Merge pull request #1322 from mposolda/master
KEYCLOAK-1368 allow forwarding to error page in bearer-only deploymen…
This commit is contained in:
commit
442d65bb5f
34 changed files with 798 additions and 51 deletions
|
@ -136,7 +136,7 @@ public class BearerTokenRequestAuthenticator {
|
||||||
return new AuthChallenge() {
|
return new AuthChallenge() {
|
||||||
@Override
|
@Override
|
||||||
public boolean errorPage() {
|
public boolean errorPage() {
|
||||||
return false;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
|
@ -48,21 +48,50 @@ public class AdapterTest {
|
||||||
realmPublicKey = realm.getPublicKey();
|
realmPublicKey = realm.getPublicKey();
|
||||||
|
|
||||||
URL url = getClass().getResource("/adapter-test/cust-app-keycloak.json");
|
URL url = getClass().getResource("/adapter-test/cust-app-keycloak.json");
|
||||||
deployApplication("customer-portal", "/customer-portal", CustomerServlet.class, url.getPath(), "user");
|
createApplicationDeployment()
|
||||||
|
.name("customer-portal").contextPath("/customer-portal")
|
||||||
|
.servletClass(CustomerServlet.class).adapterConfigPath(url.getPath())
|
||||||
|
.role("user").deployApplication();
|
||||||
|
|
||||||
url = getClass().getResource("/adapter-test/secure-portal-keycloak.json");
|
url = getClass().getResource("/adapter-test/secure-portal-keycloak.json");
|
||||||
deployApplication("secure-portal", "/secure-portal", CallAuthenticatedServlet.class, url.getPath(), "user", false);
|
createApplicationDeployment()
|
||||||
|
.name("secure-portal").contextPath("/secure-portal")
|
||||||
|
.servletClass(CallAuthenticatedServlet.class).adapterConfigPath(url.getPath())
|
||||||
|
.role("user")
|
||||||
|
.isConstrained(false).deployApplication();
|
||||||
|
|
||||||
url = getClass().getResource("/adapter-test/customer-db-keycloak.json");
|
url = getClass().getResource("/adapter-test/customer-db-keycloak.json");
|
||||||
deployApplication("customer-db", "/customer-db", CustomerDatabaseServlet.class, url.getPath(), "user");
|
createApplicationDeployment()
|
||||||
|
.name("customer-db").contextPath("/customer-db")
|
||||||
|
.servletClass(CustomerDatabaseServlet.class).adapterConfigPath(url.getPath())
|
||||||
|
.role("user")
|
||||||
|
.errorPage(null).deployApplication();
|
||||||
|
|
||||||
|
createApplicationDeployment()
|
||||||
|
.name("customer-db-error-page").contextPath("/customer-db-error-page")
|
||||||
|
.servletClass(CustomerDatabaseServlet.class).adapterConfigPath(url.getPath())
|
||||||
|
.role("user").deployApplication();
|
||||||
|
|
||||||
url = getClass().getResource("/adapter-test/product-keycloak.json");
|
url = getClass().getResource("/adapter-test/product-keycloak.json");
|
||||||
deployApplication("product-portal", "/product-portal", ProductServlet.class, url.getPath(), "user");
|
createApplicationDeployment()
|
||||||
|
.name("product-portal").contextPath("/product-portal")
|
||||||
|
.servletClass(ProductServlet.class).adapterConfigPath(url.getPath())
|
||||||
|
.role("user").deployApplication();
|
||||||
|
|
||||||
// Test that replacing system properties works for adapters
|
// Test that replacing system properties works for adapters
|
||||||
System.setProperty("app.server.base.url", "http://localhost:8081");
|
System.setProperty("app.server.base.url", "http://localhost:8081");
|
||||||
System.setProperty("my.host.name", "localhost");
|
System.setProperty("my.host.name", "localhost");
|
||||||
url = getClass().getResource("/adapter-test/session-keycloak.json");
|
url = getClass().getResource("/adapter-test/session-keycloak.json");
|
||||||
deployApplication("session-portal", "/session-portal", SessionServlet.class, url.getPath(), "user");
|
