Re: [keycloak-user] Automated testing for keycloak secured applications
On 12/15/2015 10:54 AM, Orestis Tsakiridis wrote:
Hello,
I try to build automated tests for a keycloak secured REST application.
I plan to use arquilian as a test platform.
Do i need to have a working keycloak server to be used in the tests ?
Or is it possible to embed keycloak in the temporary deployment created
by arquilian?
That's a real good point. Not sure how we are tackling this.
Btw, my endpoints don't use web.xml based security rules. I
instead use
RSATokenVerifier.verifyToken() to manually verify the token.
Thus, i suppose that being able to manually create auth tokens from my
test cases (and not relying on a keycloak server) would also work.
FYI, Keycloak client adapters do have a filter implementations now that
you can use.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com