It didnt. Thats why i did the change to the catalina.jar file.

Managed to come up with this http://blog-ungarida.rhcloud.com/keycloak-tomcat-adapter/

Thats why I did this change to catalina.jar.

 

Kalinga

-----Original Message-----
From: "Marek Posolda" <mposolda@redhat.com>
Sent: Wednesday, March 18, 2015 4:50pm
To: "Kalinga Dissanayake" <kalinga@leapset.com>, keycloak-user@lists.jboss.org, "Stian Thorgersen" <stian@redhat.com>
Subject: Re: [keycloak-user] Tomcat adapter for keycloak

For Tomcat adapter, you don't need KEYCLOAK authentication type in web.xml, but BASIC should be sufficient. Does it work with BASIC and without your step 3 (Changing catalina.jar) ?

Marek

On 18.3.2015 10:00, Kalinga Dissanayake wrote:

I am in the process of trying out a few adapters supported by keycloak.

Tried the tomcat adapter but im a getting a continuous redirect on the browser.

 

I did the following;

1/ Installed the adapter on tomcat

2/ Installed all the libraries.

3/ Changed catalina.jar to add an authentication type called KEYCLOAK

4/ Added the context.xml to the client in META-INF

 

<?xml version="1.0" encoding="UTF-8"?>
<Context path="/sample" debug="0" privileged="true">
    <Valve className="org.keycloak.adapters.tomcat.KeycloakAuthenticatorValve" />
</Context>

 

5/ Added the keycloak.json

{
"realm": "demo",
"realm-public-key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC6pigvwuJUVfi9sEaZOj7txNfBwPAEt+0AIBSFHRzoWSxNAnznkwGV83qGK+Kc6GAMdlch87GeFzSZh76qC9GUlQ1WGOjbNA4YApnd9PmLvt1iBfe/3xkjIBeKEYmeA9mg3xn3eTosWmL1WIFzFy4NRbe09fAC1hZ5zazfjSDBtwIDAQAB",
"auth-server-url": "http://localhost:8080/auth",
"ssl-required": "external",
"resource": "customer-portal",
"public-client": true,
"use-resource-role-mappings": true
}

 

6/ Changed web.xml

<!DOCTYPE web-app PUBLIC
 "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
 "http://java.sun.com/dtd/web-app_2_3.dtd" >

<web-app>
  <display-name>Archetype Created Web Application</display-name>

    <security-constraint>
        <web-resource-collection>
            <web-resource-name>sample</web-resource-name>
            <url-pattern>/*</url-pattern>
        </web-resource-collection>
        <auth-constraint>
            <role-name>user</role-name>
        </auth-constraint>
    </security-constraint>
    <security-role>
        <role-name>user</role-name>
    </security-role>
    <login-config>
        <auth-method>KEYCLOAK</auth-method>
        <realm-name>demo</realm-name>
    </login-config>
</web-app>

 

The client app successfully redirects to the server url (keycloak) and I can login entering the creds. and it redirects back to the client, however the client goes into a loop.

Should I do a change in the client to extract some details and save it in the session? Or will be the adapter handle this for me

 

Kalinga

 



_______________________________________________ keycloak-user mailing list keycloak-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user