Re: [keycloak-dev] Authorization with Springboot adapter

Hi Pedro: This is a huge help, thanks! A few questions though...is this is the only way to implement Authz with keyclaok and springboot? Is it possible to use the keycloak-spring-boot-adapter along with keycloak.json configured as a policy enforcer? I found it to be a very nice way of separating the security concern from the code itself. Cheers, Crafton From: Pedro Igor Silva<mailto:psilva@redhat.com> Sent: Friday, 19 May 2017 9:33 AM To: Crafton Williams<mailto:crafton.williams@qut.edu.au> Cc: keycloak-dev@lists.jboss.org<mailto:keycloak-dev@lists.jboss.org> Subject: Re: [keycloak-dev] Authorization with Springboot adapter I've sent a PR [1] with a quickstart for Spring Boot. Will work with some more examples covering specific features of Keycloak Authorization Services. Please let me know what you think about it. It is basically a Spring Boot Web application protected with simple fine-grained permissions. [1] https://github.com/keycloak/keycloak-quickstarts/pull/26 Regards. Pedro Igor On Thu, May 18, 2017 at 9:35 AM, Pedro Igor Silva <psilva@redhat.com<mailto:psilva@redhat.com>> wrote: Btw, you are not the first one asking for more details about Spring boot integration. That is why I want to review this .... On Thu, May 18, 2017 at 9:34 AM, Pedro Igor Silva <psilva@redhat.com<mailto:psilva@redhat.com>> wrote: We are really missing examples and documentation to Spring Boot Adapter. Will write an example/template and review docs. Can give you an answer right now because I've tested authz with spring boot only a very few times. But you should not get this error at all. Will have something today. On Thu, May 18, 2017 at 3:17 AM, Crafton Williams <crafton.williams@qut.edu.au<mailto:crafton.williams@qut.edu.au>> wrote: Hi All: I’m trying to configure a basic springboot app using the springboot keycloak adapter. Authentication works as expected but I’m a bit confused as to how to configure the policy enforcer in yaml. The documentation shows configuring the policy-enforcer as a json document however the springboot config implies a only policy-enforcer-config. In any case, I did try the json doc but it wasn’t picked up by the adapter. I’m using 3.0.0.Final and tried the following in my yaml file(omitted the rest of the path info for brevity): Policy-enforcer-config: Enforcement-mode: ENFORCING paths: * name: blah The exception I got was: org.springframework.context.ApplicationContextException: Unable to start embedded container; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'tomcatEmbeddedServletContainerFactory' defined in class path resource [org/springframework/boot/autoconfigure/web/EmbeddedServletContainerAutoConfiguration$EmbeddedTomcat.class]: Initialization of bean failed; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.keycloak.adapters.springboot.KeycloakSpringBootConfiguration': Unsatisfied dependency expressed through method 'setKeycloakSpringBootProperties' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'keycloak-org.keycloak.adapters.springboot.KeycloakSpringBootProperties': Could not bind properties to KeycloakSpringBootProperties (prefix=keycloak, ignoreInvalidFields=false, ignoreUnknownFields=false, ignoreNestedProperties=false); nested exception is org.springframework.beans.InvalidPropertyException: Invalid property 'policyEnforcerConfig.paths[0]' of bean class [org.keycloak.adapters.springboot.KeycloakSpringBootProperties]: Illegal attempt to get property 'paths' threw exception; nested exception is java.lang.UnsupportedOperationException Is there an example project somewhere that can guide me in configuring the policy enforcer for the springboot adapter? Cheers, Crafton _______________________________________________ keycloak-dev mailing list keycloak-dev@lists.jboss.org<mailto:keycloak-dev@lists.jboss.org> https://lists.jboss.org/mailman/listinfo/keycloak-dev