KEYCLOAK-7888 Update Fuse adapter examples to new CXF registration
This commit is contained in:
Hynek Mlnarik
Hynek Mlnařík
parent
7c14a6a503
commit
26bf7f251d
6 changed files with 26 additions and 36 deletions
|
|
@ -4,6 +4,8 @@
|
||||||
<%@ page import="org.keycloak.constants.ServiceUrlConstants" %>
|
<%@ page import="org.keycloak.constants.ServiceUrlConstants" %>
|
||||||
<%@ page import="org.keycloak.example.CxfRsClient" %>
|
<%@ page import="org.keycloak.example.CxfRsClient" %>
|
||||||
<%@ page import="org.keycloak.representations.IDToken" %>
|
<%@ page import="org.keycloak.representations.IDToken" %>
|
||||||
|
<%@ page import="org.keycloak.common.util.UriUtils"%>
|
||||||
|
<%@ page import="org.keycloak.KeycloakSecurityContext"%>
|
||||||
<%@ page session="false" %>
|
<%@ page session="false" %>
|
||||||
<html>
|
<html>
|
||||||
<head>
|
<head>
|
||||||
|
|
@ -16,6 +18,7 @@
|
||||||
String acctUri = KeycloakUriBuilder.fromUri("http://localhost:8080/auth").path(ServiceUrlConstants.ACCOUNT_SERVICE_PATH)
|
String acctUri = KeycloakUriBuilder.fromUri("http://localhost:8080/auth").path(ServiceUrlConstants.ACCOUNT_SERVICE_PATH)
|
||||||
.queryParam("referrer", "customer-portal").build("demo").toString();
|
.queryParam("referrer", "customer-portal").build("demo").toString();
|
||||||
IDToken idToken = CxfRsClient.getIDToken(request);
|
IDToken idToken = CxfRsClient.getIDToken(request);
|
||||||
|
KeycloakSecurityContext kSession = (KeycloakSecurityContext) request.getAttribute(KeycloakSecurityContext.class.getName());
|
||||||
%>
|
%>
|
||||||
<p>Goto: <a href="/product-portal">products</a> | <a href="<%=logoutUri%>">logout</a> | <a
|
<p>Goto: <a href="/product-portal">products</a> | <a href="<%=logoutUri%>">logout</a> | <a
|
||||||
href="<%=acctUri%>">manage acct</a></p>
|
href="<%=acctUri%>">manage acct</a></p>
|
||||||
|
|
@ -28,6 +31,7 @@ Servlet User Principal <b><%=request.getUserPrincipal().getName()%>
|
||||||
<p>First: <%=idToken.getGivenName()%></p>
|
<p>First: <%=idToken.getGivenName()%></p>
|
||||||
<p>Last: <%=idToken.getFamilyName()%></p>
|
<p>Last: <%=idToken.getFamilyName()%></p>
|
||||||
<h2>Customer Listing</h2>
|
<h2>Customer Listing</h2>
|
||||||
|
<p><b>curl</b> -H "Authorization: Bearer <%=kSession.getTokenString()%>" <%=UriUtils.getOrigin(request.getRequestURL().toString()) + "/cxf/customerservice/customers"%></p>
|
||||||
<%
|
<%
|
||||||
java.util.List<String> list = null;
|
java.util.List<String> list = null;
|
||||||
try {
|
try {
|
||||||
|
|
|
||||||
|
|
@ -36,34 +36,4 @@
|
||||||
</jaxrs:serviceBeans>
|
</jaxrs:serviceBeans>
|
||||||
</jaxrs:server>
|
</jaxrs:server>
|
||||||
|
|
||||||
|
|
||||||
<!-- Securing of whole /cxf context by unregister default cxf servlet from paxweb and re-register with applied security constraints -->
|
|
||||||
<bean id="cxfConstraintMapping" class="org.keycloak.adapters.osgi.PaxWebSecurityConstraintMapping">
|
|
||||||
<property name="roles">
|
|
||||||
<list>
|
|
||||||
<value>user</value>
|
|
||||||
</list>
|
|
||||||
</property>
|
|
||||||
<property name="url" value="/cxf/*" />
|
|
||||||
<property name="authentication" value="true"/>
|
|
||||||
</bean>
|
|
||||||
|
|
||||||
<bean id="cxfKeycloakPaxWebIntegration" class="org.keycloak.adapters.osgi.undertow.PaxWebIntegrationService"
|
|
||||||
init-method="start" destroy-method="stop">
|
|
||||||
<property name="bundleContext" ref="blueprintBundleContext" />
|
|
||||||
<property name="constraintMappings">
|
|
||||||
<list>
|
|
||||||
<ref component-id="cxfConstraintMapping" />
|
|
||||||
</list>
|
|
||||||
</property>
|
|
||||||
</bean>
|
|
||||||
|
|
