[keycloak-user] Integrating WildFly JavaEE application with Keyclock
Jeroen Muis
j.muis at copas.nl
Thu Feb 8 07:23:28 EST 2018
Hi,
I don’t know, we have not been focusing on the war as I suspected that would work out of the box. (We have other standalone war deployments which are working). Maybe someone else can comment?
In any case, our main issue has been around the remote ejb authentication / authorization issues.
Is anyone on the user group successfully using EAR + remote EJB module(s) and willing to share solution (including the WildFly domain/standalone.xml settings for JAAS / …)
Best regards,
Jeroen Muis,
Copas B.V.
From: valsaraj pv [mailto:valsarajpv at gmail.com]
Sent: Thursday, 8 February 2018 12:28
To: Jeroen Muis <j.muis at copas.nl>
Cc: keycloak-user at lists.jboss.org
Subject: RE: [keycloak-user] Integrating WildFly JavaEE application with Keyclock
We have ear with war and ejb jar. So what option is better and working to integrate keycloak? If we use keycloak login module, will this set cookies? I wonder how sso will work in this case.
On 08-Feb-2018 3:58 PM, "Jeroen Muis" <j.muis at copas.nl<mailto:j.muis at copas.nl>> wrote:
Hi,
We are very much interested in this as well, and had some tests done based on the work of Marek Posolda
https://github.com/mposolda/keycloak-remote-ejb
This poc is based on direct access grants so no redirects are required.
This seems to work just fine when having a ejb module, but when packaging this inside an EAR we don't seem to be able to get this working any longer. Not sure why yet, as we did not have enough time to fully debug this. Our EAR consists of several ejb modules, wars, etc.
Best regards,
Jeroen Muis,
Copas B.V.
-----Original Message-----
From: keycloak-user-bounces at lists.jboss.org<mailto:keycloak-user-bounces at lists.jboss.org> [mailto:keycloak-user-bounces at lists.jboss.org<mailto:keycloak-user-bounces at lists.jboss.org>] On Behalf Of valsaraj pv
Sent: Thursday, 8 February 2018 10:22
To: keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>
Subject: [keycloak-user] Integrating WildFly JavaEE application with Keyclock
Hi,
Currently our JavaEE application with servlets, EJB, remote EJB & HornetQ messaging using JAAS login module with LDAP back end. I am trying to integrate Keyclock with our WildFly 10.1 server for using identity provider & SSO.
*Source LDAP/DB Sync*
Found that Keycloak supports LDAP sync & we can sync existing user data periofically to Keyclock. Is it possiblr to sync from multiple user data stores as we have to integrate multiple JavaEE web apps?
*JAAS custom login module for Keyclock*
Currently we are using JAAS custom login module for authentication/authorization. Is it possible to user the same or similar login module with Keyclock? We need to avoid redirection to Keyclock login page.
If redirection is must, is there any sample to migrate from JAAS to Keyclock realm?
Thanks!
--
Life is like this: "Just when we get all the answers of life.... God changes the question paper....
Valsaraj Viswanathan
_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list