e60c1..ad3f6265a33 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml
+++ b/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml
@@ -44,7 +44,7 @@
         <configuration>
             <property name="enabled">${migration.kc15}</property>
             <property name="adapterImplClass">org.jboss.as.arquillian.container.managed.ManagedDeployableContainer</property>
-            <property name="jbossHome">${keycloak.migration.homev}</property>
+            <property name="jbossHome">${keycloak.migration.home}</property>
             <property name="javaVmArguments">
                 -Dkeycloak.migration.action=import 
                 -Dkeycloak.migration.provider=singleFile

From 9796b7f06ee30aeb01c7b22cbb34462be5fa53bc Mon Sep 17 00:00:00 2001
From: vramik <vramik@localhost.localdomain>
Date: Fri, 30 Oct 2015 13:27:38 +0100
Subject: [PATCH 32/34] arquillian testsuite, migration test: initial version
 of migration test

---
 .../testsuite/migration/MigrationTest.java    | 21 +++++++++++++------
 1 file changed, 15 insertions(+), 6 deletions(-)

diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java
index 7dcdeee7cc2..cdddc083fb5 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java
@@ -22,9 +22,12 @@
 package org.keycloak.testsuite.migration;
 
 import java.util.List;
-import org.junit.Assert;
+import static org.junit.Assert.*;
+import org.junit.Ignore;
 import org.junit.Test;
+import org.keycloak.admin.client.resource.RealmResource;
 import org.keycloak.representations.idm.RealmRepresentation;
+import org.keycloak.representations.idm.RoleRepresentation;
 import org.keycloak.testsuite.AbstractKeycloakTest;
 import org.keycloak.testsuite.arquillian.migration.Migration;
 
@@ -41,21 +44,27 @@ public class MigrationTest extends AbstractKeycloakTest {
     @Test
     @Migration(versionFrom = "1.6.1.Final")
     public void migration16Test() {
-        for (RealmRepresentation realm : adminClient.realms().findAll()) {
-            System.out.println(realm.getRealm());
-        }
+        RealmResource realmResource = adminClient.realms().realm("Migration");
+        RealmRepresentation realmRep = realmResource.toRepresentation();
+        assertEquals("Migration", realmRep.getRealm());
         
-        Assert.fail("TODO");
+        List<RoleRepresentation> realmRoles = realmResource.roles().list();
+        assertEquals(1, realmRoles.size());
+        assertEquals("offline_access", realmRoles.get(0).getName());
+        
+        List<RoleRepresentation> clientRoles = realmResource.clients().get("realm-management").roles().list();
+        assertEquals(13, clientRoles.size());
     }
     
     @Test
     @Migration(versionFrom = "1.5.1.Final")
+    @Ignore
     public void migration15Test() {
         for (RealmRepresentation realm : adminClient.realms().findAll()) {
             System.out.println(realm.getRealm());
         }
         
-        Assert.fail("TODO");
+        //TODO
     }
 
 }

From 4a9a39c08dbb6fc19553af8efac0f47b023af766 Mon Sep 17 00:00:00 2001
From: vramik <vramik@localhost.localdomain>
Date: Fri, 30 Oct 2015 14:01:48 +0100
Subject: [PATCH 33/34] arquillian testsuite, migration test: fix

---
 .../testsuite/migration/MigrationTest.java    | 24 +++++++++++++++++--
 1 file changed, 22 insertions(+), 2 deletions(-)

diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java
index cdddc083fb5..41c174007a6 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java
@@ -25,7 +25,9 @@ import java.util.List;
 import static org.junit.Assert.*;
 import org.junit.Ignore;
 import org.junit.Test;
+import org.keycloak.admin.client.resource.ClientsResource;
 import org.keycloak.admin.client.resource.RealmResource;
+import org.keycloak.representations.idm.ClientRepresentation;
 import org.keycloak.representations.idm.RealmRepresentation;
 import org.keycloak.representations.idm.RoleRepresentation;
 import org.keycloak.testsuite.AbstractKeycloakTest;
@@ -52,8 +54,26 @@ public class MigrationTest extends AbstractKeycloakTest {
         assertEquals(1, realmRoles.size());
         assertEquals("offline_access", realmRoles.get(0).getName());
         
