after talking
with Sebastien about some issues I'm facing when trying to use a
keycloak.json file with Spring Boot Adapter.
Fell free to watch that issue for updates.
On Fri, May 19, 2017 at 8:01 AM, Pedro Igor Silva <psilva(a)redhat.com> wrote:
I'm not sure. But I will check if that is possible. If so, will
update
that quickstart to use keycloak.json instead.
I'm also thinking about a another quickstart to demonstrate how to protect
APIs in Spring Boot. The one I have is pretty much related with protecting
web applications, but we probably need another one to also demonstrate
API/service security.
On Thu, May 18, 2017 at 10:19 PM, Crafton Williams <
crafton.williams(a)qut.edu.au> wrote:
> Hi Pedro:
>
>
>
> This is a huge help, thanks!
>
>
>
> A few questions though...is this is the only way to implement Authz with
> keyclaok and springboot? Is it possible to use the
> keycloak-spring-boot-adapter along with keycloak.json configured as a
> policy enforcer? I found it to be a very nice way of separating the
> security concern from the code itself.
>
>
>
>
>
> Cheers,
>
>
>
> Crafton
>
>
>
>
>
> *From: *Pedro Igor Silva <psilva(a)redhat.com>
> *Sent: *Friday, 19 May 2017 9:33 AM
> *To: *Crafton Williams <crafton.williams(a)qut.edu.au>
> *Cc: *keycloak-dev(a)lists.jboss.org
> *Subject: *Re: [keycloak-dev] Authorization with Springboot adapter
>
>
>
> I've sent a PR [1] with a quickstart for Spring Boot. Will work with some
> more examples covering specific features of Keycloak Authorization
> Services.
>
>
>
> Please let me know what you think about it. It is basically a Spring Boot
> Web application protected with simple fine-grained permissions.
>
>
>
> [1]
https://github.com/keycloak/keycloak-quickstarts/pull/26
>
>
>
> Regards.
> Pedro Igor
>
>
>
>
>
> On Thu, May 18, 2017 at 9:35 AM, Pedro Igor Silva <psilva(a)redhat.com>
> wrote:
>
> Btw, you are not the first one asking for more details about Spring boot
> integration. That is why I want to review this ....
>
>
>
> On Thu, May 18, 2017 at 9:34 AM, Pedro Igor Silva <psilva(a)redhat.com>
> wrote:
>
> We are really missing examples and documentation to Spring Boot Adapter.
> Will write an example/template and review docs.
>
>
>
> Can give you an answer right now because I've tested authz with spring
> boot only a very few times. But you should not get this error at all.
>
>
>
> Will have something today.
>
>
>
>
>
>
>
> On Thu, May 18, 2017 at 3:17 AM, Crafton Williams <
> crafton.williams(a)qut.edu.au> wrote:
>
> Hi All:
>
> I’m trying to configure a basic springboot app using the springboot
> keycloak adapter. Authentication works as expected but I’m a bit confused
> as to how to configure the policy enforcer in yaml. The documentation shows
> configuring the policy-enforcer as a json document however the springboot
> config implies a only policy-enforcer-config. In any case, I did try the
> json doc but it wasn’t picked up by the adapter.
>
> I’m using 3.0.0.Final and tried the following in my yaml file(omitted the
> rest of the path info for brevity):
>
> Policy-enforcer-config:
> Enforcement-mode: ENFORCING
> paths:
>
> * name: blah
>
> The exception I got was:
>
> org.springframework.context.ApplicationContextException: Unable to start
> embedded container; nested exception is
org.springframework.beans.factory.BeanCreationException:
> Error creating bean with name 'tomcatEmbeddedServletContainerFactory'
> defined in class path resource [org/springframework/boot/auto
> configure/web/EmbeddedServletContainerAutoConfiguration$EmbeddedTomcat.class]:
> Initialization of bean failed; nested exception is
> org.springframework.beans.factory.UnsatisfiedDependencyException: Error
> creating bean with name 'org.keycloak.adapters.springb
> oot.KeycloakSpringBootConfiguration': Unsatisfied dependency expressed
> through method 'setKeycloakSpringBootProperties' parameter 0; nested
> exception is org.springframework.beans.factory.BeanCreationException:
> Error creating bean with name 'keycloak-org.keycloak.adapter
> s.springboot.KeycloakSpringBootProperties': Could not bind properties to
> KeycloakSpringBootProperties (prefix=keycloak, ignoreInvalidFields=false,
> ignoreUnknownFields=false, ignoreNestedProperties=false); nested exception
> is org.springframework.beans.InvalidPropertyException: Invalid property
> 'policyEnforcerConfig.paths[0]' of bean class
> [org.keycloak.adapters.springboot.KeycloakSpringBootProperties]: Illegal
> attempt to get property 'paths' threw exception; nested exception is
> java.lang.UnsupportedOperationException
>
> Is there an example project somewhere that can guide me in configuring
> the policy enforcer for the springboot adapter?
>
> Cheers,
>
> Crafton
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
>
>
>
>
>
>
>
>