From ac2b8af1722080cf9ff3e9a08eefbc066d9531fc Mon Sep 17 00:00:00 2001 From: Bill Burke Date: Wed, 12 Nov 2014 11:00:48 -0500 Subject: [PATCH 1/3] overview update --- docbook/reference/en/en-US/modules/Overview.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docbook/reference/en/en-US/modules/Overview.xml b/docbook/reference/en/en-US/modules/Overview.xml index 72ade64ec5..d18195dea4 100755 --- a/docbook/reference/en/en-US/modules/Overview.xml +++ b/docbook/reference/en/en-US/modules/Overview.xml @@ -98,7 +98,7 @@ Multitenancy support. You can host and manage multiple realms for multiple organizations. - Supports JBoss AS7, EAP 6.x, Wildfly, Tomcat 7, Jetty 9.1.x, Jetty 9.2.x, and Pure JavaScript applications. Plans to support Node.js, RAILS, GRAILS, and other non-Java deployments + Supports JBoss AS7, EAP 6.x, Wildfly, Tomcat 7, Jetty 9.1.x, Jetty 9.2.x, Jetty 8.1.x, and Pure JavaScript applications. Plans to support Node.js, RAILS, GRAILS, and other non-Java deployments From e2045907d489896820f19606073906b74b8bdbea Mon Sep 17 00:00:00 2001 From: Bill Burke Date: Wed, 12 Nov 2014 18:56:18 -0500 Subject: [PATCH 2/3] tomcat8 --- distribution/appliance-dist/assembly.xml | 1 + distribution/appliance-dist/pom.xml | 6 + distribution/pom.xml | 1 + distribution/tomcat8-adapter-zip/assembly.xml | 20 + distribution/tomcat8-adapter-zip/pom.xml | 53 ++ distribution/war-dist/assembly.xml | 1 + distribution/war-dist/pom.xml | 6 + .../modules/MigrationFromOlderVersions.xml | 8 + .../reference/en/en-US/modules/Overview.xml | 9 +- .../en/en-US/modules/tomcat-adapter.xml | 10 +- .../org/keycloak/adapters/as7/Actions.java | 13 - integration/pom.xml | 2 +- integration/tomcat/pom.xml | 21 + .../adapter => tomcat/tomcat-core}/pom.xml | 9 +- .../AbstractKeycloakAuthenticatorValve.java} | 23 +- .../tomcat}/AuthenticatedActionsValve.java | 3 +- .../tomcat}/CatalinaCookieTokenStore.java | 2 +- .../adapters/tomcat}/CatalinaHttpFacade.java | 2 +- .../tomcat}/CatalinaRequestAuthenticator.java | 6 +- .../CatalinaSecurityContextHelper.java | 2 +- .../tomcat}/CatalinaSessionTokenStore.java | 2 +- .../CatalinaUserSessionManagement.java | 2 +- .../CatalinaUserSessionManagementWrapper.java | 2 +- .../adapters/tomcat}/SimpleGroup.java | 2 +- .../adapters/tomcat}/SimplePrincipal.java | 2 +- integration/tomcat/tomcat7/pom.xml | 98 ++++ .../tomcat/KeycloakAuthenticatorValve.java | 27 + integration/tomcat/tomcat8/pom.xml | 107 ++++ .../tomcat/KeycloakAuthenticatorValve.java | 30 ++ .../keycloak/adapters/tomcat7/Actions.java | 13 - testsuite/pom.xml | 1 + testsuite/tomcat7/pom.xml | 10 +- .../tomcat-test/webapp/META-INF/context.xml | 2 +- testsuite/tomcat8/pom.xml | 503 ++++++++++++++++++ .../org/keycloak/testsuite/TomcatTest.java | 185 +++++++ .../test/resources/tomcat-test/demorealm.json | 58 ++ .../tomcat-test/webapp/META-INF/context.xml | 3 + .../tomcat-test/webapp/WEB-INF/keycloak.json | 10 + .../tomcat-test/webapp/WEB-INF/web.xml | 40 ++ 39 files changed, 1223 insertions(+), 72 deletions(-) create mode 100755 distribution/tomcat8-adapter-zip/assembly.xml create mode 100755 distribution/tomcat8-adapter-zip/pom.xml delete mode 100755 integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/Actions.java create mode 100755 integration/tomcat/pom.xml rename integration/{tomcat7/adapter => tomcat/tomcat-core}/pom.xml (89%) rename integration/{tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/KeycloakAuthenticatorValve.java => tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/AbstractKeycloakAuthenticatorValve.java} (90%) rename integration/{tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7 => tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat}/AuthenticatedActionsValve.java (93%) rename integration/{tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7 => tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat}/CatalinaCookieTokenStore.java (99%) rename integration/{tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7 => tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat}/CatalinaHttpFacade.java (96%) rename integration/{tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7 => tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat}/CatalinaRequestAuthenticator.java (93%) rename integration/{tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7 => tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat}/CatalinaSecurityContextHelper.java (96%) rename integration/{tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7 => tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat}/CatalinaSessionTokenStore.java (99%) rename integration/{tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7 => tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat}/CatalinaUserSessionManagement.java (95%) rename integration/{tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7 => tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat}/CatalinaUserSessionManagementWrapper.java (95%) mode change 100644 => 100755 rename integration/{tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7 => tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat}/SimpleGroup.java (96%) mode change 100644 => 100755 rename integration/{tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7 => tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat}/SimplePrincipal.java (96%) mode change 100644 => 100755 create mode 100755 integration/tomcat/tomcat7/pom.xml create mode 100755 integration/tomcat/tomcat7/src/main/java/org/keycloak/adapters/tomcat/KeycloakAuthenticatorValve.java create mode 100755 integration/tomcat/tomcat8/pom.xml create mode 100755 integration/tomcat/tomcat8/src/main/java/org/keycloak/adapters/tomcat/KeycloakAuthenticatorValve.java delete mode 100755 integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/Actions.java create mode 100755 testsuite/tomcat8/pom.xml create mode 100755 testsuite/tomcat8/src/test/java/org/keycloak/testsuite/TomcatTest.java create mode 100755 