-        List<RoleRepresentation> clientRoles = realmResource.clients().get("realm-management").roles().list();
-        assertEquals(13, clientRoles.size());
+        for (ClientRepresentation client : realmResource.clients().findAll()) {
+            final String clientId = client.getClientId();
+            switch (clientId) {
+                case "realm-management":
+                    assertEquals(13, realmResource.clients().get(client.getId()).roles().list().size());
+                    break;
+                case "security-admin-console":
+                    assertEquals(0, realmResource.clients().get(client.getId()).roles().list().size());
+                    break;
+                case "broker":
+                    assertEquals(1, realmResource.clients().get(client.getId()).roles().list().size());
+                    break;
+                case "account":
+                    assertEquals(2, realmResource.clients().get(client.getId()).roles().list().size());
+                    break;
+                default:
+                    fail("Migrated realm contains unexpected client " + clientId);
+                    break;
+            }
+        }
     }
     
     @Test

From d26cfcda426641c218ed2a0ccf7abb78f56ba50b Mon Sep 17 00:00:00 2001
From: vramik <vramik@localhost.localdomain>
Date: Mon, 2 Nov 2015 11:56:26 +0100
Subject: [PATCH 34/34] arquillian testsuite, migration test: update execution
 of dependency plugin for migration scenario

---
 testsuite/integration-arquillian/tests/pom.xml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/testsuite/integration-arquillian/tests/pom.xml b/testsuite/integration-arquillian/tests/pom.xml
index 28abfc7201e..074a08a1de4 100644
--- a/testsuite/integration-arquillian/tests/pom.xml
+++ b/testsuite/integration-arquillian/tests/pom.xml
@@ -36,6 +36,7 @@
         <arquillian-graphene.version>2.1.0.Alpha2</arquillian-graphene.version>
         <arquillian-wildfly-container.version>8.2.0.Final</arquillian-wildfly-container.version>
         <version.shrinkwrap.resolvers>2.1.1</version.shrinkwrap.resolvers>
+        <skip.unpack.previous>true</skip.unpack.previous>
     </properties>
 
     <dependencyManagement>
@@ -107,6 +108,7 @@
                                 <goal>unpack</goal>
                             </goals>
                             <configuration>
+                                <skip>${skip.unpack.previous}</skip>
                                 <artifactItems>
                                     <artifactItem>
                                         <groupId>org.keycloak.testsuite</groupId>
@@ -477,6 +479,7 @@
         <profile>
             <id>migration-kc16</id>
             <properties>
+                <skip.unpack.previous>false</skip.unpack.previous>
                 <server.version>1.6.1.Final</server.version>
                 <server.artifactId>integration-arquillian-server-wildfly-kc16</server.artifactId>
             </properties>
@@ -504,6 +507,7 @@
         <profile>
             <id>migration-kc15</id>
             <properties>
+                <skip.unpack.previous>false</skip.unpack.previous>
                 <server.version>1.5.1.Final</server.version>
                 <server.artifactId>integration-arquillian-server-wildfly-kc15</server.artifactId>
             </properties>
@@ -531,6 +535,7 @@
         <profile>
             <id>migration-kc14</id>
             <properties>
+                <skip.unpack.previous>false</skip.unpack.previous>
                 <server.version>1.4.0.Final</server.version>
                 <server.artifactId>integration-arquillian-server-wildfly-kc14</server.artifactId>
             </properties>
@@ -556,6 +561,7 @@
         <profile>
             <id>migration-kc13</id>
             <properties>
+                <skip.unpack.previous>false</skip.unpack.previous>
                 <server.version>1.3.1.Final</server.version>
                 <server.artifactId>integration-arquillian-server-wildfly-kc13</server.artifactId>
             </properties>
@@ -581,6 +587,7 @@
         <profile>
             <id>migration-kc12</id>
             <properties>
+                <skip.unpack.previous>false</skip.unpack.previous>
                 <server.version>1.2.0.Final</server.version>
                 <server.artifactId>integration-arquillian-server-wildfly-kc12</server.artifactId>
             </properties>