[keycloak-user] What contents from web.xml of .war file needs to be configure in keycloak
vandana thota
vandana0242 at gmail.com
Mon Jul 23 11:09:10 EDT 2018
>From my previous email continuation .We have deployed jenkins.war file
which we are using for our testing purpose .
We took that from google
On Mon, Jul 23, 2018 at 9:45 AM vandana thota <vandana0242 at gmail.com> wrote:
> Hello
>
> I have choosen to secure via app.
>
> So we have below keycloak SAML Adapter keycloak Saml.xml file from
> installation tab of client of keycloak :
>
> You want me to put the line "use-resource-role-mappings": true in
> this file if yes where exactly ?
>
> <keycloak-saml-adapter>
> <SP entityID="http://nl005164.tst.kohls.com:19015/jenkins"
> sslPolicy="EXTERNAL"
> logoutPage="SPECIFY YOUR LOGOUT PAGE!">
> <Keys>
> <Key signing="true">
> <PrivateKeyPem>
>
> MIIEpAIBAAKCAQEAm/PTR12jgLAJYbvVtEzQuCqq6QJ1OlTzatbV1nT0Jdcd+AXsh0bUhhTj6/R5la2rDofiOuB0nxgHAdE1I9euiWSelgWn4nK7z+twT+CPCwRJ9tbwd172Qurulor+xP86lqHqSHkrBYkyhOR83jf97ttr4aNXZMvzsVPdyTG0KnxyFdsdhX1Q9VMm5XWisv63y5Rnlzih1vnvq1VTCawEmuLOzSiFmC10JlUp860ogLoeXF2BpKYB20apKYkm+P5HQlEP+L3uxDHSxjDDjcxv8AJ3p8ShOfLx2D0+WXHH+GjMbo/uBgy5hYm5uBEsSkBt9asEljXpQTZhhaFFH1X4pQIDAQABAoIBACb/PaHm5G/VlUL/OV0wqDClWr+RgcboX0YkGqzZ6gNcW34d3RumtpYguy3RoGWxW8jyabvXTNJLq9Tkf6lK0bZBlvZky6pwjk5bzWXr/Vj/5Y74CIGRGXt6S9cRQsv4Fqp8Kp2czwk/WYaprB/VWIZWEBAITF5EMdfx5M/ewfKtb4oRgVMQR+ORQJThqvakQYgpgFVNGVgi03g3uUJcl48pfQQJnOrmIkMc3wpgdvzk3/wDjNyp7c7vmLLKQRzqFl5dr9uqRzIpFkaQI4ndwv29U6H8at9HSxHk85xcZ/nqr2LrR405F2sqtSNWUbBLmoTuX0P7TeOD35naSJLemTECgYEA2HLtyzFkdwZHeU7vmI/ZV6qQpDnfqyAReLqIiUwVx0vo3ZADq/d6cVucr0INCylaTp0lwFORmk+dQ3+AQGKANAev7jA5YKvkX95RgO+zRSlnM50jYgczrT3zZEnGlSZAoVoq+eN3wYUEmtK5dYYAX6vDTkFzqboQ/mxF7N5FWxsCgYEAuHL8I9S6ZAcFnV8AgxpZDDSWaDfVlFgdtTC8BOGMljpnCbWCz+9B5TeVJEoIkVqwJzYyLilruDMpTyHlmS6nw33MtinV7ZCUzLOo3ZxkEqobxoU5YkHFqs8mdkCoEarv+WEVfzfhEK3xxuKqDYRe4RqXGpUT8vCnvny9mGhxdz8CgYEArM3Ery51yNjIgz7T5nchy+2uoI5b1aE6kapKi2KlGIGwHgN2Cvr/VDURuJIBG+Id6RlpJE0Tt6DMKzFF0SFSvTdN69mwVU+meith4pB8DUFq1TglIYQia7ND99M2qajqfGciXHKQD34FGR4XVo5vCfJ1cKqsjtqv6o/Cm8Mwl/UCgYAToLjQH00OY+jnDDsDuIQNVnNC994UgSP4Kg13/4B0ZBae49/dvLooaDfIutAal6nzIkNIwkOiQF9++j5yhJJ5rSNhpyYKt7394ohvvLqxecSm5XpryE/+kzimkM7Rwnzy7q/Y79tVaQ03ettZwOJP1gKKY57R1WYkUSXj2AlrBQKBgQCzBWzcRtBiV/mTFqUwKMpZX9yeOZi/9+V9lKd7N6gKlAE1gcXMyYV23Af34Vt523mKZhxURZcAcfTcZW/NY61rhRdYTeBeBXjd0uKcfpGupigeJUOX/eH+GjKJkvh+bsr63nSaXzB+7vStyDs8Ap/H4rql1aWOhOXcMk+K5Y6ZAQ==
> </PrivateKeyPem>
> <CertificatePem>
>
> MIICoTCCAYkCBgFkqM8/cTANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDDAlzYW1wbC1hcHAwHhcNMTgwNzE3MTUxMzMxWhcNMjgwNzE3MTUxNTExWjAUMRIwEAYDVQQDDAlzYW1wbC1hcHAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCb89NHXaOAsAlhu9W0TNC4KqrpAnU6VPNq1tXWdPQl1x34BeyHRtSGFOPr9HmVrasOh+I64HSfGAcB0TUj166JZJ6WBaficrvP63BP4I8LBEn21vB3XvZC6u6Wiv7E/zqWoepIeSsFiTKE5HzeN/3u22vho1dky/OxU93JMbQqfHIV2x2FfVD1UybldaKy/rfLlGeXOKHW+e+rVVMJrASa4s7NKIWYLXQmVSnzrSiAuh5cXYGkpgHbRqkpiSb4/kdCUQ/4ve7EMdLGMMONzG/wAnenxKE58vHYPT5Zccf4aMxuj+4GDLmFibm4ESxKQG31qwSWNelBNmGFoUUfVfilAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAB8zH+XBes8n4+OdW8edDax/s2T4xAF+nHYkPn+d2G94X2h6oe8r20P8Wj9K1Z/iijwVSh6pbOEPssH6EHVBVQ8ImmO682TiLWvxu7wmxgWkgTAWyRZ5Hxqk2i/bU/ZKRLt5sDJcH9RlpZlgvI8d1lpyzWcWTn2o428s1FhBQ+cBUtuXPsbrQMcU8i+ODQ0HpHDbZxe1T3qbwevR9zXaQ3js67Jr7INYIHnrncpN+TxaBg4jClhwHEXQrqeIZAyLo6CZobwowpSqnRQ6Hut26zCPUYAVh2Tzq5JoOLC9duEzOUrL4/TVHvsQa+rlK4Cu7Qfe34P61yf+kXjYeATn2Xg=