createApplicationDeployment()
|
||||||
|
.name("session-portal").contextPath("/session-portal")
|
||||||
|
.servletClass(SessionServlet.class).adapterConfigPath(url.getPath())
|
||||||
|
.role("user").deployApplication();
|
||||||
|
|
||||||
url = getClass().getResource("/adapter-test/input-keycloak.json");
|
url = getClass().getResource("/adapter-test/input-keycloak.json");
|
||||||
deployApplication("input-portal", "/input-portal", InputServlet.class, url.getPath(), "user", true, null, "/secured/*");
|
createApplicationDeployment()
|
||||||
|
.name("input-portal").contextPath("/input-portal")
|
||||||
|
.servletClass(InputServlet.class).adapterConfigPath(url.getPath())
|
||||||
|
.role("user").constraintUrl("/secured/*").deployApplication();
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -109,6 +138,15 @@ public class AdapterTest {
|
||||||
testStrategy.testNullBearerToken();
|
testStrategy.testNullBearerToken();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* KEYCLOAK-1368
|
||||||
|
* @throws Exception
|
||||||
|
*/
|
||||||
|
@Test
|
||||||
|
public void testNullBearerTokenCustomErrorPage() throws Exception {
|
||||||
|
testStrategy.testNullBearerTokenCustomErrorPage();
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* KEYCLOAK-518
|
* KEYCLOAK-518
|
||||||
* @throws Exception
|
* @throws Exception
|
||||||
|
|
|
@ -21,6 +21,11 @@
|
||||||
*/
|
*/
|
||||||
package org.keycloak.testsuite.adapter;
|
package org.keycloak.testsuite.adapter;
|
||||||
|
|
||||||
|
import io.undertow.util.Headers;
|
||||||
|
import org.apache.http.client.HttpClient;
|
||||||
|
import org.apache.http.impl.client.HttpClientBuilder;
|
||||||
|
import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder;
|
||||||
|
import org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient4Engine;
|
||||||
import org.junit.Assert;
|
import org.junit.Assert;
|
||||||
import org.junit.rules.ExternalResource;
|
import org.junit.rules.ExternalResource;
|
||||||
import org.keycloak.Config;
|
import org.keycloak.Config;
|
||||||
|
@ -393,6 +398,43 @@ public class AdapterTestStrategy extends ExternalResource {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* KEYCLOAK-1368
|
||||||
|
* @throws Exception
|
||||||
|
*/
|
||||||
|
public void testNullBearerTokenCustomErrorPage() throws Exception {
|
||||||
|
Client client = ClientBuilder.newClient();
|
||||||
|
WebTarget target = client.target(APP_SERVER_BASE_URL + "/customer-db-error-page/");
|
||||||
|
|
||||||
|
Response response = target.request().get();
|
||||||
|
|
||||||
|
// TODO: follow redirects automatically if possible
|
||||||
|
if (response.getStatus() == 302) {
|
||||||
|
String location = response.getHeaderString(HttpHeaders.LOCATION);
|
||||||
|
response.close();
|
||||||
|
response = client.target(location).request().get();
|
||||||
|
}
|
||||||
|
Assert.assertEquals(200, response.getStatus());
|
||||||
|
String errorPageResponse = response.readEntity(String.class);
|
||||||
|
Assert.assertTrue(errorPageResponse.contains("Error Page"));
|
||||||
|
response.close();
|
||||||
|
|
||||||
|
response = target.request().header(HttpHeaders.AUTHORIZATION, "Bearer null").get();
|
||||||
|
// TODO: follow redirects automatically if possible
|
||||||
|
if (response.getStatus() == 302) {
|
||||||
|
String location = response.getHeaderString(HttpHeaders.LOCATION);
|
||||||
|
response.close();
|
||||||
|
response = client.target(location).request().get();
|
||||||
|
}
|
||||||
|
Assert.assertEquals(200, response.getStatus());
|
||||||
|
errorPageResponse = response.readEntity(String.class);
|
||||||
|
Assert.assertTrue(errorPageResponse.contains("Error Page"));
|
||||||
|
response.close();
|
||||||
|
|
||||||
|