testsuite/tomcat8/src/test/resources/tomcat-test/demorealm.json create mode 100755 testsuite/tomcat8/src/test/resources/tomcat-test/webapp/META-INF/context.xml create mode 100755 testsuite/tomcat8/src/test/resources/tomcat-test/webapp/WEB-INF/keycloak.json create mode 100755 testsuite/tomcat8/src/test/resources/tomcat-test/webapp/WEB-INF/web.xml diff --git a/distribution/appliance-dist/assembly.xml b/distribution/appliance-dist/assembly.xml index 2ec0bfa03b..9bef5b2a67 100755 --- a/distribution/appliance-dist/assembly.xml +++ b/distribution/appliance-dist/assembly.xml @@ -81,6 +81,7 @@ org.keycloak:keycloak-as7-adapter-dist:zip org.keycloak:keycloak-eap6-adapter-dist:zip org.keycloak:keycloak-tomcat7-adapter-dist:zip + org.keycloak:keycloak-tomcat8-adapter-dist:zip org.keycloak:keycloak-jetty81-adapter-dist:zip org.keycloak:keycloak-jetty91-adapter-dist:zip org.keycloak:keycloak-jetty92-adapter-dist:zip diff --git a/distribution/appliance-dist/pom.xml b/distribution/appliance-dist/pom.xml index c8688dae68..88f9fd5475 100755 --- a/distribution/appliance-dist/pom.xml +++ b/distribution/appliance-dist/pom.xml @@ -32,6 +32,12 @@ ${project.version} zip + + org.keycloak + keycloak-tomcat8-adapter-dist + ${project.version} + zip + org.keycloak keycloak-jetty81-adapter-dist diff --git a/distribution/pom.xml b/distribution/pom.xml index 184aca1251..baf7a0346c 100755 --- a/distribution/pom.xml +++ b/distribution/pom.xml @@ -28,6 +28,7 @@ modules as7-adapter-zip tomcat7-adapter-zip + tomcat8-adapter-zip eap6-adapter-zip wildfly-adapter-zip jetty81-adapter-zip diff --git a/distribution/tomcat8-adapter-zip/assembly.xml b/distribution/tomcat8-adapter-zip/assembly.xml new file mode 100755 index 0000000000..308d4d2dbc --- /dev/null +++ b/distribution/tomcat8-adapter-zip/assembly.xml @@ -0,0 +1,20 @@ + + war-dist + + + zip + + false + + + + false + true + true + + org.keycloak:keycloak-tomcat8-adapter + + + + + diff --git a/distribution/tomcat8-adapter-zip/pom.xml b/distribution/tomcat8-adapter-zip/pom.xml new file mode 100755 index 0000000000..d23536367c --- /dev/null +++ b/distribution/tomcat8-adapter-zip/pom.xml @@ -0,0 +1,53 @@ + + 4.0.0 + + keycloak-parent + org.keycloak + 1.1.0.Beta2-SNAPSHOT + ../../pom.xml + + + keycloak-tomcat8-adapter-dist + pom + Keycloak Tomcat 8 Adapter Distro + + + + + org.keycloak + keycloak-tomcat8-adapter + ${project.version} + + + + + + maven-assembly-plugin + 2.4 + + + assemble + package + + single + + + + assembly.xml + + + target + + + target/assembly/work + + false + + + + + + + + diff --git a/distribution/war-dist/assembly.xml b/distribution/war-dist/assembly.xml index 7a35c6641c..93e08a34fa 100755 --- a/distribution/war-dist/assembly.xml +++ b/distribution/war-dist/assembly.xml @@ -32,6 +32,7 @@ org.keycloak:keycloak-as7-adapter-dist:zip org.keycloak:keycloak-eap6-adapter-dist:zip org.keycloak:keycloak-tomcat7-adapter-dist:zip + org.keycloak:keycloak-tomcat8-adapter-dist:zip org.keycloak:keycloak-jetty81-adapter-dist:zip org.keycloak:keycloak-jetty91-adapter-dist:zip org.keycloak:keycloak-jetty92-adapter-dist:zip diff --git a/distribution/war-dist/pom.xml b/distribution/war-dist/pom.xml index a8cab9d836..dbef9dad42 100755 --- a/distribution/war-dist/pom.xml +++ b/distribution/war-dist/pom.xml @@ -32,6 +32,12 @@ ${project.version} zip + + org.keycloak + keycloak-tomcat8-adapter-dist + ${project.version} + zip + org.keycloak keycloak-eap6-adapter-dist diff --git a/docbook/reference/en/en-US/modules/MigrationFromOlderVersions.xml b/docbook/reference/en/en-US/modules/MigrationFromOlderVersions.xml index 09109b30b3..93987adffe 100755 --- a/docbook/reference/en/en-US/modules/MigrationFromOlderVersions.xml +++ b/docbook/reference/en/en-US/modules/MigrationFromOlderVersions.xml @@ -79,6 +79,14 @@
Version specific migration +
+ Migrating from 1.1.Beta1 to 1.1.Beta2 + + The tomcat adapter valve has moved to a different package. From org.keycloak.adapters.tomcat7.KeycloakAuthenticatorValve to org.keycloak.adapters.tomcat.KeycloakAuthenticatorValve + From the 'tomcat7' package to just 'tomcat'. + + +
Migrating from 1.0.x.Final to 1.1.Beta1 diff --git a/docbook/reference/en/en-US/modules/Overview.xml b/docbook/reference/en/en-US/modules/Overview.xml index d18195dea4..53fcd8ffd7 100755 --- a/docbook/reference/en/en-US/modules/Overview.xml +++ b/docbook/reference/en/en-US/modules/Overview.xml @@ -57,10 +57,6 @@ can be styled, branded, and tailored to your application and organizational needs. - - OAuth Bearer token auth for REST Services - - Integrated Browser App to REST Service token propagation @@ -95,10 +91,11 @@ Deployable as a WAR, appliance, or on Openshift. Completely clusterable. - Multitenancy support. You can host and manage multiple realms for multiple organizations. + Multitenancy support. You can host and manage multiple realms for multiple organizations. In the same auth server + and even within the same deployed application. - Supports JBoss AS7, EAP 6.x, Wildfly, Tomcat 7, Jetty 9.1.x, Jetty 9.2.x, Jetty 8.1.x, and Pure JavaScript applications. Plans to support Node.js, RAILS, GRAILS, and other non-Java deployments + Supports JBoss AS7, EAP 6.x, Wildfly, Tomcat 7, Tomcat 8, Jetty 9.1.x, Jetty 9.2.x, Jetty 8.1.x, and Pure JavaScript applications. Plans to support Node.js, RAILS, GRAILS, and other non-Java deployments diff --git a/docbook/reference/en/en-US/modules/tomcat-adapter.xml b/docbook/reference/en/en-US/modules/tomcat-adapter.xml index b9c0043f8e..7bff1f5c61 100755 --- a/docbook/reference/en/en-US/modules/tomcat-adapter.xml +++ b/docbook/reference/en/en-US/modules/tomcat-adapter.xml @@ -1,14 +1,14 @@
- Tomcat 7 Adapter + Tomcat 7 and 8 Adapter - To be able to secure WAR apps deployed on Tomcat 7 you must install the Keycloak Tomcat 7 adapter + To be able to secure WAR apps deployed on Tomcat 7 and 8 you must install the Keycloak Tomcat 7 or 8 adapter into your Tomcat installation. You then have to provide some extra configuration in each WAR you deploy to Tomcat. Let's go over these steps.
