<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 03/08/16 12:16, Christopher Davies
wrote:<br>
</div>
<blockquote
cite="mid:CAN9XQgz406YR4SbZsq2cGRAdpp_nJSKYYyx+vCoC2PPfoh6OnA@mail.gmail.com"
type="cite">
<div dir="ltr">Thanks everyone for all your help: I now have a
lash up with my app talking via spring security to Keycloak.
<div><br>
<div>OK one last question - more of a redirect to the correct
part of the documentation.
<div><br>
</div>
<div>However I do need a copy of the JWT to pass on to a
native application.</div>
<div>Can anyone point me at the api I would need to use to
get the signed JWT from SpingSecurity</div>
</div>
</div>
</div>
</blockquote>
If you have access to HttpServletRequest from Spring, then something
like this (
<a class="moz-txt-link-freetext" href="https://github.com/mposolda/keycloak/blob/master/examples/demo-template/customer-app/src/main/java/org/keycloak/example/CustomerDatabaseClient.java#L65-L70">https://github.com/mposolda/keycloak/blob/master/examples/demo-template/customer-app/src/main/java/org/keycloak/example/CustomerDatabaseClient.java#L65-L70</a>
)<br>
<br>
Marek <br>
<blockquote
cite="mid:CAN9XQgz406YR4SbZsq2cGRAdpp_nJSKYYyx+vCoC2PPfoh6OnA@mail.gmail.com"
type="cite">
<div dir="ltr">
<div>
<div>
<div><br>
</div>
<div><br>
</div>
<div>Thanks in advance</div>
<div><br>
</div>
<div>Chris</div>
<div> </div>
</div>
</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr">On Wed, Aug 3, 2016 at 10:54 AM Christopher
Davies <<a moz-do-not-send="true"
href="mailto:christopher.james.davies@gmail.com">christopher.james.davies@gmail.com</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">Thanks for all your help; I have managed to get
the adapter to load and read the keycloak file. I used the
following in my security.xml file:</div>
<div dir="ltr">
<div><br>
</div>
<div>> <bean id="adapterDeploymentContext"
class="org.keycloak.adapters.springsecurity.AdapterDeploymentContextFactoryBean"></div>
</div>
<div dir="ltr">
<div>> <constructor-arg
value=<a class="moz-txt-link-rfc2396E" href="file:config/keycloak.json">"file:config/keycloak.json"</a> /></div>
<div>> </bean></div>
<div><br>
</div>
<div>Now I can see my app connecting to keycloak. Next issue
is that despite keycloak passing pack the principal with
the correct Roles, Spring security is rejecting the user
in the RoleVoter.</div>
<div>Will try to solve this myself before I trouble you.</div>
<div><br>
</div>
<div>Chris</div>
<div> </div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr">On Tue, Aug 2, 2016 at 8:09 PM Scott Rossillo
<<a moz-do-not-send="true"
href="mailto:srossillo@smartling.com" target="_blank">srossillo@smartling.com</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div style="word-wrap:break-word">Well, the adapter does
support loading the keycloak.json file from anywhere on
the class path. Jetty AFAIK does include jetty/resources
on the class path. So, you could put keycloak.json there
and if you start the server with the option below it
should work:
<div><br>
</div>
<div>-Dkeycloak.configurationFile:”classpath:keycloak.json"<br>
<div><br>
</div>
</div>
</div>
<div style="word-wrap:break-word">
<div>
<div><br>
<div>
<div
style="color:rgb(0,0,0);letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;word-wrap:break-word">
<div
style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px">Scott
Rossillo</div>
<div
style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px">Smartling
| Senior Software Engineer</div>
<div
style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><a
moz-do-not-send="true"
href="mailto:srossillo@smartling.com"
target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:srossillo@smartling.com">srossillo@smartling.com</a></a></div>
<div
style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"></div>
</div>
</div>
</div>
</div>
</div>
<div style="word-wrap:break-word">
<div>
<div><br>
<div>
<blockquote type="cite">
<div>On Aug 2, 2016, at 8:56 AM, Christopher
Davies <<a moz-do-not-send="true"
href="mailto:christopher.james.davies@gmail.com"
target="_blank">christopher.james.davies@gmail.com</a>>
wrote:</div>
<br>
<div>
<div dir="ltr">I do not want to have to open
the war file just to update / change to
keycloak credentials.
