6:20 a.m.
For Tomcat adapter, you don't need KEYCLOAK authentication type in
web.xml, but BASIC should be sufficient. Does it work with BASIC and
without your step 3 (Changing catalina.jar) ?
Marek
On 18.3.2015 10:00, Kalinga Dissanayake wrote:
I am in the process of trying out a few adapters supported by keycloak.
Tried the tomcat adapter but im a getting a continuous redirect on the
browser.
I did the following;
1/ Installed the adapter on tomcat
2/ Installed all the libraries.
3/ Changed catalina.jar to add an authentication type called KEYCLOAK
4/ Added the context.xml to the client in META-INF
<?xml version="1.0" encoding="UTF-8"?>
<Context path="/sample" debug="0" privileged="true">
<Valve
className="org.keycloak.adapters.tomcat.KeycloakAuthenticatorValve" />
</Context>
5/ Added the keycloak.json
{
"realm": "demo",
"realm-public-key":
"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC6pigvwuJUVfi9sEaZOj7txNfBwPAEt+0AIBSFHRzoWSxNAnznkwGV83qGK+Kc6GAMdlch87GeFzSZh76qC9GUlQ1WGOjbNA4YApnd9PmLvt1iBfe/3xkjIBeKEYmeA9mg3xn3eTosWmL1WIFzFy4NRbe09fAC1hZ5zazfjSDBtwIDAQAB",
"auth-server-url": "http://localhost:8080/auth",
"ssl-required": "external",
"resource": "customer-portal",
"public-client": true,
"use-resource-role-mappings": true
}
6/ Changed web.xml
<!DOCTYPE web-app PUBLIC
"-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
"http://java.sun.com/dtd/web-app_2_3.dtd" >
<web-app>
<display-name>Archetype Created Web Application</display-name>
<security-constraint>
<web-resource-collection>
<web-resource-name>sample</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>user</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<role-name>user</role-name>
</security-role>
<login-config>
<auth-method>KEYCLOAK</auth-method>
<realm-name>demo</realm-name>
</login-config>
</web-app>
The client app successfully redirects to the server url (keycloak) and
I can login entering the creds. and it redirects back to the client,
however the client goes into a loop.
Should I do a change in the client to extract some details and save it
in the session? Or will be the adapter handle this for me
Kalinga
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user