client.close();
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* KEYCLOAK-518
|
* KEYCLOAK-518
|
||||||
* @throws Exception
|
* @throws Exception
|
||||||
|
|
|
@ -45,11 +45,23 @@ public class CookieTokenStoreAdapterTest {
|
||||||
manager.importRealm(representation);
|
manager.importRealm(representation);
|
||||||
|
|
||||||
URL url = getClass().getResource("/adapter-test/cust-app-keycloak.json");
|
URL url = getClass().getResource("/adapter-test/cust-app-keycloak.json");
|
||||||
deployApplication("customer-portal", "/customer-portal", CustomerServlet.class, url.getPath(), "user");
|
createApplicationDeployment()
|
||||||
|
.name("customer-portal").contextPath("/customer-portal")
|
||||||
|
.servletClass(CustomerServlet.class).adapterConfigPath(url.getPath())
|
||||||
|
.role("user").deployApplication();
|
||||||
|
|
||||||
url = getClass().getResource("/adapter-test/cust-app-cookie-keycloak.json");
|
url = getClass().getResource("/adapter-test/cust-app-cookie-keycloak.json");
|
||||||
deployApplication("customer-cookie-portal", "/customer-cookie-portal", CustomerServlet.class, url.getPath(), "user");
|
createApplicationDeployment()
|
||||||
|
.name("customer-cookie-portal").contextPath("/customer-cookie-portal")
|
||||||
|
.servletClass(CustomerServlet.class).adapterConfigPath(url.getPath())
|
||||||
|
.role("user").deployApplication();
|
||||||
|
|
||||||
url = getClass().getResource("/adapter-test/customer-db-keycloak.json");
|
url = getClass().getResource("/adapter-test/customer-db-keycloak.json");
|
||||||
deployApplication("customer-db", "/customer-db", CustomerDatabaseServlet.class, url.getPath(), "user");
|
createApplicationDeployment()
|
||||||
|
.name("customer-db").contextPath("/customer-db")
|
||||||
|
.servletClass(CustomerDatabaseServlet.class).adapterConfigPath(url.getPath())
|
||||||
|
.role("user")
|
||||||
|
.errorPage(null).deployApplication();
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -26,6 +26,7 @@ import org.keycloak.models.RealmModel;
|
||||||
import org.keycloak.protocol.oidc.OIDCLoginProtocolService;
|
import org.keycloak.protocol.oidc.OIDCLoginProtocolService;
|
||||||
import org.keycloak.representations.idm.RealmRepresentation;
|
import org.keycloak.representations.idm.RealmRepresentation;
|
||||||
import org.keycloak.services.managers.RealmManager;
|
import org.keycloak.services.managers.RealmManager;
|
||||||
|
import org.keycloak.testsuite.federation.KerberosCredDelegServlet;
|
||||||
import org.keycloak.testsuite.pages.LoginPage;
|
import org.keycloak.testsuite.pages.LoginPage;
|
||||||
import org.keycloak.testsuite.rule.AbstractKeycloakRule;
|
import org.keycloak.testsuite.rule.AbstractKeycloakRule;
|
||||||
import org.keycloak.testsuite.rule.WebResource;
|
import org.keycloak.testsuite.rule.WebResource;
|
||||||
|
@ -57,7 +58,11 @@ public class MultiTenancyTest {
|
||||||
RealmRepresentation tenant2 = KeycloakServer.loadJson(getClass().getResourceAsStream("/adapter-test/tenant2-realm.json"), RealmRepresentation.class);
|
RealmRepresentation tenant2 = KeycloakServer.loadJson(getClass().getResourceAsStream("/adapter-test/tenant2-realm.json"), RealmRepresentation.class);
|
||||||
manager.importRealm(tenant2);
|
manager.importRealm(tenant2);
|
||||||
|
|
||||||
deployApplication("multi-tenant", "/multi-tenant", MultiTenantServlet.class, null, "user", true, MultiTenantResolver.class);
|
createApplicationDeployment()
|
||||||
|
.name("multi-tenant").contextPath("/multi-tenant")
|
||||||
|
.servletClass(MultiTenantServlet.class)
|
||||||
|
.role("user")
|
||||||
|
.keycloakConfigResolver(MultiTenantResolver.class).deployApplication();
|
||||||
}
|
}
|
||||||
|
|
||||||
protected String[] getTestRealms() {