||||||
<bean id="defaultCxfReregistration" class="org.keycloak.adapters.osgi.ServletReregistrationService" depends-on="cxfKeycloakPaxWebIntegration"
|
|
||||||
init-method="start" destroy-method="stop">
|
|
||||||
<property name="bundleContext" ref="blueprintBundleContext" />
|
|
||||||
<property name="managedServiceReference">
|
|
||||||
<reference interface="org.osgi.service.cm.ManagedService" filter="(service.pid=org.apache.cxf.osgi)" timeout="5000" />
|
|
||||||
</property>
|
|
||||||
</bean>
|
|
||||||
|
|
||||||
</blueprint>
|
</blueprint>
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,10 @@
|
||||||
|
{
|
||||||
|
"realm": "demo",
|
||||||
|
"resource": "builtin-cxf-app",
|
||||||
|
"auth-server-url": "http://localhost:8080/auth",
|
||||||
|
"ssl-required" : "external",
|
||||||
|
"bearer-only": true,
|
||||||
|
"credentials": {
|
||||||
|
"secret": "password"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -1,3 +1,12 @@
|
||||||
|
config:edit --factory --alias cxf org.ops4j.pax.web.context
|
||||||
|
config:property-set bundle.symbolicName org.apache.cxf.cxf-rt-transports-http
|
||||||
|
config:property-set context.id default
|
||||||
|
config:property-set context.param.keycloak.config.resolver org.keycloak.adapters.osgi.HierarchicalPathBasedKeycloakConfigResolver
|
||||||
|
config:property-set login.config.authMethod KEYCLOAK
|
||||||
|
config:property-set security.cxf.url /cxf/customerservice/*
|
||||||
|
config:property-set security.cxf.roles "admin, user"
|
||||||
|
config:update
|
||||||
|
|
||||||
config:edit org.apache.karaf.shell
|
config:edit org.apache.karaf.shell
|
||||||
config:property-set sshRealm keycloak
|
config:property-set sshRealm keycloak
|
||||||
config:update
|
config:update
|
||||||
|
|
|
||||||
|
|
@ -1,11 +1,7 @@
|
||||||
config:edit org.ops4j.pax.url.mvn
|
config:edit org.ops4j.pax.url.mvn
|
||||||
config:property-set org.ops4j.pax.url.mvn.localRepository ${maven.repo.local}
|
config:property-set org.ops4j.pax.url.mvn.localRepository ${maven.repo.local}
|
||||||
config:property-set org.ops4j.pax.url.mvn.settings ${maven.local.settings}
|
config:property-set org.ops4j.pax.url.mvn.settings ${maven.local.settings}
|
||||||
config:property-append org.ops4j.pax.url.mvn.repositories ${repositories}
|
config:property-append org.ops4j.pax.url.mvn.repositories "${repositories}"
|
||||||
config:update
|
|
||||||
|
|
||||||
config:edit org.ops4j.pax.web
|
|
||||||
config:property-set org.ops4j.pax.web.config.file '${karaf.etc}/undertow.xml'
|
|
||||||
config:update
|
config:update
|
||||||
|
|
||||||
config:edit jmx.acl.org.apache.karaf.security.jmx
|
config:edit jmx.acl.org.apache.karaf.security.jmx
|
||||||
|
|
|
||||||
|
|
@ -139,6 +139,7 @@
|
||||||
<includes>
|
<includes>
|
||||||
<include>users.properties</include>
|
<include>users.properties</include>
|
||||||
<include>keycloak-bearer.json</include>
|
<include>keycloak-bearer.json</include>
|
||||||
|
<include>cxf-customerservice-keycloak.json</include>
|
||||||
<include>keycloak-direct-access.json</include>
|
<include>keycloak-direct-access.json</include>
|
||||||
<include>keycloak-hawtio-client.json</include>
|
<include>keycloak-hawtio-client.json</include>
|
||||||
<include>keycloak-hawtio.json</include>
|
<include>keycloak-hawtio.json</include>
|
||||||
|
|
@ -189,7 +190,7 @@
|
||||||
</configuration>
|
</configuration>
|
||||||
</execution>
|
</execution>
|
||||||
</executions>
|
</executions>
|
||||||
</plugin>
|
</plugin>
|
||||||
</plugins>
|
</plugins>
|
||||||
</build>
|
</build>
|
||||||
</profile>
|
</profile>
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue