Re: [keycloak-user] Tomcat adapter for keycloak

It didnt. Thats why i did the change to the catalina.jar file. Managed to come up with this [ http://blog-ungarida.rhcloud.com/keycloak-tomcat-adapter/ ]( http://blog-ungarida.rhcloud.com/keycloak-tomcat-adapter/ ) Thats why I did this change to catalina.jar. Kalinga -----Original Message----- From: "Marek Posolda" <mposolda(a)redhat.com&gt; Sent: Wednesday, March 18, 2015 4:50pm To: "Kalinga Dissanayake" <kalinga(a)leapset.com&gt;, keycloak-user(a)lists.jboss.org, "Stian Thorgersen" <stian(a)redhat.com&gt; Subject: Re: [keycloak-user] Tomcat adapter for keycloak For Tomcat adapter, you don't need KEYCLOAK authentication type in web.xml, but BASIC should be sufficient. Does it work with BASIC and without your step 3 (Changing catalina.jar) ? Marek On 18.3.2015 10:00, Kalinga Dissanayake wrote: I am in the process of trying out a few adapters supported by keycloak. Tried the tomcat adapter but im a getting a continuous redirect on the browser. I did the following; 1/ Installed the adapter on tomcat 2/ Installed all the libraries. 3/ Changed catalina.jar to add an authentication type called KEYCLOAK 4/ Added the context.xml to the client in META-INF <?xml version="1.0" encoding="UTF-8"?> <Context path="/sample" debug="0" privileged="true"> <Valve className="org.keycloak.adapters.tomcat.KeycloakAuthenticatorValve" /> </Context> 5/ Added the keycloak.json { "realm": "demo", "realm-public-key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC6pigvwuJUVfi9sEaZOj7txNfBwPAEt+0AIBSFHRzoWSxNAnznkwGV83qGK+Kc6GAMdlch87GeFzSZh76qC9GUlQ1WGOjbNA4YApnd9PmLvt1iBfe/3xkjIBeKEYmeA9mg3xn3eTosWmL1WIFzFy4NRbe09fAC1hZ5zazfjSDBtwIDAQAB", "auth-server-url": [ "http://localhost:8080/auth" ]( http://localhost:8080/auth ), "ssl-required": "external", "resource": "customer-portal", "public-client": true, "use-resource-role-mappings": true } 6/ Changed web.xml <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" [ "http://java.sun.com/dtd/web-app_2_3.dtd" ]( http://java.sun.com/dtd/web-app_2_3.dtd ) > <web-app> <display-name>Archetype Created Web Application</display-name> <security-constraint> <web-resource-collection> <web-resource-name>sample</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>user</role-name> </auth-constraint> </security-constraint> <security-role> <role-name>user</role-name> </security-role> <login-config> <auth-method>KEYCLOAK</auth-method> <realm-name>demo</realm-name> </login-config> </web-app> The client app successfully redirects to the server url (keycloak) and I can login entering the creds. and it redirects back to the client, however the client goes into a loop. Should I do a change in the client to extract some details and save it in the session? Or will be the adapter handle this for me Kalinga _______________________________________________keycloak-user mailing list[ keycloak-user(a)lists.jboss.org ]( mailto:keycloak-user@lists.jboss.org )[ https://lists.jboss.org/mailman/listinfo/keycloak-user ]( https://lists.jboss.org/mailman/listinfo/keycloak-user )