|
protected String[] getTestRealms() {
|
||||||
|
|
|
@ -84,11 +84,23 @@ public class RelativeUriAdapterTest {
|
||||||
realmPublicKey = realm.getPublicKey();
|
realmPublicKey = realm.getPublicKey();
|
||||||
|
|
||||||
URL url = getClass().getResource("/adapter-test/cust-app-keycloak-relative.json");
|
URL url = getClass().getResource("/adapter-test/cust-app-keycloak-relative.json");
|
||||||
deployApplication("customer-portal", "/customer-portal", CustomerServlet.class, url.getPath(), "user");
|
createApplicationDeployment()
|
||||||
|
.name("customer-portal").contextPath("/customer-portal")
|
||||||
|
.servletClass(CustomerServlet.class).adapterConfigPath(url.getPath())
|
||||||
|
.role("user").deployApplication();
|
||||||
|
|
||||||
url = getClass().getResource("/adapter-test/customer-db-keycloak-relative.json");
|
url = getClass().getResource("/adapter-test/customer-db-keycloak-relative.json");
|
||||||
deployApplication("customer-db", "/customer-db", CustomerDatabaseServlet.class, url.getPath(), "user");
|
createApplicationDeployment()
|
||||||
|
.name("customer-db").contextPath("/customer-db")
|
||||||
|
.servletClass(CustomerDatabaseServlet.class).adapterConfigPath(url.getPath())
|
||||||
|
.role("user")
|
||||||
|
.errorPage(null).deployApplication();
|
||||||
|
|
||||||
url = getClass().getResource("/adapter-test/product-keycloak-relative.json");
|
url = getClass().getResource("/adapter-test/product-keycloak-relative.json");
|
||||||
deployApplication("product-portal", "/product-portal", ProductServlet.class, url.getPath(), "user");
|
createApplicationDeployment()
|
||||||
|
.name("product-portal").contextPath("/product-portal")
|
||||||
|
.servletClass(ProductServlet.class).adapterConfigPath(url.getPath())
|
||||||
|
.role("user").deployApplication();
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -20,6 +20,7 @@ package org.keycloak.testsuite.broker;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.models.RealmModel;
|
import org.keycloak.models.RealmModel;
|
||||||
import org.keycloak.services.managers.RealmManager;
|
import org.keycloak.services.managers.RealmManager;
|
||||||
|
import org.keycloak.testsuite.adapter.CustomerDatabaseServlet;
|
||||||
import org.keycloak.testsuite.broker.util.UserSessionStatusServlet;
|
import org.keycloak.testsuite.broker.util.UserSessionStatusServlet;
|
||||||
import org.keycloak.testsuite.rule.AbstractKeycloakRule;
|
import org.keycloak.testsuite.rule.AbstractKeycloakRule;
|
||||||
|
|
||||||
|
@ -34,8 +35,16 @@ public class BrokerKeyCloakRule extends AbstractKeycloakRule {
|
||||||
protected void configure(KeycloakSession session, RealmManager manager, RealmModel adminRealm) {
|
protected void configure(KeycloakSession session, RealmManager manager, RealmModel adminRealm) {
|
||||||
server.importRealm(getClass().getResourceAsStream("/broker-test/test-realm-with-broker.json"));
|
server.importRealm(getClass().getResourceAsStream("/broker-test/test-realm-with-broker.json"));
|
||||||
URL url = getClass().getResource("/broker-test/test-app-keycloak.json");
|
URL url = getClass().getResource("/broker-test/test-app-keycloak.json");
|
||||||
deployApplication("test-app", "/test-app", UserSessionStatusServlet.class, url.getPath(), "manager");
|
|
||||||
deployApplication("test-app-allowed-providers", "/test-app-allowed-providers", UserSessionStatusServlet.class, url.getPath(), "manager");
|
createApplicationDeployment()
|
||||||
|
.name("test-app").contextPath("/test-app")
|
||||||
|
.servletClass(UserSessionStatusServlet.class).adapterConfigPath(url.getPath())
|
||||||
|
.role("manager").deployApplication();
|
||||||
|
|
||||||
|
createApplicationDeployment()
|
||||||
|