Adapter Installation - There is a adapter zip file for Tomcat 7 in the adapters/ directory in the Keycloak appliance + There is a adapter zip file for Tomcat 7/8 in the adapters/ directory in the Keycloak appliance or war distribution. You must unzip this file into Tomcat's lib/ directory. Including adapter's jars within your WEB-INF/lib directory will not work! The Keycloak adapter is implemented as a Valve and valve code must reside in Tomcat's main lib/ directory. @@ -17,6 +17,8 @@ $ cd $TOMCAT_HOME/lib $ unzip keycloak-tomcat7-adapter-dist.zip + or +$ unzip keycloak-tomcat8-adapter-dist.zip
@@ -33,7 +35,7 @@ $ unzip keycloak-tomcat7-adapter-dist.zip - + ]]> diff --git a/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/Actions.java b/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/Actions.java deleted file mode 100755 index 13189fc21b..0000000000 --- a/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/Actions.java +++ /dev/null @@ -1,13 +0,0 @@ -package org.keycloak.adapters.as7; - -/** - * @author Bill Burke - * @version $Revision: 1 $ - */ -public interface Actions { - public static final String J_OAUTH_ADMIN_FORCED_LOGOUT = "j_oauth_admin_forced_logout"; - public static final String J_OAUTH_LOGOUT = "j_oauth_logout"; - public static final String J_OAUTH_RESOLVE_ACCESS_CODE = "j_oauth_resolve_access_code"; - public static final String J_OAUTH_REMOTE_LOGOUT = "j_oauth_remote_logout"; - public static final String J_OAUTH_TOKEN_GRANT = "j_oauth_token_grant"; -} diff --git a/integration/pom.xml b/integration/pom.xml index bd21fd8f99..8c3b6a0357 100755 --- a/integration/pom.xml +++ b/integration/pom.xml @@ -19,7 +19,7 @@ servlet-oauth-client jboss-adapter-core as7-eap6/adapter - tomcat7/adapter + tomcat jetty undertow wildfly-adapter diff --git a/integration/tomcat/pom.xml b/integration/tomcat/pom.xml new file mode 100755 index 0000000000..146a9bb67e --- /dev/null +++ b/integration/tomcat/pom.xml @@ -0,0 +1,21 @@ + + + keycloak-parent + org.keycloak + 1.1.0.Beta2-SNAPSHOT + ../../pom.xml + + Keycloak Tomcat Integration + + 4.0.0 + + keycloak-tomcat-integration-pom + pom + + + tomcat-core + tomcat7 + tomcat8 + + diff --git a/integration/tomcat7/adapter/pom.xml b/integration/tomcat/tomcat-core/pom.xml similarity index 89% rename from integration/tomcat7/adapter/pom.xml rename to integration/tomcat/tomcat-core/pom.xml index f5cb8fef36..0e1277420f 100755 --- a/integration/tomcat7/adapter/pom.xml +++ b/integration/tomcat/tomcat-core/pom.xml @@ -9,9 +9,10 @@ 4.0.0 - keycloak-tomcat7-adapter - Keycloak Tomcat7 Integration + keycloak-tomcat-core-adapter + Keycloak Tomcat Core Integration + 7.0.52 @@ -61,13 +62,13 @@ org.apache.tomcat tomcat-servlet-api ${tomcat.version} - provided + compile org.apache.tomcat tomcat-catalina ${tomcat.version} - provided + compile diff --git a/integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/KeycloakAuthenticatorValve.java b/integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/AbstractKeycloakAuthenticatorValve.java similarity index 90% rename from integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/KeycloakAuthenticatorValve.java rename to integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/AbstractKeycloakAuthenticatorValve.java index 5d0f271f5b..7d207ac2ce 100755 --- a/integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/KeycloakAuthenticatorValve.java +++ b/integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/AbstractKeycloakAuthenticatorValve.java @@ -1,4 +1,4 @@ -package org.keycloak.adapters.tomcat7; +package org.keycloak.adapters.tomcat; import org.apache.catalina.Context; import org.apache.catalina.Lifecycle; @@ -10,7 +10,6 @@ import org.apache.catalina.authenticator.FormAuthenticator; import org.apache.catalina.connector.Request; import org.apache.catalina.connector.Response; import org.apache.catalina.core.StandardContext; -import org.apache.catalina.deploy.LoginConfig; import org.keycloak.KeycloakSecurityContext; import org.keycloak.constants.AdapterConstants; import org.keycloak.adapters.AdapterDeploymentContext; @@ -38,19 +37,17 @@ import java.util.logging.Logger; import org.keycloak.adapters.KeycloakConfigResolver; /** - * Web deployment whose security is managed by a remote OAuth Skeleton Key authentication server - *

- * Redirects browser to remote authentication server if not logged in. Also allows OAuth Bearer Token requests - * that contain a Skeleton Key bearer tokens. + * Keycloak authentication valve * * @author Davide Ungari + * @author Bill Burke * @version $Revision: 1 $ */ -public class KeycloakAuthenticatorValve extends FormAuthenticator implements LifecycleListener { +public abstract class AbstractKeycloakAuthenticatorValve extends FormAuthenticator implements LifecycleListener { public static final String TOKEN_STORE_NOTE = "TOKEN_STORE_NOTE"; - private final static Logger log = Logger.getLogger(""+KeycloakAuthenticatorValve.class); + private final static Logger log = Logger.getLogger(""+AbstractKeycloakAuthenticatorValve.class); protected CatalinaUserSessionManagement userSessionManagement = new CatalinaUserSessionManagement(); protected AdapterDeploymentContext deploymentContext; protected NodesRegistrationManagement nodesRegistrationManagement; @@ -69,9 +66,8 @@ public class KeycloakAuthenticatorValve extends FormAuthenticator implements Lif beforeStop(); } } - - @Override - public void logout(Request request) throws ServletException { + + protected void logoutInternal(Request request) { KeycloakSecurityContext ksc = (KeycloakSecurityContext)request.getAttribute(KeycloakSecurityContext.class.getName()); if (ksc != null) { CatalinaHttpFacade facade = new CatalinaHttpFacade(request, null); @@ -84,9 +80,9 @@ public class KeycloakAuthenticatorValve extends FormAuthenticator implements Lif tokenStore.logout(); request.removeAttribute(KeycloakSecurityContext.class.getName()); } - super.logout(request); } + public void startDeployment() throws LifecycleException { super.start(); StandardContext standardContext = (StandardContext) context; @@ -186,8 +182,7 @@ public class KeycloakAuthenticatorValve extends FormAuthenticator implements Lif } } - @Override - public boolean authenticate(Request request, HttpServletResponse response, LoginConfig config) throws IOException { + protected boolean authenticateInternal(Request request, HttpServletResponse response) { CatalinaHttpFacade facade = new CatalinaHttpFacade(request, response); KeycloakDeployment deployment = deploymentContext.resolveDeployment(facade); if (deployment == null || !deployment.isConfigured()) { diff --git a/integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/AuthenticatedActionsValve.java b/integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/AuthenticatedActionsValve.java similarity index 93% rename from integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/AuthenticatedActionsValve.java rename to integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/AuthenticatedActionsValve.java index aae9b29351..8cb6e03601 100755 --- a/integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/AuthenticatedActionsValve.java +++ b/integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/AuthenticatedActionsValve.java @@ -1,4 +1,4 @@ -package org.keycloak.adapters.tomcat7; +package org.keycloak.adapters.tomcat; import org.apache.catalina.Container; import org.apache.catalina.Valve; @@ -10,7 +10,6 @@ import org.keycloak.adapters.AdapterDeploymentContext; import org.keycloak.adapters.AuthenticatedActionsHandler; import org.keycloak.adapters.KeycloakDeployment; -import javax.management.ObjectName; import javax.servlet.ServletException; import java.io.IOException; diff --git a/integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/CatalinaCookieTokenStore.java b/integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/CatalinaCookieTokenStore.java similarity index 99% rename from integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/CatalinaCookieTokenStore.java rename to integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/CatalinaCookieTokenStore.java index c0c227452b..a0cf006f45 100755 --- a/integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/CatalinaCookieTokenStore.java +++ b/integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/CatalinaCookieTokenStore.java @@ -1,4 +1,4 @@ -package org.keycloak.adapters.tomcat7; +package org.keycloak.adapters.tomcat; import java.util.Set; import java.util.logging.Logger; diff --git a/integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/CatalinaHttpFacade.java b/integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/CatalinaHttpFacade.java similarity index 96% rename from integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/CatalinaHttpFacade.java rename to integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/CatalinaHttpFacade.java index 691a6c311d..7121d7f9a7 100755 --- a/integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/CatalinaHttpFacade.java +++ b/integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/CatalinaHttpFacade.java @@ -1,4 +1,4 @@ -package org.keycloak.adapters.tomcat7; +package org.keycloak.adapters.tomcat; import org.keycloak.KeycloakSecurityContext; import org.keycloak.adapters.HttpFacade; diff --git a/integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/CatalinaRequestAuthenticator.java b/integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/CatalinaRequestAuthenticator.java similarity index 93% rename from integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/CatalinaRequestAuthenticator.java rename to integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/CatalinaRequestAuthenticator.java index cc9e56abd3..4c335c9958 100755 --- a/integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/CatalinaRequestAuthenticator.java +++ b/integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/CatalinaRequestAuthenticator.java @@ -1,4 +1,4 @@ -package org.keycloak.adapters.tomcat7; +package org.keycloak.adapters.tomcat; import org.apache.catalina.authenticator.Constants; import org.apache.catalina.connector.Request; @@ -27,11 +27,11 @@ import javax.servlet.http.HttpSession; */ public class CatalinaRequestAuthenticator extends RequestAuthenticator { private static final Logger log = Logger.getLogger(""+CatalinaRequestAuthenticator.class); - protected KeycloakAuthenticatorValve valve; + protected AbstractKeycloakAuthenticatorValve valve; protected Request request; public CatalinaRequestAuthenticator(KeycloakDeployment deployment, - KeycloakAuthenticatorValve valve, AdapterTokenStore tokenStore, + AbstractKeycloakAuthenticatorValve valve, AdapterTokenStore tokenStore, CatalinaHttpFacade facade, Request request) { super(facade, deployment, tokenStore, request.getConnector().getRedirectPort()); diff --git a/integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/CatalinaSecurityContextHelper.java b/integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/CatalinaSecurityContextHelper.java similarity index 96% rename from integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/CatalinaSecurityContextHelper.java rename to integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/CatalinaSecurityContextHelper.java index aa42c320f9..e1795f62be 100755 --- a/integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/CatalinaSecurityContextHelper.java +++ b/integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/CatalinaSecurityContextHelper.java @@ -1,4 +1,4 @@ -package org.keycloak.adapters.tomcat7; +package org.keycloak.adapters.tomcat; import org.apache.catalina.Realm; import org.apache.catalina.realm.GenericPrincipal; diff --git a/integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/CatalinaSessionTokenStore.java b/integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/CatalinaSessionTokenStore.java similarity index 99% rename from integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/CatalinaSessionTokenStore.java rename to integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/CatalinaSessionTokenStore.java index 500adf12ec..7fdf280838 100755 --- a/integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/CatalinaSessionTokenStore.java +++ b/integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/CatalinaSessionTokenStore.java @@ -1,4 +1,4 @@ -package org.keycloak.adapters.tomcat7; +package org.keycloak.adapters.tomcat; import java.util.Set; import java.util.logging.Logger; diff --git a/integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/CatalinaUserSessionManagement.java b/integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/CatalinaUserSessionManagement.java similarity index 95% rename from integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/CatalinaUserSessionManagement.java