[keycloak-user] Keycloak Java Servlet Filter Adapter.

Luis Rodríguez Fernández uo67113 at gmail.com
Mon Aug 6 12:15:55 EDT 2018 

Answering to my own question:

The init-param "keycloak.config.file" will do the trick for me! And for the
keystore [1] in the keycloak-saml-adapter just use the "file" attribute
instead of the "resource" one

I could not see the forest but the trees, sorry...

Cheers,

Luis

2018-03-20 15:52 GMT+01:00 Luis Rodríguez Fernández <uo67113 at gmail.com>:

> Hello there,
>
> I am using the java servlet filter adapter (http://www.keycloak.org/docs/
> latest/securing_apps/index.html#java-servlet-filter-adapter) in
> apache-tomcat 9 and it works like a charm, thanks! The filter class
> is org.keycloak.adapters.saml.servlet.SamlFilter
>
> I would like to fully externalize the keycloak configuration from the
> deployed applications. I know that I can set the keycloack config file via
> the filter config param keycloak.config.file, to some external path like
> /usr/local/my-keycloak-saml.xml, brilliant!
>
> In the other hand the SamlFilter(https://github.
> com/keycloak/keycloak/blob/master/adapters/saml/servlet-
> filter/src/main/java/org/keycloak/adapters/saml/servlet/SamlFilter.java)
> looks for the keystores inside of the application context: usually
> something like /WEB-INF/my-keystore.jks. This is due the implementation of
> the ResourceLoader.getResourceAsStream(String resource) function. It
> looks like something like this:
>
> ResourceLoader loader = new ResourceLoader() {
>   @Override
>   public InputStream getResourceAsStream(String resource) {
>     return filterConfig.getServletContext().getResourceAsStream(resource);
>   }
> };
>
> In ServletContext.getResourceAsStream(java.lang.String path) the path
> param must begin with a "/" and it is interpreted as relative to the
> current context root. I would be in favor of having the possibility of
> externalize this resource, perhaps having somethig like:
>
> //First try the original one
> InputStream is = filterConfig.getServletContext().
> getResourceAsStream(resource);
> if(is=null) {
>   // Try with an external one
>   try {
>     is = new FileInputStream(resource);
>   } catch (FileNotFoundException e) {
>         throw new RuntimeException(e);
>   }
> }
>
> Any thoughts on this?
>
> Thanks in advance,
>
> Luis
>
>
> --
>
> "Ever tried. Ever failed. No matter. Try Again. Fail again. Fail better."
>
> - Samuel Beckett
>



-- 

"Ever tried. Ever failed. No matter. Try Again. Fail again. Fail better."

- Samuel Beckett

More information about the keycloak-user mailing list