I'm not sure. But I will check if that is possible. If so, will update that
quickstart to use keycloak.json instead.
I'm also thinking about a another quickstart to demonstrate how to protect
APIs in Spring Boot. The one I have is pretty much related with protecting
web applications, but we probably need another one to also demonstrate
API/service security.
On Thu, May 18, 2017 at 10:19 PM, Crafton Williams <
crafton.williams(a)qut.edu.au> wrote:
Hi Pedro:
This is a huge help, thanks!
A few questions though...is this is the only way to implement Authz with
keyclaok and springboot? Is it possible to use the
keycloak-spring-boot-adapter along with keycloak.json configured as a
policy enforcer? I found it to be a very nice way of separating the
security concern from the code itself.
Cheers,
Crafton
*From: *Pedro Igor Silva <psilva(a)redhat.com>
*Sent: *Friday, 19 May 2017 9:33 AM
*To: *Crafton Williams <crafton.williams(a)qut.edu.au>
*Cc: *keycloak-dev(a)lists.jboss.org
*Subject: *Re: [keycloak-dev] Authorization with Springboot adapter
I've sent a PR [1] with a quickstart for Spring Boot. Will work with some
more examples covering specific features of Keycloak Authorization
Services.
Please let me know what you think about it. It is basically a Spring Boot
Web application protected with simple fine-grained permissions.
[1]
https://github.com/keycloak/keycloak-quickstarts/pull/26
Regards.
Pedro Igor
On Thu, May 18, 2017 at 9:35 AM, Pedro Igor Silva <psilva(a)redhat.com>
wrote:
Btw, you are not the first one asking for more details about Spring boot
integration. That is why I want to review this ....
On Thu, May 18, 2017 at 9:34 AM, Pedro Igor Silva <psilva(a)redhat.com>
wrote:
We are really missing examples and documentation to Spring Boot Adapter.
Will write an example/template and review docs.
Can give you an answer right now because I've tested authz with spring
boot only a very few times. But you should not get this error at all.
Will have something today.
On Thu, May 18, 2017 at 3:17 AM, Crafton Williams <
crafton.williams(a)qut.edu.au> wrote:
Hi All:
I’m trying to configure a basic springboot app using the springboot
keycloak adapter. Authentication works as expected but I’m a bit confused
as to how to configure the policy enforcer in yaml. The documentation shows
configuring the policy-enforcer as a json document however the springboot
config implies a only policy-enforcer-config. In any case, I did try the
json doc but it wasn’t picked up by the adapter.
I’m using 3.0.0.Final and tried the following in my yaml file(omitted the
rest of the path info for brevity):
Policy-enforcer-config:
Enforcement-mode: ENFORCING
paths:
* name: blah
The exception I got was:
org.springframework.context.ApplicationContextException: Unable to start
embedded container; nested exception is
org.springframework.beans.factory.BeanCreationException:
Error creating bean with name 'tomcatEmbeddedServletContainerFactory'
defined in class path resource [org/springframework/boot/
autoconfigure/web/EmbeddedServletContainerAutoCo
nfiguration$EmbeddedTomcat.class]: Initialization of bean failed; nested
exception is org.springframework.beans.factory.
UnsatisfiedDependencyException: Error creating bean with name
'org.keycloak.adapters.springboot.KeycloakSpringBootConfiguration':
Unsatisfied dependency expressed through method '
setKeycloakSpringBootProperties' parameter 0; nested exception is
org.springframework.beans.factory.BeanCreationException: Error creating
bean with name
'keycloak-org.keycloak.adapters.springboot.KeycloakSpringBootProperties':
Could not bind properties to KeycloakSpringBootProperties (prefix=keycloak,
ignoreInvalidFields=false, ignoreUnknownFields=false,
ignoreNestedProperties=false); nested exception is
org.springframework.beans.InvalidPropertyException: Invalid property
'policyEnforcerConfig.paths[0]' of bean class [org.keycloak.adapters.
springboot.KeycloakSpringBootProperties]: Illegal attempt to get property
'paths' threw exception; nested exception is java.lang.
UnsupportedOperationException
Is there an example project somewhere that can guide me in configuring the
policy enforcer for the springboot adapter?
Cheers,
Crafton
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev