Merge pull request #77 from sebastienblanc/KEYCLOAK-3714
KEYCLOAK-3714 : update spring's documentation
This commit is contained in:
Stian Thorgersen
GitHub
commit
2a61773bfe
2 changed files with 62 additions and 35 deletions
|
|
@ -28,6 +28,12 @@ If you are using Maven, add the following to your pom.xml (using Tomcat as an ex
|
||||||
</dependency>
|
</dependency>
|
||||||
----
|
----
|
||||||
|
|
||||||
|
Currently the following embedded containers are supported :
|
||||||
|
|
||||||
|
* Tomcat
|
||||||
|
* Undertow
|
||||||
|
* Jetty
|
||||||
|
|
||||||
[[_spring_boot_adapter_configuration]]
|
[[_spring_boot_adapter_configuration]]
|
||||||
===== Required Spring Boot Adapter Configuration
|
===== Required Spring Boot Adapter Configuration
|
||||||
|
|
||||||
|
|
@ -48,7 +54,10 @@ keycloak.credentials.secret = 11111111-1111-1111-1111-111111111111
|
||||||
keycloak.use-resource-role-mappings = true
|
keycloak.use-resource-role-mappings = true
|
||||||
----
|
----
|
||||||
|
|
||||||
You also need to specify the J2EE security config that would normally go in the `web.xml`.
|
To configure a Policy Enforcer, unlike keycloak.json, `policy-enforcer-config` must be used instead of just `policy-enforcer`.
|
||||||
|
|
||||||
|
You also need to specify the Java EE security config that would normally go in the `web.xml`.
|
||||||
|
The Spring Boot Adapter will set the `login-method` to `KEYCLOAK` and configure the `security-constraints` at startup time.
|
||||||
Here's an example configuration:
|
Here's an example configuration:
|
||||||
|
|
||||||
[source]
|
[source]
|
||||||
|
|
|
||||||
|
|
@ -225,7 +225,25 @@ public class RemoteProductService implements ProductService {
|
||||||
}
|
}
|
||||||
----
|
----
|
||||||
|
|
||||||
===== Spring Boot Configuration
|
===== Spring Boot Integration
|
||||||
|
|
||||||
|
The Spring Boot and the Spring Security adapters can be combined.
|
||||||
|
|
||||||
|
====== Using Spring Boot Configuration
|
||||||
|
|
||||||
|
By Default, the Spring Security Adapter looks for a `keycloak.json` configuration file. You can make sure it looks at the configuration provided by the Spring Boot Adapter by adding this bean :
|
||||||
|
|
||||||
|
[source]
|
||||||
|
----
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public KeycloakConfigResolver KeycloakConfigResolver() {
|
||||||
|
return new KeycloakSpringBootConfigResolver();
|
||||||
|
}
|
||||||
|
|
||||||
|
----
|
||||||
|
|
||||||
|
====== Avoid double Filter bean registration
|
||||||
|
|
||||||
Spring Boot attempts to eagerly register filter beans with the web application context.
|
Spring Boot attempts to eagerly register filter beans with the web application context.
|
||||||
Therefore, when running the Keycloak Spring Security adapter in a Spring Boot environment, it may be necessary to add two ``FilterRegistrationBean``s to your security configuration to prevent the Keycloak filters from being registered twice.
|
Therefore, when running the Keycloak Spring Security adapter in a Spring Boot environment, it may be necessary to add two ``FilterRegistrationBean``s to your security configuration to prevent the Keycloak filters from being registered twice.
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue