Using keycloak-wildfly-adapter-dist-2.4.0.Final and Wildfly 9.0.2.Final
I am having the same issue as KEYCLOAK-3186
However, I do not receive an "Invalid User" error, the protected method in
the EJB via @RolesAllowed is ignored (no errors.)
I have the same structure. I use the keycloak-offline-adapter installer,
and the security domain is created in standalone.xml file.
WAR - contains keycloak.json and security constraints to certain urls in
web.xml with certain roles (WORKING.)
EJB - In my @Stateless beans I've tried @SecurityDomain("keycloak") and
I've tried setting it in jboss-ejb3.xml. I then use @RolesAllowed("admin")
on a single method, this is ignored when invoking that method as a "user"
If I try this same thing in a @Stateless bean inside my WAR it works.
His solution was to convert EAR package to WAR. I would really like to
stick to EAR->EJB-WAR structure.