[Apiman-user] Apiman & Keycloak

Marc Savy marc.savy at redhat.com
Tue Sep 1 05:57:47 EDT 2015 

I would suggest you refer to the Keycloak documentation, as there are several ways to skin this particular cat. For instance, how you decide to set up your Keycloak configuration is highly dependent upon your specific requirements; whether you want token grants to be via the API-only, or an HTTP redirect based approach (see: https://keycloak.github.io/docs/userguide/html/access-types.html); how you wish to divide up your application; the level of security you desire; any identity provision sources...

At any rate, once you have Keycloak going, you would log in and click on 'create realm' (in my blog demo, that would be http://localhost:8080/auth/admin/master/console/#/create/realm) - then, add your client, roles, users, etc.

To make your life simple for demo purposes, I suggest your clients be 'Direct Grants Only' and 'Public'.

I'm not entirely clear from your email whether you want to script this, or provide walk-through steps, or provide a pre-baked config (like the blog).

Do you need to use roles and authorization? Or just simple authentication?

Regards,
Marc


On 01/09/2015 06:20, Charles Moulliard wrote:
> This blog refers to a link where we will import a pre-defined config
>
> First, log into the Keycloak server. If you’re following our
> walkthrough, the log-in details are identical to those mentioned earlier
> (admin, admin123!). You can see that there is already an apiman realm
> defined, but we’re going to create a new one, so navigate to Add Realm
> (top right), and import and upload "this demonstration realm definition
> - http://www.apiman.io/blog/resources/2015-06-04/stottie.json"; it
> provides an extremely simple setup where we have:
>
> What I would like to explain how we can create this "stottie" config in
> Keycloak (step by step, screenshots)
>
> On 01/09/15 02:19, Eric Wittmann wrote:
> > +1
> >
> > Thanks for responding, Rafael. I had intended to link this very same
> > tutorial but then it slipped my mind. :)
> >
> > On 8/31/2015 5:48 PM, Rafael Soares wrote:
> >> Charles,
> >>
> >>    Recently I followed the "/Keycloak and dagger: Securing your services
> >> with OAuth2/" tutorial [1] and it worked fine! This howto is great!
> >>
> >> You don't need to do anything on the Fuse/Camel side. All setup is done
> >> in the ApiMan side. ApiMan comes with a KeyCloak service embedded and
> >> all you need to do is install the Apiman oauth2 keycloak plugin and
> >> configure your service policy to use it. The tutorial [1] describes each
> >> step in detail.
> >>
> >> [1]
> >> http://www.apiman.io/blog/gateway/security/oauth2/keycloak/authentication/authorization/2015/06/09/keycloak-oauth2.html
> >>
> >>
> >>
> >>
> >> ________________________
> >> Rafael Torres Coelho Soares
> >>
> >> On Mon, Aug 31, 2015 at 2:38 PM, Charles Moulliard
> >> <cmoulliard at redhat.com <mailto:cmoulliard at redhat.com>> wrote:
> >>
> >>      Hi,
> >>
> >>      I have already asked this question but I need some help to figure
> >> out
> >>      what are the steps required to setup Oauth 2 with Keycloak as I'm
> >>      preparing a demo
> >> (https://github.com/FuseByExample/rest-dsl-in-action)
> >>      covering the point about how to secure & govern Camel REST DSL
> >> endpoints
> >>      on JBoss Fuse using Apiman & Keycloak ?
> >>
> >>      I just need the list of the steps to perform from the Web Site.
> >> Base on
> >>      the input, I will take some screenshots and include the instructions
> >>      within the demo content. Such input could be reused to write a blog
> >>      article too ;-)
> >>
> >>      Regards,
> >>
> >>      Charles
> >>      _______________________________________________
> >>      Apiman-user mailing list
> >>      Apiman-user at lists.jboss.org <mailto:Apiman-user at lists.jboss.org>
> >>      https://lists.jboss.org/mailman/listinfo/apiman-user
> >>
> >>
> >>
> >>
> >> _______________________________________________
> >> Apiman-user mailing list
> >> Apiman-user at lists.jboss.org
> >> https://lists.jboss.org/mailman/listinfo/apiman-user
> >>
>
> _______________________________________________
> Apiman-user mailing list
> Apiman-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/apiman-user
>

More information about the Apiman-user mailing list