.name("test-app-allowed-providers").contextPath("/test-app-allowed-providers")
|
||||||
|
.servletClass(UserSessionStatusServlet.class).adapterConfigPath(url.getPath())
|
||||||
|
.role("manager").deployApplication();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
|
@ -20,6 +20,7 @@ import org.keycloak.models.UserFederationProvider;
|
||||||
import org.keycloak.models.UserFederationProviderModel;
|
import org.keycloak.models.UserFederationProviderModel;
|
||||||
import org.keycloak.services.managers.RealmManager;
|
import org.keycloak.services.managers.RealmManager;
|
||||||
import org.keycloak.testsuite.AssertEvents;
|
import org.keycloak.testsuite.AssertEvents;
|
||||||
|
import org.keycloak.testsuite.adapter.CustomerServlet;
|
||||||
import org.keycloak.testsuite.rule.KerberosRule;
|
import org.keycloak.testsuite.rule.KerberosRule;
|
||||||
import org.keycloak.testsuite.rule.KeycloakRule;
|
import org.keycloak.testsuite.rule.KeycloakRule;
|
||||||
import org.keycloak.testsuite.rule.WebRule;
|
import org.keycloak.testsuite.rule.WebRule;
|
||||||
|
@ -42,7 +43,10 @@ public class KerberosLdapTest extends AbstractKerberosTest {
|
||||||
@Override
|
@Override
|
||||||
public void config(RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
|
public void config(RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
|
||||||
URL url = getClass().getResource("/kerberos-test/kerberos-app-keycloak.json");
|
URL url = getClass().getResource("/kerberos-test/kerberos-app-keycloak.json");
|
||||||
keycloakRule.deployApplication("kerberos-portal", "/kerberos-portal", KerberosCredDelegServlet.class, url.getPath(), "user");
|
keycloakRule.createApplicationDeployment()
|
||||||
|
.name("kerberos-portal").contextPath("/kerberos-portal")
|
||||||
|
.servletClass(KerberosCredDelegServlet.class).adapterConfigPath(url.getPath())
|
||||||
|
.role("user").deployApplication();
|
||||||
|
|
||||||
Map<String,String> ldapConfig = kerberosRule.getConfig();
|
Map<String,String> ldapConfig = kerberosRule.getConfig();
|
||||||
ldapModel = appRealm.addUserFederationProvider(LDAPFederationProviderFactory.PROVIDER_NAME, ldapConfig, 0, "kerberos-ldap", -1, -1, 0);
|
ldapModel = appRealm.addUserFederationProvider(LDAPFederationProviderFactory.PROVIDER_NAME, ldapConfig, 0, "kerberos-ldap", -1, -1, 0);
|
||||||
|
|
|
@ -42,7 +42,11 @@ public class KerberosStandaloneTest extends AbstractKerberosTest {
|
||||||
@Override
|
@Override
|
||||||
public void config(RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
|
public void config(RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
|
||||||
URL url = getClass().getResource("/kerberos-test/kerberos-app-keycloak.json");
|
URL url = getClass().getResource("/kerberos-test/kerberos-app-keycloak.json");
|
||||||
keycloakRule.deployApplication("kerberos-portal", "/kerberos-portal", KerberosCredDelegServlet.class, url.getPath(), "user");
|
keycloakRule.createApplicationDeployment()
|
||||||
|
.name("kerberos-portal").contextPath("/kerberos-portal")
|
||||||
|
.servletClass(KerberosCredDelegServlet.class).adapterConfigPath(url.getPath())
|
||||||
|
.role("user").deployApplication();
|
||||||
|
|
||||||
|
|
||||||
Map<String,String> kerberosConfig = kerberosRule.getConfig();
|
Map<String,String> kerberosConfig = kerberosRule.getConfig();
|
||||||
kerberosModel = appRealm.addUserFederationProvider(KerberosFederationProviderFactory.PROVIDER_NAME, kerberosConfig, 0, "kerberos-standalone", -1, -1, 0);
|
kerberosModel = appRealm.addUserFederationProvider(KerberosFederationProviderFactory.PROVIDER_NAME, kerberosConfig, 0, "kerberos-standalone", -1, -1, 0);
|
||||||
|
|
|
@ -148,40 +148,9 @@ public abstract class AbstractKeycloakRule extends ExternalResource {
