[keycloak-dev] Keycloak adapter wildfly EAR

Jordan Conner 321j.con at gmail.com
Tue Dec 20 09:58:54 EST 2016

Using keycloak-wildfly-adapter-dist-2.4.0.Final and Wildfly 9.0.2.Final

I am having the same issue as KEYCLOAK-3186

However, I do not receive an "Invalid User" error, the protected method in
the EJB via @RolesAllowed is ignored (no errors.)

I have the same structure. I use the keycloak-offline-adapter installer,
and the security domain is created in standalone.xml file.


WAR - contains keycloak.json and security constraints to certain urls in
web.xml with certain roles (WORKING.)

EJB - In my @Stateless beans I've tried @SecurityDomain("keycloak") and
I've tried setting it in jboss-ejb3.xml. I then use @RolesAllowed("admin")
on a single method, this is ignored when invoking that method as a "user"

If I try this same thing in a @Stateless bean inside my WAR it works.

His solution was to convert EAR package to WAR. I would really like to
stick to EAR->EJB-WAR structure.



More information about the keycloak-dev mailing list