Thanks everyone for all your help: I now have a lash up with my app talking via spring security to Keycloak.

OK one last question - more of a redirect to the correct part of the documentation.

However I do need a copy of the JWT to pass on to a native application.
Can anyone point me at the api I would need to use to get the signed JWT from SpingSecurity


Thanks in advance

Chris
 

On Wed, Aug 3, 2016 at 10:54 AM Christopher Davies <christopher.james.davies@gmail.com> wrote:
Thanks for all your help; I have managed to get the adapter to load and read the keycloak file. I used the following in my security.xml file:

>   <bean id="adapterDeploymentContext" class="org.keycloak.adapters.springsecurity.AdapterDeploymentContextFactoryBean">
>      <constructor-arg value="file:config/keycloak.json" />
>   </bean>

Now I can see my app connecting to keycloak. Next issue is that despite keycloak passing pack the principal with the correct Roles, Spring security is rejecting the user in the RoleVoter.
Will try to solve this myself before I trouble you.

Chris
 

On Tue, Aug 2, 2016 at 8:09 PM Scott Rossillo <srossillo@smartling.com> wrote:
Well, the adapter does support loading the keycloak.json file from anywhere on the class path. Jetty AFAIK does include jetty/resources on the class path. So, you could put keycloak.json there and if you start the server with the option below it should work:

-Dkeycloak.configurationFile:”classpath:keycloak.json"


Scott Rossillo
Smartling | Senior Software Engineer

On Aug 2, 2016, at 8:56 AM, Christopher Davies <christopher.james.davies@gmail.com> wrote:

I do not want to have to open the war file just to update / change to keycloak credentials.
I am right that the WEB-INF sits inside the war file ?
I would like a single security instance for the entire Jetty server

Chris


On Tue, Aug 2, 2016 at 12:55 PM Sebastien Blanc <sblanc@redhat.com> wrote:
Hi,

Any reasons you don't want to put the keycloak.json in /WEB-INF ?

    <bean id="adapterDeploymentContext" class="org.keycloak.adapters.springsecurity.AdapterDeploymentContextFactoryBean">
        <constructor-arg value="/WEB-INF/keycloak.json" />
    </bean>
Sebi

On Tue, Aug 2, 2016 at 1:33 PM, Christopher Davies <christopher.james.davies@gmail.com> wrote:
I am looking at linking our legacy app to Keycloak.

Currently it is a bespoke jetty server, that only serves our war files.
The security.xml is set in config of the server directory.

I can see this loading keycloak's spring adapter.
It fails when searching for Keycloak.json.

I was hoping to be able to drop the Keycloak.json file in the config directory.

Hope you can be of assistance. Please feel free to ask if I have missed any key information.
I am trying to get up to speed on both KeyCloak and SpringSecurity as I am a C++ programmer at heart.

Chris


_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user

_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user