[keycloak-user] Keycloak Spring Boot Adapter does not populate security context principal
Meissa M'baye Sakho
msakho at redhat.com
Tue Oct 31 10:15:32 EDT 2017
Niels,
I've tried the example below and it works fine.
http://blog.keycloak.org/2017/05/easily-secure-your-spring-boot.html
Although it's not using CXF.
Meissa
On Tue, Oct 31, 2017 at 1:25 PM, Niels Bertram <nielsbne at gmail.com> wrote:
> Hi Keycloak Users,
>
> I tried to configure a dead simple Spring Boot CXF REST endpoint with
> Keycloak Spring Boot Adapter in Bearer Only mode without any luck. It
> appears the Keycloak Tomcat Valve fails authorization even before the
> keycloak adapter ever gets a chance to parse the Bearer token and setup the
> session. I would have thought that with AutoConfig it would just be that
> ... auto config. I added the below keycloak adapter configuration to the
> application.yml file and made sure all required jars are on the classpath.
>
> Does anyone have any suggestions or a link to a working example that shows
> how to use Spring Boot with Keycloak *AND* CXF ?
>
> Many thanks, Niels
>
> Example:
>
> https://github.com/bertramn/keycloak-secured-rest-endpoint
>
>
> application.yml configuration:
>
>
> keycloak:
> realm: demo
> authServerUrl: 'http://localhost:8080/auth'
> realmKey: 'MIIBIjANBgDAQAB'
> sslRequired: external
> resource: test-client
> bearerOnly: true
> securityConstraints:
> - authRoles: [ '*' ]
> securityCollections:
> - name: authed
> patterns: [ '/v1/secured' ]
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
More information about the keycloak-user
mailing list