[keycloak-user] Spring Security Adapter - setting properties vs keycloak.json

Matt H tsdgcc2087 at outlook.com
Tue Dec 6 09:31:04 EST 2016


I saw that, but that looked like a way to specify different json configs depending on paths.  Was there a way in there to actually build the json?


________________________________
From: Chris Savory <chris.savory at edlogics.com>
Sent: Tuesday, December 6, 2016 8:23 AM
To: Matt H; keycloak-user at lists.jboss.org
Subject: Re: [keycloak-user] Spring Security Adapter - setting properties vs keycloak.json

You could use the KeycloakConfigResolver.  It's meant for multi-tenant scenarios, but you could just configure one (or many) Keycloak realms via that java object.

--
Christopher Savory
Software Engineer | EdLogics
www.edlogics.com<http://www.edlogics.com> <http://www.edlogics.com/>
EdLogics | Taking consumer health education &amp ...<http://www.edlogics.com/>
www.edlogics.com
EdLogics provides consumers with a broad array of consumer friendly education resources using a multimedia gamified approach and pairs it with unique incentives and ...


EdLogics | Taking consumer health education &amp ...<http://www.edlogics.com/>
www.edlogics.com
EdLogics provides consumers with a broad array of consumer friendly education resources using a multimedia gamified approach and pairs it with unique incentives and ...




 <http://www.edlogics.com/>
EdLogics | Taking consumer health education &amp ...<http://www.edlogics.com/>
www.edlogics.com
EdLogics provides consumers with a broad array of consumer friendly education resources using a multimedia gamified approach and pairs it with unique incentives and ...



 <https://www.linkedin.com/company/edlogics> <https://twitter.com/EdLogics>
EdLogics | LinkedIn<https://www.linkedin.com/company/edlogics>
www.linkedin.com
Learn about working at EdLogics. Join LinkedIn today for free. See who you know at EdLogics, leverage your professional network, and get hired.


[https://pbs.twimg.com/profile_images/603589032249937921/wcMtivPt_400x400.jpg]<https://twitter.com/EdLogics>

EdLogics (@EdLogics) | Twitter<https://twitter.com/EdLogics>
twitter.com
The latest Tweets from EdLogics (@EdLogics). Empowering individuals through improved health literacy




On 12/6/16, 8:05 AM, "keycloak-user-bounces at lists.jboss.org on behalf of Matt H" <keycloak-user-bounces at lists.jboss.org on behalf of tsdgcc2087 at outlook.com> wrote:

    When using the Spring Security Adapter, is it possible to set properties for the values and not use the keycloak.json file?  Having the credentials.secret value stored in clear text is not an option for me.  I already have a way to encrypt values and read them in my application, I just need to decrypt this value and set it.  The only alternative I have is to dynamically generate the keycloak.json file at the start of my app, then set the property keycloak.configurationFile with this location.


    Also, when reading the Securing Applications and Services guide, it states that the value for realm-public-key is OPTIONAL and should not be set since Keycloak rotates keys.  However if the value is set, the adapter will not download the key.  This seems like a good idea, but having keycloak generate the json file with this value seems bad.  Most clients would just take the file that is generated by the keycloak UI then add it to their application without knowing this.


    Matt
    _______________________________________________
    keycloak-user mailing list
    keycloak-user at lists.jboss.org
    https://lists.jboss.org/mailman/listinfo/keycloak-user




More information about the keycloak-user mailing list