Hi everybody,
I'm trying to migrate an existing application to keycloak and
I'm facing some problems.
My application is an ear composed of :
- one war containing Servlet and JaxRS resources (which are
not session beans but only rest resources calling EJBs)
- one jar containing EJB components secured with a dedicated
SecurityDomain.
-one HTML5/Angular client application
I've configured the security domain in standalone-full.xml
using the KeycloakLoginModule .
I've also configured the war using jboss-web.xml to use the
security domain of EJBs
Finally I've include the JAX-RS filter in order to allows
BearerToken authentication on the REST api in the WAR.
Angular application is able to loggin and to send the bearer
token in the http header. The jaxRS logs shows that token is
received and user name is retreive.
What happens is that authentication is not propagated to the
EJB Layer and the LoginModule is never called.
yes, the propagation from Jax-rs filter to EJB unfortunately doesn't
work. You can use the adapter and servlet authentication and in this
case it should be propagated as described in reference guide -