[keycloak-user] Spring Security Adapter - setting properties vs keycloak.json

Matt H tsdgcc2087 at outlook.com
Tue Dec 6 09:05:37 EST 2016


When using the Spring Security Adapter, is it possible to set properties for the values and not use the keycloak.json file?  Having the credentials.secret value stored in clear text is not an option for me.  I already have a way to encrypt values and read them in my application, I just need to decrypt this value and set it.  The only alternative I have is to dynamically generate the keycloak.json file at the start of my app, then set the property keycloak.configurationFile with this location.


Also, when reading the Securing Applications and Services guide, it states that the value for realm-public-key is OPTIONAL and should not be set since Keycloak rotates keys.  However if the value is set, the adapter will not download the key.  This seems like a good idea, but having keycloak generate the json file with this value seems bad.  Most clients would just take the file that is generated by the keycloak UI then add it to their application without knowing this.


Matt


More information about the keycloak-user mailing list