rename to integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/CatalinaUserSessionManagement.java index 8263e94cca..21b2e6cb56 100755 --- a/integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/CatalinaUserSessionManagement.java +++ b/integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/CatalinaUserSessionManagement.java @@ -1,4 +1,4 @@ -package org.keycloak.adapters.tomcat7; +package org.keycloak.adapters.tomcat; import org.apache.catalina.Manager; import org.apache.catalina.Session; diff --git a/integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/CatalinaUserSessionManagementWrapper.java b/integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/CatalinaUserSessionManagementWrapper.java old mode 100644 new mode 100755 similarity index 95% rename from integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/CatalinaUserSessionManagementWrapper.java rename to integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/CatalinaUserSessionManagementWrapper.java index b1e8828a40..5c3cf62dca --- a/integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/CatalinaUserSessionManagementWrapper.java +++ b/integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/CatalinaUserSessionManagementWrapper.java @@ -1,4 +1,4 @@ -package org.keycloak.adapters.tomcat7; +package org.keycloak.adapters.tomcat; import java.util.List; diff --git a/integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/SimpleGroup.java b/integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/SimpleGroup.java old mode 100644 new mode 100755 similarity index 96% rename from integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/SimpleGroup.java rename to integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/SimpleGroup.java index b583d3b0e3..53bb52c832 --- a/integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/SimpleGroup.java +++ b/integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/SimpleGroup.java @@ -1,4 +1,4 @@ -package org.keycloak.adapters.tomcat7; +package org.keycloak.adapters.tomcat; import java.security.Principal; import java.security.acl.Group; diff --git a/integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/SimplePrincipal.java b/integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/SimplePrincipal.java old mode 100644 new mode 100755 similarity index 96% rename from integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/SimplePrincipal.java rename to integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/SimplePrincipal.java index e3d6507b71..ada37d7eb0 --- a/integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/SimplePrincipal.java +++ b/integration/tomcat/tomcat-core/src/main/java/org/keycloak/adapters/tomcat/SimplePrincipal.java @@ -1,4 +1,4 @@ -package org.keycloak.adapters.tomcat7; +package org.keycloak.adapters.tomcat; import java.io.Serializable; import java.security.Principal; diff --git a/integration/tomcat/tomcat7/pom.xml b/integration/tomcat/tomcat7/pom.xml new file mode 100755 index 0000000000..f994ace040 --- /dev/null +++ b/integration/tomcat/tomcat7/pom.xml @@ -0,0 +1,98 @@ + + + + keycloak-parent + org.keycloak + 1.1.0.Beta2-SNAPSHOT + ../../../pom.xml + + 4.0.0 + + keycloak-tomcat7-adapter + Keycloak Tomcat 7 Integration + + + 7.0.52 + + + + + + org.jboss.logging + jboss-logging + ${jboss.logging.version} + + + org.keycloak + keycloak-core + ${project.version} + + + org.keycloak + keycloak-adapter-core + ${project.version} + + + org.keycloak + keycloak-tomcat-core-adapter + ${project.version} + + + org.apache.httpcomponents + httpclient + ${keycloak.apache.httpcomponents.version} + + + net.iharder + base64 + + + org.bouncycastle + bcprov-jdk16 + + + org.codehaus.jackson + jackson-core-asl + + + org.codehaus.jackson + jackson-mapper-asl + + + org.codehaus.jackson + jackson-xc + + + org.apache.tomcat + tomcat-servlet-api + ${tomcat.version} + provided + + + org.apache.tomcat + tomcat-catalina + ${tomcat.version} + provided + + + + junit + junit + test + + + + + + org.apache.maven.plugins + maven-compiler-plugin + + 1.6 + 1.6 + + + + + + diff --git a/integration/tomcat/tomcat7/src/main/java/org/keycloak/adapters/tomcat/KeycloakAuthenticatorValve.java b/integration/tomcat/tomcat7/src/main/java/org/keycloak/adapters/tomcat/KeycloakAuthenticatorValve.java new file mode 100755 index 0000000000..004be82624 --- /dev/null +++ b/integration/tomcat/tomcat7/src/main/java/org/keycloak/adapters/tomcat/KeycloakAuthenticatorValve.java @@ -0,0 +1,27 @@ +package org.keycloak.adapters.tomcat; + +import org.apache.catalina.connector.Request; +import org.apache.catalina.deploy.LoginConfig; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; + +/** + * Keycloak authentication valve + * + * @author Bill Burke + * @version $Revision: 1 $ + */ +public class KeycloakAuthenticatorValve extends AbstractKeycloakAuthenticatorValve { + @Override + public boolean authenticate(Request request, HttpServletResponse response, LoginConfig config) throws IOException { + return authenticateInternal(request, response); + } + + @Override + public void logout(Request request) throws ServletException { + logoutInternal(request); + super.logout(request); + } +} diff --git a/integration/tomcat/tomcat8/pom.xml b/integration/tomcat/tomcat8/pom.xml new file mode 100755 index 0000000000..041e9334b1 --- /dev/null +++ b/integration/tomcat/tomcat8/pom.xml @@ -0,0 +1,107 @@ + + + + keycloak-parent + org.keycloak + 1.1.0.Beta2-SNAPSHOT + ../../../pom.xml + + 4.0.0 + + keycloak-tomcat8-adapter + Keycloak Tomcat 8 Integration + + 8.0.14 + + + + + + org.jboss.logging + jboss-logging + ${jboss.logging.version} + + + org.keycloak + keycloak-core + ${project.version} + + + org.keycloak + keycloak-adapter-core + ${project.version} + + + org.keycloak + keycloak-tomcat-core-adapter + ${project.version} + + + org.apache.tomcat + tomcat-servlet-api + + + org.apache.tomcat + tomcat-catalina + + + + + org.apache.httpcomponents + httpclient + ${keycloak.apache.httpcomponents.version} + + + net.iharder + base64 + + + org.bouncycastle + bcprov-jdk16 + + + org.codehaus.jackson + jackson-core-asl + + + org.codehaus.jackson + jackson-mapper-asl + + + org.codehaus.jackson + jackson-xc + + + org.apache.tomcat + tomcat-servlet-api + ${tomcat.version} + provided + + + org.apache.tomcat + tomcat-catalina + ${tomcat.version} + provided + + + + junit + junit + test + + + + + + org.apache.maven.plugins + maven-compiler-plugin + + 1.6 + 1.6 + + + + + + diff --git a/integration/tomcat/tomcat8/src/main/java/org/keycloak/adapters/tomcat/KeycloakAuthenticatorValve.java b/integration/tomcat/tomcat8/src/main/java/org/keycloak/adapters/tomcat/KeycloakAuthenticatorValve.java new file mode 100755 index 0000000000..541baed526 --- /dev/null +++ b/integration/tomcat/tomcat8/src/main/java/org/keycloak/adapters/tomcat/KeycloakAuthenticatorValve.java @@ -0,0 +1,30 @@ +package org.keycloak.adapters.tomcat; + +import org.apache.catalina.connector.Request; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; + +/** + * Keycloak authentication valve + * + * @author Bill Burke + * @version $Revision: 1 $ + */ +public class KeycloakAuthenticatorValve extends AbstractKeycloakAuthenticatorValve { + @Override + public boolean authenticate(Request request, HttpServletResponse response) throws IOException { + return authenticateInternal(request, response); + } + + @Override + public void logout(Request request) { + logoutInternal(request); + try { + super.logout(request); + } catch (Exception e) { + throw new RuntimeException(e); + } + } +} diff --git a/integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/Actions.java b/integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/Actions.java deleted file mode 100755 index 7583061520..0000000000 --- a/integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/Actions.java +++ /dev/null @@ -1,13 +0,0 @@ -package org.keycloak.adapters.tomcat7; - -/** - * @author Bill Burke - * @version $Revision: 1 $ - */ -public interface Actions { - public static final String J_OAUTH_ADMIN_FORCED_LOGOUT = "j_oauth_admin_forced_logout"; - public static final String J_OAUTH_LOGOUT = "j_oauth_logout"; - public static final String J_OAUTH_RESOLVE_ACCESS_CODE = "j_oauth_resolve_access_code"; - public static final String J_OAUTH_REMOTE_LOGOUT = "j_oauth_remote_logout"; - public static final String J_OAUTH_TOKEN_GRANT = "j_oauth_token_grant"; -} diff --git a/testsuite/pom.xml b/testsuite/pom.xml index 3039f75c96..afcb479477 100755 --- a/testsuite/pom.xml +++ b/testsuite/pom.xml @@ -27,6 +27,7 @@ integration tomcat7 + tomcat8 jetty/jetty81 jetty/jetty92 jetty/jetty91 diff --git a/testsuite/tomcat7/pom.xml b/testsuite/tomcat7/pom.xml index c243710d16..4958340e4f 100755 --- a/testsuite/tomcat7/pom.xml +++ b/testsuite/tomcat7/pom.xml @@ -11,6 +11,10 @@ keycloak-testsuite-tomcat7 Keycloak Tomcat 7 Integration TestSuite + + + 7.0.54 + @@ -212,17 +216,17 @@ org.apache.tomcat tomcat-catalina - 7.0.54 + ${tomcat.version} org.apache.tomcat tomcat-util - 7.0.54 + ${tomcat.version} org.apache.tomcat.embed tomcat-embed-core - 7.0.54 + ${tomcat.version} diff --git a/testsuite/tomcat7/src/test/resources/tomcat-test/webapp/META-INF/context.xml b/testsuite/tomcat7/src/test/resources/tomcat-test/webapp/META-INF/context.xml index 473e6a8543..6f24639879 100755 --- a/testsuite/tomcat7/src/test/resources/tomcat-test/webapp/META-INF/context.xml +++ b/testsuite/tomcat7/src/test/resources/tomcat-test/webapp/META-INF/context.xml @@ -1,3 +1,3 @@ - + \ No newline at end of file diff --git a/testsuite/tomcat8/pom.xml b/testsuite/tomcat8/pom.xml new file mode 100755 index 0000000000..cf639c7179 --- /dev/null +++ b/testsuite/tomcat8/pom.xml @@ -0,0 +1,503 @@ + + + + keycloak-testsuite-pom + org.keycloak + 1.1.0.Beta2-SNAPSHOT + ../pom.xml + + 4.0.0 + + keycloak-testsuite-tomcat8 + Keycloak Tomcat 8 Integration TestSuite + + 8.0.14 + + + + + + org.keycloak + keycloak-dependencies-server-all + ${project.version} + pom + + + org.keycloak + keycloak-admin-client + ${project.version} + + + log4j + log4j + + + org.slf4j + slf4j-api + + + org.slf4j + slf4j-log4j12 + ${slf4j.version} + + + org.jboss.spec.javax.servlet + jboss-servlet-api_3.0_spec + + + org.jboss.resteasy + jaxrs-api + ${resteasy.version.latest} + + + org.jboss.resteasy + resteasy-jaxrs + ${resteasy.version.latest} + + + log4j + log4j + + + org.slf4j + slf4j-api + + + org.slf4j + slf4j-simple + + + + + org.jboss.resteasy + resteasy-client + ${resteasy.version.latest} + + + org.jboss.resteasy + resteasy-crypto + ${resteasy.version.latest} + + + org.jboss.resteasy + resteasy-multipart-provider + ${resteasy.version.latest} + + + org.jboss.resteasy + resteasy-jackson-provider + ${resteasy.version.latest} + + + org.jboss.resteasy + resteasy-undertow + ${resteasy.version.latest} + + + com.google.zxing + javase + + + org.bouncycastle + bcprov-jdk16 + + + org.apache.httpcomponents + httpclient + ${keycloak.apache.httpcomponents.version} + + + org.keycloak + keycloak-ldap-federation + ${project.version} + + + org.keycloak + keycloak-undertow-adapter + ${project.version} + + + org.keycloak + keycloak-tomcat8-adapter + ${project.version} + + + org.jboss.logging + jboss-logging + + + io.undertow + undertow-servlet + + + io.undertow + undertow-core + + + org.codehaus.jackson + jackson-core-asl + + + org.codehaus.jackson + jackson-mapper-asl + + + org.codehaus.jackson + jackson-xc + + + junit + junit + + + org.hamcrest + hamcrest-all + + + org.hibernate.javax.persistence + hibernate-jpa-2.0-api + + + com.h2database + h2 + + + org.hibernate + hibernate-entitymanager + + + com.icegreen + greenmail + + + org.slf4j + slf4j-api + + + + + org.infinispan + infinispan-core + + + org.seleniumhq.selenium + selenium-java + + + xml-apis + xml-apis + + + org.seleniumhq.selenium + selenium-chrome-driver + + + org.wildfly + wildfly-undertow + ${wildfly.version} + test + + + org.keycloak + keycloak-testsuite-integration + ${project.version} + test + + + org.keycloak + keycloak-testsuite-integration + ${project.version} + test-jar + test + + + + org.apache.tomcat + tomcat-catalina + ${tomcat.version} + + + org.apache.tomcat + tomcat-util + ${tomcat.version} + + + org.apache.tomcat.embed + tomcat-embed-core + ${tomcat.version} + + + + + + + org.apache.maven.plugins + maven-jar-plugin + 2.2 + + + + test-jar + + + + + + org.apache.maven.plugins + maven-deploy-plugin + + true + + + + org.apache.maven.plugins + maven-compiler-plugin + + ${maven.compiler.source} + ${maven.compiler.target} + + + + org.codehaus.mojo + exec-maven-plugin + + ${project.basedir} + + + + + + + + keycloak-server + + + + org.codehaus.mojo + exec-maven-plugin + + org.keycloak.testutils.KeycloakServer + + + + + + + mail-server + + + + org.codehaus.mojo + exec-maven-plugin + + org.keycloak.testutils.MailServer + + + + + + + totp + + + + org.codehaus.mojo + exec-maven-plugin + + org.keycloak.testutils.TotpGenerator + + + + + + + + jpa + + + + + org.apache.maven.plugins + maven-surefire-plugin + + + jpa + jpa + jpa + jpa + + + + + + + + + mongo + + + localhost + 27018 + keycloak + true + 127.0.0.1 + + + + + + + + org.apache.maven.plugins + maven-surefire-plugin + + + test + integration-test + + test + + + + mongo + mongo + mongo + mongo + ${keycloak.connectionsMongo.host} + ${keycloak.connectionsMongo.port} + ${keycloak.connectionsMongo.db} + ${keycloak.connectionsMongo.clearOnStartup} + ${keycloak.connectionsMongo.bindIp} + + + + + default-test + + true + + + + + + + + com.github.joelittlejohn.embedmongo + embedmongo-maven-plugin + + + start-mongodb + pre-integration-test + + start + + + ${keycloak.connectionsMongo.port} + file + ${project.build.directory}/mongodb.log + ${keycloak.connectionsMongo.bindIp} + + + + stop-mongodb + post-integration-test + + stop + + + + + + + + + + + infinispan + + + + + org.apache.maven.plugins + maven-surefire-plugin + + + infinispan + infinispan + infinispan + + + + + + + + + + + + keycloak.connectionsJpa.driver + com.mysql.jdbc.Driver + + + mysql + + + mysql + mysql-connector-java + ${mysql.version} + + + + + + + + + keycloak.connectionsJpa.driver + org.postgresql.Driver + + + postgresql + + + org.postgresql + postgresql + ${postgresql.version} + + + + + + clean-jpa + + + + org.liquibase + liquibase-maven-plugin + + META-INF/jpa-changelog-master.xml + + ${keycloak.connectionsJpa.url} + ${keycloak.connectionsJpa.driver} + ${keycloak.connectionsJpa.user} + ${keycloak.connectionsJpa.password} + + false + + + + clean-jpa + clean + + dropAll + + + + + + + + + diff --git a/testsuite/tomcat8/src/test/java/org/keycloak/testsuite/TomcatTest.java b/testsuite/tomcat8/src/test/java/org/keycloak/testsuite/TomcatTest.java new file mode 100755 index 0000000000..ec218bb8fd --- /dev/null +++ b/testsuite/tomcat8/src/test/java/org/keycloak/testsuite/TomcatTest.java @@ -0,0 +1,185 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2012, Red Hat, Inc., and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.keycloak.testsuite; + +import org.apache.catalina.startup.Tomcat; +import org.junit.AfterClass; +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.ClassRule; +import org.junit.Ignore; +import org.junit.Rule; +import org.junit.Test; +import org.keycloak.KeycloakSecurityContext; +import org.keycloak.OAuth2Constants; +import org.keycloak.models.KeycloakSession; +import org.keycloak.models.RealmModel; +import org.keycloak.protocol.oidc.OpenIDConnectService; +import org.keycloak.representations.idm.RealmRepresentation; +import org.keycloak.services.managers.RealmManager; +import org.keycloak.testsuite.pages.LoginPage; +import org.keycloak.testsuite.rule.AbstractKeycloakRule; +import org.keycloak.testsuite.rule.WebResource; +import org.keycloak.testsuite.rule.WebRule; +import org.keycloak.testutils.KeycloakServer; +import org.openqa.selenium.WebDriver; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.ws.rs.core.UriBuilder; +import java.io.File; +import java.io.IOException; +import java.io.OutputStream; +import java.net.URL; +import java.security.Principal; +import java.util.regex.Matcher; + +/** + * @author Stian Thorgersen + */ +public class TomcatTest { + static String logoutUri = OpenIDConnectService.logoutUrl(UriBuilder.fromUri("http://localhost:8081/auth")) + .queryParam(OAuth2Constants.REDIRECT_URI, "http://localhost:8080/customer-portal").build("demo").toString(); + + @ClassRule + public static AbstractKeycloakRule keycloakRule = new AbstractKeycloakRule() { + @Override + protected void configure(KeycloakSession session, RealmManager manager, RealmModel adminRealm) { + RealmRepresentation representation = KeycloakServer.loadJson(getClass().getResourceAsStream("/tomcat-test/demorealm.json"), RealmRepresentation.class); + RealmModel realm = manager.importRealm(representation); + } + }; + + public static class SendUsernameServlet extends HttpServlet { + @Override + protected void doGet(final HttpServletRequest req, final HttpServletResponse resp) throws ServletException, IOException { + resp.setContentType("text/plain"); + OutputStream stream = resp.getOutputStream(); + Principal principal = req.getUserPrincipal(); + if (principal == null) { + stream.write("null".getBytes()); + return; + } + String name = principal.getName(); + stream.write(name.getBytes()); + stream.write("\n".getBytes()); + KeycloakSecurityContext context = (KeycloakSecurityContext)req.getAttribute(KeycloakSecurityContext.class.getName()); + stream.write(context.getIdToken().getName().getBytes()); + stream.write("\n".getBytes()); + stream.write(logoutUri.getBytes()); + + } + @Override + protected void doPost(final HttpServletRequest req, final HttpServletResponse resp) throws ServletException, IOException { + doGet(req, resp); + } + } + + static Tomcat tomcat = null; + + @BeforeClass + public static void initTomcat() throws Exception { + URL dir = TomcatTest.class.getResource("/tomcat-test/webapp/META-INF/context.xml"); + File webappDir = new File(dir.getFile()).getParentFile().getParentFile(); + tomcat = new Tomcat(); + String baseDir = getBaseDirectory(); + tomcat.setBaseDir(baseDir); + tomcat.setPort(8080); + + tomcat.addWebapp("/customer-portal", webappDir.toString()); + System.out.println("configuring app with basedir: " + webappDir.toString()); + + tomcat.start(); + //tomcat.getServer().await(); + } + + @AfterClass + public static void shutdownTomcat() throws Exception { + tomcat.stop(); + tomcat.destroy(); + } + + @Rule + public WebRule webRule = new WebRule(this); + @WebResource + protected WebDriver driver; + @WebResource + protected LoginPage loginPage; + + public static final String LOGIN_URL = OpenIDConnectService.loginPageUrl(UriBuilder.fromUri("http://localhost:8081/auth")).build("demo").toString(); + @Test + public void testLoginSSOAndLogout() throws Exception { + driver.navigate().to("http://localhost:8080/customer-portal"); + System.out.println("Current url: " + driver.getCurrentUrl()); + Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL)); + loginPage.login("bburke@redhat.com", "password"); + System.out.println("Current url: " + driver.getCurrentUrl()); + Assert.assertEquals(driver.getCurrentUrl(), "http://localhost:8080/customer-portal"); + String pageSource = driver.getPageSource(); + System.out.println(pageSource); + Assert.assertTrue(pageSource.contains("Bill Burke")); + + // test logout + + String logoutUri = OpenIDConnectService.logoutUrl(UriBuilder.fromUri("http://localhost:8081/auth")) + .queryParam(OAuth2Constants.REDIRECT_URI, "http://localhost:8080/customer-portal").build("demo").toString(); + driver.navigate().to(logoutUri); + Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL)); + driver.navigate().to("http://localhost:8080/customer-portal"); + String currentUrl = driver.getCurrentUrl(); + Assert.assertTrue(currentUrl.startsWith(LOGIN_URL)); + + + } + + @Test + @Ignore + public void runit() throws Exception { + Thread.sleep(10000000); + } + + + private static String getBaseDirectory() { + String dirPath = null; + String relativeDirPath = "testsuite" + File.separator + "tomcat8" + File.separator + "target"; + + if (System.getProperties().containsKey("maven.home")) { + dirPath = System.getProperty("user.dir").replaceFirst("testsuite.tomcat8.*", Matcher.quoteReplacement(relativeDirPath)); + } else { + for (String c : System.getProperty("java.class.path").split(File.pathSeparator)) { + if (c.contains(File.separator + "testsuite" + File.separator + "tomcat8")) { + dirPath = c.replaceFirst("testsuite.tomcat8.*", Matcher.quoteReplacement(relativeDirPath)); + break; + } + } + } + + String absolutePath = new File(dirPath).getAbsolutePath(); + return absolutePath; + } + + + + +} diff --git a/testsuite/tomcat8/src/test/resources/tomcat-test/demorealm.json b/testsuite/tomcat8/src/test/resources/tomcat-test/demorealm.json new file mode 100755 index 0000000000..a4a6ec9903 --- /dev/null +++ b/testsuite/tomcat8/src/test/resources/tomcat-test/demorealm.json @@ -0,0 +1,58 @@ +{ + "id": "demo", + "realm": "demo", + "enabled": true, + "accessTokenLifespan": 3000, + "accessCodeLifespan": 10, + "accessCodeLifespanUserAction": 6000, + "sslRequired": "external", + "registrationAllowed": false, + "social": false, + "passwordCredentialGrantAllowed": true, + "updateProfileOnInitialSocialLogin": false, + "privateKey": "MIICXAIBAAKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQABAoGAfmO8gVhyBxdqlxmIuglbz8bcjQbhXJLR2EoS8ngTXmN1bo2L90M0mUKSdc7qF10LgETBzqL8jYlQIbt+e6TH8fcEpKCjUlyq0Mf/vVbfZSNaVycY13nTzo27iPyWQHK5NLuJzn1xvxxrUeXI6A2WFpGEBLbHjwpx5WQG9A+2scECQQDvdn9NE75HPTVPxBqsEd2z10TKkl9CZxu10Qby3iQQmWLEJ9LNmy3acvKrE3gMiYNWb6xHPKiIqOR1as7L24aTAkEAtyvQOlCvr5kAjVqrEKXalj0Tzewjweuxc0pskvArTI2Oo070h65GpoIKLc9jf+UA69cRtquwP93aZKtW06U8dQJAF2Y44ks/mK5+eyDqik3koCI08qaC8HYq2wVl7G2QkJ6sbAaILtcvD92ToOvyGyeE0flvmDZxMYlvaZnaQ0lcSQJBAKZU6umJi3/xeEbkJqMfeLclD27XGEFoPeNrmdx0q10Azp4NfJAY+Z8KRyQCR2BEG+oNitBOZ+YXF9KCpH3cdmECQHEigJhYg+ykOvr1aiZUMFT72HU0jnmQe2FVekuG+LJUt2Tm7GtMjTFoGpf0JwrVuZN39fOYAlo+nTixgeW7X8Y=", + "publicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB", + "requiredCredentials": [ "password" ], + "users" : [ + { + "username" : "bburke@redhat.com", + "enabled": true, + "email" : "bburke@redhat.com", + "firstName": "Bill", + "lastName": "Burke", + "credentials" : [ + { "type" : "password", + "value" : "password" } + ], + "realmRoles": [ "user", "admin" ], + "applicationRoles": { + "account": [ "manage-account" ] + } + } + ], + "roles" : { + "realm" : [ + { + "name": "user", + "description": "User privileges" + }, + { + "name": "admin", + "description": "Administrator privileges" + } + ] + }, + "applications": [ + { + "name": "customer-portal", + "enabled": true, + "fullScopeAllowed": true, + "adminUrl": "http://localhost:8080/customer-portal", + "baseUrl": "http://localhost:8080/customer-portal", + "redirectUris": [ + "http://localhost:8080/customer-portal/*" + ], + "secret": "password" + } + ] +} diff --git a/testsuite/tomcat8/src/test/resources/tomcat-test/webapp/META-INF/context.xml b/testsuite/tomcat8/src/test/resources/tomcat-test/webapp/META-INF/context.xml new file mode 100755 index 0000000000..6f24639879 --- /dev/null +++ b/testsuite/tomcat8/src/test/resources/tomcat-test/webapp/META-INF/context.xml @@ -0,0 +1,3 @@ + + + \ No newline at end of file diff --git a/testsuite/tomcat8/src/test/resources/tomcat-test/webapp/WEB-INF/keycloak.json b/testsuite/tomcat8/src/test/resources/tomcat-test/webapp/WEB-INF/keycloak.json new file mode 100755 index 0000000000..4e2fe1e556 --- /dev/null +++ b/testsuite/tomcat8/src/test/resources/tomcat-test/webapp/WEB-INF/keycloak.json @@ -0,0 +1,10 @@ +{ + "realm": "demo", + "resource": "customer-portal", + "realm-public-key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB", + "auth-server-url": "http://localhost:8081/auth", + "ssl-required" : "external", + "credentials": { + "secret": "password" + } +} diff --git a/testsuite/tomcat8/src/test/resources/tomcat-test/webapp/WEB-INF/web.xml b/testsuite/tomcat8/src/test/resources/tomcat-test/webapp/WEB-INF/web.xml new file mode 100755 index 0000000000..12416c8b73 --- /dev/null +++ b/testsuite/tomcat8/src/test/resources/tomcat-test/webapp/WEB-INF/web.xml @@ -0,0 +1,40 @@ + + + + adapter-test + + + SendUsername + org.keycloak.testsuite.TomcatTest$SendUsernameServlet + + + + SendUsername + /* + + + + + Admins + /* + + + admin + + + + + BASIC + demo + + + + admin + + + user + + From a65560c5e6ba2dfb47075c425de680262f37389c Mon Sep 17 00:00:00 2001 From: Bill Burke Date: Wed, 12 Nov 2014 19:03:22 -0500 Subject: [PATCH 3/3] tomcat8 --- distribution/tomcat7-adapter-zip/assembly.xml | 4 ++++ distribution/tomcat8-adapter-zip/assembly.xml | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/distribution/tomcat7-adapter-zip/assembly.xml b/distribution/tomcat7-adapter-zip/assembly.xml index 46a3065418..3740ac89e4 100755 --- a/distribution/tomcat7-adapter-zip/assembly.xml +++ b/distribution/tomcat7-adapter-zip/assembly.xml @@ -14,6 +14,10 @@ org.keycloak:keycloak-tomcat7-adapter + + org.apache.tomcat:tomcat-servlet-api + org.apache.tomcat:tomcat-catalina + diff --git a/distribution/tomcat8-adapter-zip/assembly.xml b/distribution/tomcat8-adapter-zip/assembly.xml index 308d4d2dbc..84cb721308 100755 --- a/distribution/tomcat8-adapter-zip/assembly.xml +++ b/distribution/tomcat8-adapter-zip/assembly.xml @@ -14,6 +14,10 @@ org.keycloak:keycloak-tomcat8-adapter + + org.apache.tomcat:tomcat-servlet-api + org.apache.tomcat:tomcat-catalina +