<div>I am right that the <span
style="color:rgb(33,33,33);line-height:1.5">WEB-INF
sits inside the war file ?</span></div>
<div><font color="#212121">I would like a
single security instance for the entire
Jetty server</font></div>
<div><font color="#212121"><br>
</font></div>
<div><font color="#212121">Chris</font></div>
<div><font color="#212121"><br>
</font></div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr">On Tue, Aug 2, 2016 at 12:55
PM Sebastien Blanc <<a
moz-do-not-send="true"
href="mailto:sblanc@redhat.com"
target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:sblanc@redhat.com">sblanc@redhat.com</a></a>>
wrote:<br>
</div>
<blockquote class="gmail_quote"
style="margin:0 0 0 .8ex;border-left:1px
#ccc solid;padding-left:1ex">
<div dir="ltr">
<div>
<div>Hi,<br>
<br>
</div>
Any reasons you don't want to put the
keycloak.json in /WEB-INF ? <br>
</div>
<br>
<pre><code> <bean id="adapterDeploymentContext" class="org.keycloak.adapters.springsecurity.AdapterDeploymentContextFactoryBean">
<constructor-arg value="/WEB-INF/keycloak.json" />
</bean></code></pre>
Sebi<br>
</div>
<div class="gmail_extra"><br>
</div>
<div class="gmail_extra">
<div class="gmail_quote">On Tue, Aug 2,
2016 at 1:33 PM, Christopher Davies <span
dir="ltr"><<a
moz-do-not-send="true"
href="mailto:christopher.james.davies@gmail.com"
target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:christopher.james.davies@gmail.com">christopher.james.davies@gmail.com</a></a>></span>
wrote:<br>
</div>
</div>
<div class="gmail_extra">
<div class="gmail_quote">
<blockquote class="gmail_quote"
style="margin:0 0 0
.8ex;border-left:1px #ccc
solid;padding-left:1ex">
<div dir="ltr">I am looking at
linking our legacy app to
Keycloak.
<div><br>
</div>
<div>Currently it is a bespoke
jetty server, that only serves
our war files.</div>
<div>The security.xml is set in
config of the server directory.</div>
<div>I have taken the example
setting file from <a
moz-do-not-send="true"
href="https://keycloak.gitbooks.io/securing-client-applications-guide/content/topics/oidc/java/spring-security-adapter.html"
target="_blank"><a class="moz-txt-link-freetext" href="https://keycloak.gitbooks.io/securing-client-applications-guide/content/topics/oidc/java/spring-security-adapter.html">https://keycloak.gitbooks.io/securing-client-applications-guide/content/topics/oidc/java/spring-security-adapter.html</a></a></div>
<div><br>
</div>
<div>I can see this loading
keycloak's spring adapter.</div>
<div>It fails when searching for
Keycloak.json.</div>
<div><br>
</div>
<div>I was hoping to be able to
drop the <span
style="line-height:1.5">Keycloak.json
file in the config directory.</span></div>
<div><span style="line-height:1.5"><br>
</span></div>
<div><span style="line-height:1.5">Hope
you can be of assistance.
Please feel free to ask if I
have missed any key
information.</span></div>
<div><span style="line-height:1.5">I
am trying to get up to speed
on both KeyCloak and
SpringSecurity as I am a C++
programmer at heart.</span></div>
<div><span style="line-height:1.5"><br>
</span></div>
<div><span style="line-height:1.5">Chris</span></div>
<div><span style="line-height:1.5"><br>
</span></div>
</div>
<br>
</blockquote>
</div>
</div>
<div class="gmail_extra">
<div class="gmail_quote">
<blockquote class="gmail_quote"
style="margin:0 0 0
.8ex;border-left:1px #ccc
solid;padding-left:1ex">_______________________________________________<br>
keycloak-user mailing list<br>
<a moz-do-not-send="true"
href="mailto:keycloak-user@lists.jboss.org"
target="_blank">keycloak-user@lists.jboss.org</a><br>
<a moz-do-not-send="true"
href="https://lists.jboss.org/mailman/listinfo/keycloak-user"
rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br>
</blockquote>
</div>
<br>
</div>
</blockquote>
</div>
_______________________________________________<br>
keycloak-user mailing list<br>
<a moz-do-not-send="true"
href="mailto:keycloak-user@lists.jboss.org"
target="_blank">keycloak-user@lists.jboss.org</a><br>
<a moz-do-not-send="true"
href="https://lists.jboss.org/mailman/listinfo/keycloak-user"
target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></div>
</blockquote>
</div>
<br>
</div>
</div>
</div>
</blockquote>
</div>
</blockquote>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
keycloak-user mailing list
<a class="moz-txt-link-abbreviated" href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a>
<a class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/keycloak-user">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>
</blockquote>
<br>
</body>
</html>