[keycloak-user] Clarifications regarding Spring Security Adapter Configuration

Michael Furman michael_furman at hotmail.com
Wed Nov 2 11:53:53 EDT 2016

Thanks Bruno,
I will happy for the additional clarification.
What is the redirect URL (Valid Redirect URIs) I should configure on IDP during the client configuration?
Below or something else?

From: Bruno Oliveira <bruno at abstractj.org>
Sent: Friday, October 28, 2016 2:34 PM
To: Michael Furman; keycloak-user
Subject: Re: [keycloak-user] Clarifications regarding Spring Security Adapter Configuration

Hi Michael

On 2016-10-26, Michael Furman wrote:
> Hi all,
> I will happy for couple of clarifications regarding Java Adapter Configuration:
> https://keycloak.gitbooks.io/securing-client-applications-guide/content/topics/oidc/java/java-adapter-config.html
> I want to use Spring Security Adapter:
> https://keycloak.gitbooks.io/securing-client-applications-guide/content/topics/oidc/java/spring-security-adapter.html
>   1.  Where keycloak.json should be located?
> How I pass it to the Spring Security Adapter?

If you look at the section "XML Configuration"[1] there's a snippet
showing how to configure it:

<bean id="adapterDeploymentContext" class="org.keycloak.adapters.springsecurity.AdapterDeploymentContextFactoryBean">
   <constructor-arg value="/WEB-INF/keycloak.json" />

>   2.  Is it possible to configure all properties (that configured in keycloak.json) via database?
> Or alternatively via some Spring Context?

I did something related to this in the past with RESTful endpoints, not
sure if it helps. But if you have sensitive information,
I strongly recommend not doing that.

> In this case I will be able to put confidential information (e.g. truststore-password) in the databasea

Looking at this issue[2], I'm not sure if what you want is supported

[1] - https://keycloak.gitbooks.io/securing-client-applications-guide/content/topics/oidc/java/spring-security-adapter.html
[2] - https://issues.jboss.org/browse/KEYCLOAK-1410

> Thank you in advance for your help.
> Best regards,
>    Michael
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
keycloak-user Info Page - JBoss Developer<https://lists.jboss.org/mailman/listinfo/keycloak-user>
To see the collection of prior postings to the list, visit the keycloak-user Archives. Using keycloak-user: To post a message to all the list members ...


PGP: 0x84DC9914

More information about the keycloak-user mailing list