[keycloak-user] Testing secured EJB with Arquillian (using Keycloak adapter as SecurityDomain)

Jordan Conner 321j.con at gmail.com
Thu Dec 29 15:22:37 EST 2016


Hello,

I am getting EJBAccessException (method invocation is not allowed) when
using Arquillian to test secured EJBs. I expect to get this exception
because I have not logged in at all. My project works great outside of the
test suite when redirecting to my keycloak server and then serving up my
web applications protected resource. Before securing my EJBs, Arquillian
was working fine.

I've looked all over and the only example that comes remotely close is this
link... https://samaxes.com/2014/11/test-javaee-security-with-arquillian/

In it the author uses @RunAs. I would also like to use this annotation. I
have set up my project exactly like the authors, however I still can not
access my secured EJB.

The author's project does not use @SecurityDomain("keycloak") and I'm
having a hard time finding any examples that do.

Can my test suite use @RunAs when configured with the
keycloak-wildfly-adapter?

The only other option I can think of (and would rather not go this route)
is writing a custom module (because I don't see how to do it via the
adapter) to obtain an access token with Resource Owner Password Grant. But
then I do not see any examples of how to use keycloak-wildfly-adapter and
programmatically login with a raw access token, so is this even possible?

Thanks for your time,
Jordan


More information about the keycloak-user mailing list