sync with latest changes
This commit is contained in:
commit
1347995f98
5 changed files with 13 additions and 6 deletions
|
@ -174,7 +174,9 @@ public class CustomerService {
|
|||
This section describes how to secure a WAR directly by adding config and editing files within your WAR package.
|
||||
|
||||
The first thing you must do is create a `keycloak.json` adapter config file within the `WEB-INF` directory of your WAR.
|
||||
The format of this config file is describe in the <<_java_adapter_config,general adapter configuration>> section.
|
||||
|
||||
The format of this config file is describe in the <<fake/../java-adapter-config.adoc#_java_adapter_config,Java adapter configuration>> section.
|
||||
|
||||
|
||||
Next you must set the `auth-method` to `KEYCLOAK` in `web.xml`.
|
||||
You also have to use standard servlet security to specify role-base constraints on your URLs.
|
||||
|
@ -259,7 +261,9 @@ This metadata is instead defined within server configuration (i.e. `standalone.x
|
|||
|
||||
The `secure-deployment` `name` attribute identifies the WAR you want to secure.
|
||||
Its value is the `module-name` defined in `web.xml` with `.war` appended.
|
||||
The rest of the configuration corresponds pretty much one to one with the `keycloak.json` configuration options defined in <<_java_adapter_config,general adapter configuration>>.
|
||||
|
||||
The rest of the configuration corresponds pretty much one to one with the `keycloak.json` configuration options defined in <<fake/../java-adapter-config.adoc#_java_adapter_config,Java adapter configuration>>.
|
||||
|
||||
The exception is the `credential` element.
|
||||
|
||||
To make it easier for you, you can go to the {{book.project.title}} Administration Console and go to the Application/Installation tab of the application this WAR is aligned with.
|
||||
|
|
|
@ -44,4 +44,4 @@ OPTIONS=Server,jsp,jmx,resources,websocket,ext,plus,annotations,keycloak
|
|||
|
||||
Enabling Keycloak for your WARs is the same as the Jetty 9.x adapter.
|
||||
Our 8.1.x adapter supports both keycloak.json and the jboss-web.xml advanced configuration.
|
||||
See <<_jetty9_per_war,Required Per WAR Configuration>>
|
||||
See <<fake/../jetty9-adapter.adoc#_jetty9_per_war,Required Per WAR Configuration>>
|
|
@ -57,7 +57,9 @@ This is a Jetty specific config file and you must define a Keycloak specific aut
|
|||
----
|
||||
|
||||
Next you must create a `keycloak.json` adapter config file within the `WEB-INF` directory of your WAR.
|
||||
The format of this config file is describe in the <<_java_adapter_config,general adapter configuration>> section.
|
||||
|
||||
The format of this config file is describe in the <<fake/../java-adapter-config.adoc#_java_adapter_config,Java adapter configuration>> section.
|
||||
|
||||
|
||||
WARNING: The Jetty 9.1.x adapter will not be able to find the `keycloak.json` file.
|
||||
You will have to define all adapter settings within the `jetty-web.xml` file as described below.
|
||||
|
|
|
@ -152,7 +152,7 @@ While Spring Security's XML namespace simplifies configuration, customizing the
|
|||
|
||||
The Keycloak Spring Security adapter also supports multi tenancy.
|
||||
Instead of injecting `AdapterDeploymentContextFactoryBean` with the path to `keycloak.json` you can inject an implementation of the `KeycloakConfigResolver` interface.
|
||||
More details on how to implement the `KeycloakConfigResolver` can be found in <<_multi_tenancy>>.
|
||||
More details on how to implement the `KeycloakConfigResolver` can be found in <<fake/../multi-tenancy.adoc#_multi_tenancy,Multi Tenancy>>.
|
||||
|
||||
==== Naming Security Roles
|
||||
|
||||
|
|
|
@ -45,7 +45,8 @@ This is a Tomcat specific config file and you must define a Keycloak specific Va
|
|||
----
|
||||
|
||||
Next you must create a `keycloak.json` adapter config file within the `WEB-INF` directory of your WAR.
|
||||
The format of this config file is describe in the <<_java_adapter_config,general adapter configuration>> section.
|
||||
|
||||
The format of this config file is describe in the <<fake/../java-adapter-config.adoc#_java_adapter_config,Java adapter configuration>>
|
||||
|
||||
Finally you must specify both a `login-config` and use standard servlet security to specify role-base constraints on your URLs.
|
||||
Here's an example:
|
||||
|
|
Loading…
Reference in a new issue