Hi,

The elytron client configuration (wildfly-config.xml) can be configured to use the OAUTHBEARER [1]. You also need to configure SASL OAUTHBEARER on the server so that client and server can negotiate the mechanism.

The client configuration is using client credentials to obtain the token from Keycloak (or any other OAuth compliant server), but you can also use resource owner password grant type [2].

Regards,

Pedro Igor

[1] https://gist.github.com/pedroigor/6f8e69d8a31d792af9fc5c67eb6b9cab

[2] https://docs.wildfly.org/16/Client_Guide.html#authentication-client

On Thu, May 2, 2019 at 6:18 AM Besenti Samson <besenti.samson@gmail.com> wrote:

I am trying to configure elytron in wildfly 16 to secure ejbs using keycloak 6.0 that are accessed by a java client. Has anyone done a working example of this that I can follow? Specifically by way of the standalone.xml config and wildfly-config.xml. I have successfully stepped through an example using jboss properties file realm but getting lost when it comes to keycloak.

_______________________________________________
wildfly-dev mailing list
wildfly-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/wildfly-dev