[keycloak-dev] Authorization with Springboot adapter

Fri May 19 07:01:10 EDT 2017

I'm not sure. But I will check if that is possible. If so, will update that
quickstart to use keycloak.json instead.

I'm also thinking about a another quickstart to demonstrate how to protect
APIs in Spring Boot. The one I have is pretty much related with protecting
web applications, but we probably need another one to also demonstrate
API/service security.

On Thu, May 18, 2017 at 10:19 PM, Crafton Williams <
crafton.williams at qut.edu.au> wrote:

> Hi Pedro:
>
>
>
> This is a huge help, thanks!
>
>
>
> A few questions though...is this is the only way to implement Authz with
> keyclaok and springboot? Is it possible to use the
> keycloak-spring-boot-adapter along with keycloak.json configured as a
> policy enforcer? I found it to be a very nice way of separating the
> security concern from the code itself.
>
>
>
>
>
> Cheers,
>
>
>
> Crafton
>
>
>
>
>
> *From: *Pedro Igor Silva <psilva at redhat.com>
> *Sent: *Friday, 19 May 2017 9:33 AM
> *To: *Crafton Williams <crafton.williams at qut.edu.au>
> *Cc: *keycloak-dev at lists.jboss.org
> *Subject: *Re: [keycloak-dev] Authorization with Springboot adapter
>
>
>
> I've sent a PR [1] with a quickstart for Spring Boot. Will work with some
> more examples covering specific features of Keycloak Authorization
> Services.
>
>
>
> Please let me know what you think about it. It is basically a Spring Boot
> Web application protected with simple fine-grained permissions.
>
>
>
> [1] https://github.com/keycloak/keycloak-quickstarts/pull/26
>
>
>
> Regards.
> Pedro Igor
>
>
>
>
>
> On Thu, May 18, 2017 at 9:35 AM, Pedro Igor Silva <psilva at redhat.com>
> wrote:
>
> Btw, you are not the first one asking for more details about Spring boot
> integration. That is why I want to review this ....
>
>
>
> On Thu, May 18, 2017 at 9:34 AM, Pedro Igor Silva <psilva at redhat.com>
> wrote:
>
> We are really missing examples and documentation to Spring Boot Adapter.
> Will write an example/template and review docs.
>
>
>
> Can give you an answer right now because I've tested authz with spring
> boot only a very few times. But you should not get this error at all.
>
>
>
> Will have something today.
>
>
>
>
>
>
>
> On Thu, May 18, 2017 at 3:17 AM, Crafton Williams <
> crafton.williams at qut.edu.au> wrote:
>
> Hi All:
>
> I’m trying to configure a basic springboot app using the springboot
> keycloak adapter. Authentication works as expected but I’m a bit confused
> as to how to configure the policy enforcer in yaml. The documentation shows
> configuring the policy-enforcer as a json document however the springboot
> config implies a only policy-enforcer-config. In any case, I did try the
> json doc but it wasn’t picked up by the adapter.
>
> I’m using 3.0.0.Final and tried the following in my yaml file(omitted the
> rest of the path info for brevity):
>
> Policy-enforcer-config:
>   Enforcement-mode: ENFORCING
>   paths:
>
>   *   name: blah
>
> The exception I got was:
>
> org.springframework.context.ApplicationContextException: Unable to start
> embedded container; nested exception is org.springframework.beans.factory.BeanCreationException:
> Error creating bean with name 'tomcatEmbeddedServletContainerFactory'
> defined in class path resource [org/springframework/boot/
> autoconfigure/web/EmbeddedServletContainerAutoCo
> nfiguration$EmbeddedTomcat.class]: Initialization of bean failed; nested
> exception is org.springframework.beans.factory.
> UnsatisfiedDependencyException: Error creating bean with name
> 'org.keycloak.adapters.springboot.KeycloakSpringBootConfiguration':
> Unsatisfied dependency expressed through method '
> setKeycloakSpringBootProperties' parameter 0; nested exception is
> org.springframework.beans.factory.BeanCreationException: Error creating
> bean with name 'keycloak-org.keycloak.adapters.springboot.KeycloakSpringBootProperties':
> Could not bind properties to KeycloakSpringBootProperties (prefix=keycloak,
> ignoreInvalidFields=false, ignoreUnknownFields=false,
> ignoreNestedProperties=false); nested exception is
> org.springframework.beans.InvalidPropertyException: Invalid property
> 'policyEnforcerConfig.paths[0]' of bean class [org.keycloak.adapters.
> springboot.KeycloakSpringBootProperties]: Illegal attempt to get property
> 'paths' threw exception; nested exception is java.lang.
> UnsupportedOperationException
>
> Is there an example project somewhere that can guide me in configuring the
> policy enforcer for the springboot adapter?
>
> Cheers,
>
> Crafton
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
>
>
>
>
>
>
>
>