> </CertificatePem>
> </Key>
> </Keys>
> <IDP entityID="idp"
> signatureAlgorithm="RSA_SHA256"
> signatureCanonicalizationMethod="
> http://www.w3.org/2001/10/xml-exc-c14n#">
> <SingleSignOnService signRequest="true"
> validateResponseSignature="true"
> validateAssertionSignature="false"
> requestBinding="POST"
> bindingUrl="
> http://nl005164.tst.kohls.com:19017/auth/realms/Demo-Realm/protocol/saml
> "/>
> <SingleLogoutService signRequest="true"
> signResponse="true"
> validateRequestSignature="true"
> validateResponseSignature="true"
> requestBinding="POST"
> responseBinding="POST"
> postBindingUrl="
> http://nl005164.tst.kohls.com:19017/auth/realms/Demo-Realm/protocol/saml"
> redirectBindingUrl="
> http://nl005164.tst.kohls.com:19017/auth/realms/Demo-Realm/protocol/saml
> "/>
> </IDP>
> </SP>
> </keycloak-saml-adapter>
>
>
> On Mon, Jul 23, 2018 at 8:08 AM Dmitry Telegin <dt at acutus.pro> wrote:
>
>> Vandana,
>>
>> Could you please check your WEB-INF/keycloak.json and add the following
>> key:
>>
>> "use-resource-role-mappings": true
>>
>> Then redeploy your application. Does it help?
>>
>> Dmitry
>>
>> > yes we have those in web.xml .
>> >
>> > What exactly needs to be take from web.xml and put in keycloak ? for
>> > single sign on configuration ?We tried to have roles and username
>> > same as in web.xml in keycloak also but it did not work .can you
>> > able to give us a scenario in detail ?
>> >
>> >
>> >
>> >
>> > Thanks,
>> >
>> >
>> > On Sun, Jul 22, 2018 at 9:21 PM Dmitry Telegin <dt at acutus.pro> wrote:
>> > > Hi Vandana,
>> > >
>> > > The process of configuring Keycloak Wildfly adapter is described in
>> > > detail here, including the example of web.xml: https://www.keycloak
>> > > .org/docs/latest/securing_apps/index.html#jboss-eap-wildfly-adapter
>> > >
>> > > Cheers,
>> > > Dmitry Telegin
>> > > CTO, Acutus s.r.o.
>> > > Keycloak Consulting and Training
>> > >
>> > > Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
>> > > +42 (022) 888-30-71
>> > > E-mail: info at acutus.pro
>> > >
>> > > On Thu, 2018-07-19 at 16:24 -0500, vandana thota wrote:
>> > > > Hello
>> > > >
>> > > > Trying to configure SSO for the application on wildfly with
>> > > keycloak
>> > > > What contents from web.xml of .war file needs to be
>> > > configure in
>> > > > keycloak
>> > > > console ?
>> > > >
>> > > > why we need to take from web.xml file
>> > > >
>> > > > What exactly are they roles etc . ?
>> > > >
>> > > >
>> > > >
>> > > > Thanks,
>> > > > Vandana
>> > > > _______________________________________________
>> > > > keycloak-user mailing list
>> > > > keycloak-user at lists.jboss.org
>> > > > https://lists.jboss.org/mailman/listinfo/keycloak-user
>> > >
>>
>
More information about the keycloak-user
mailing list