Merge pull request #77 from sebastienblanc/KEYCLOAK-3714

KEYCLOAK-3714 : update spring's documentation
This commit is contained in:
Stian Thorgersen 2017-01-23 09:35:45 +01:00 committed by GitHub
commit 2a61773bfe
2 changed files with 62 additions and 35 deletions

View file

@ -28,6 +28,12 @@ If you are using Maven, add the following to your pom.xml (using Tomcat as an ex
</dependency>
----
Currently the following embedded containers are supported :
* Tomcat
* Undertow
* Jetty
[[_spring_boot_adapter_configuration]]
===== Required Spring Boot Adapter Configuration
@ -48,7 +54,10 @@ keycloak.credentials.secret = 11111111-1111-1111-1111-111111111111
keycloak.use-resource-role-mappings = true
----
You also need to specify the J2EE security config that would normally go in the `web.xml`.
To configure a Policy Enforcer, unlike keycloak.json, `policy-enforcer-config` must be used instead of just `policy-enforcer`.
You also need to specify the Java EE security config that would normally go in the `web.xml`.
The Spring Boot Adapter will set the `login-method` to `KEYCLOAK` and configure the `security-constraints` at startup time.
Here's an example configuration:
[source]

View file

@ -225,7 +225,25 @@ public class RemoteProductService implements ProductService {
}
----
===== Spring Boot Configuration
===== Spring Boot Integration
The Spring Boot and the Spring Security adapters can be combined.
====== Using Spring Boot Configuration
By Default, the Spring Security Adapter looks for a `keycloak.json` configuration file. You can make sure it looks at the configuration provided by the Spring Boot Adapter by adding this bean :
[source]
----
@Bean
public KeycloakConfigResolver KeycloakConfigResolver() {
return new KeycloakSpringBootConfigResolver();
}
----
====== Avoid double Filter bean registration
Spring Boot attempts to eagerly register filter beans with the web application context.
Therefore, when running the Keycloak Spring Security adapter in a Spring Boot environment, it may be necessary to add two ``FilterRegistrationBean``s to your security configuration to prevent the Keycloak filters from being registered twice.