[keycloak-user] Wildfly Elytron client adapter - Propagate security domain to EJB

Pedro Igor Silva psilva at redhat.com
Tue Apr 2 21:07:46 EDT 2019 

Hi,

I guess it is a local EJB ? If so, could you try configuring the EJB
subsystem with an application-security-domain as follows:

/subsystem=ejb3/application-security-domain=other:add(security-domain=KeycloakDomain)

Regards.

On Tue, Apr 2, 2019 at 6:14 PM Ryan Slominski <ryans at jlab.org> wrote:

> Has anyone been able to propagate the Keycloak security domain in Wildfly
> Elytron client adapter to EJBs in an application using jboss-ejb3.xml?
> Creating a single file that is bundled with the application war seems like
> a better solution than importing  and apply a JBOSS specific annotation
> (@SecurityDomain) to hundreds of EJBs.
>
> I placed the file into WEB-INF with contents:
>
> <?xml version="1.1" encoding="UTF-8"?>
> <jboss:ejb-jar xmlns:jboss="http://www.jboss.com/xml/ns/javaee"
>     xmlns="http://java.sun.com/xml/ns/javaee"
>     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>     xmlns:s="urn:security"
>     xsi:schemaLocation="http://www.jboss.com/xml/ns/javaee
> http://www.jboss.org/j2ee/schema/jboss-ejb3-2_0.xsd"
>     version="3.1" impl-version="2.0">
>     <assembly-descriptor>
>         <s:security>
>             <ejb-name>*</ejb-name>
>             <s:security-domain>keycloak</s:security-domain>
>         </s:security>
>     </assembly-descriptor>
> </jboss:ejb-jar>
>
> I also tried label "KeycloakDomain" instead of "keycloak".  In either case
> I get the following error when I attempt to deploy the war file:
>
>     "WFLYCTL0412: Required services that are not installed:" =>
> ["jboss.security.security-domain.KeycloakDomain"],
>     "WFLYCTL0180: Services with missing/unavailable dependencies" => [
>         "jboss.deployment.unit.\"staff.war\".component.StaffFacade.CREATE
> is missing [jboss.security.security-domain.KeycloakDomain]",
>
> "jboss.deployment.unit.\"staff.war\".undertow-deployment.UndertowDeploymentInfoService
> is missing [jboss.security.security-domain.KeycloakDomain]",
>
> "jboss.deployment.unit.\"staff.war\".component.WorkgroupFacade.CREATE is
> missing [jboss.security.security-domain.KeycloakDomain]"
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>

More information about the keycloak-user mailing list