|
||||||
return deploymentInfo;
|
return deploymentInfo;
|
||||||
}
|
}
|
||||||
|
|
||||||
public void deployApplication(String name, String contextPath, Class<? extends Servlet> servletClass, String adapterConfigPath, String role) {
|
|
||||||
deployApplication(name, contextPath, servletClass, adapterConfigPath, role, true);
|
|
||||||
|
|
||||||
}
|
public DeploymentBuilder createApplicationDeployment() {
|
||||||
|
return new DeploymentBuilder();
|
||||||
public void deployApplication(String name, String contextPath, Class<? extends Servlet> servletClass, String adapterConfigPath, String role, boolean isConstrained) {
|
|
||||||
deployApplication(name, contextPath, servletClass, adapterConfigPath, role, isConstrained, null);
|
|
||||||
}
|
|
||||||
|
|
||||||
public void deployApplication(String name, String contextPath, Class<? extends Servlet> servletClass, String adapterConfigPath, String role, boolean isConstrained, Class<? extends KeycloakConfigResolver> keycloakConfigResolver) {
|
|
||||||
String constraintUrl = "/*";
|
|
||||||
deployApplication(name, contextPath, servletClass, adapterConfigPath, role, isConstrained, keycloakConfigResolver, constraintUrl);
|
|
||||||
}
|
|
||||||
|
|
||||||
public void deployApplication(String name, String contextPath, Class<? extends Servlet> servletClass, String adapterConfigPath, String role, boolean isConstrained, Class<? extends KeycloakConfigResolver> keycloakConfigResolver, String constraintUrl) {
|
|
||||||
DeploymentInfo di = createDeploymentInfo(name, contextPath, servletClass);
|
|
||||||
if (null == keycloakConfigResolver) {
|
|
||||||
di.addInitParameter("keycloak.config.file", adapterConfigPath);
|
|
||||||
} else {
|
|
||||||
di.addInitParameter("keycloak.config.resolver", keycloakConfigResolver.getCanonicalName());
|
|
||||||
}
|
|
||||||
if (isConstrained) {
|
|
||||||
SecurityConstraint constraint = new SecurityConstraint();
|
|
||||||
WebResourceCollection collection = new WebResourceCollection();
|
|
||||||
collection.addUrlPattern(constraintUrl);
|
|
||||||
constraint.addWebResourceCollection(collection);
|
|
||||||
constraint.addRoleAllowed(role);
|
|
||||||
di.addSecurityConstraint(constraint);
|
|
||||||
}
|
|
||||||
LoginConfig loginConfig = new LoginConfig("KEYCLOAK", "demo", null, "/error.html");
|
|
||||||
di.setLoginConfig(loginConfig);
|
|
||||||
addErrorPage(di);
|
|
||||||
|
|
||||||
server.getServer().deploy(di);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public void addErrorPage(DeploymentInfo di) {
|
public void addErrorPage(DeploymentInfo di) {
|
||||||
|
@ -302,4 +271,85 @@ public abstract class AbstractKeycloakRule extends ExternalResource {
|
||||||
return new String[]{"test", "demo"};
|
return new String[]{"test", "demo"};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public class DeploymentBuilder {
|
||||||
|
|
||||||
|
private String name;
|
||||||
|
private String contextPath;
|
||||||
|
private Class<? extends Servlet> servletClass;
|
||||||
|
private String adapterConfigPath;
|
||||||
|
private String role;
|
||||||
|
private boolean isConstrained = true;
|
||||||
|
private Class<? extends KeycloakConfigResolver> keycloakConfigResolver;
|
||||||
|
private String constraintUrl = "/*";
|
||||||
|
private String errorPage = "/error.html";
|
||||||
|
|
||||||
|
public DeploymentBuilder name(String name) {
|
||||||
|
this.name = name;
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
public DeploymentBuilder contextPath(String contextPath) {
|
||||||
|
this.contextPath = contextPath;
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
public DeploymentBuilder servletClass(Class<? extends Servlet> servletClass) {
|
||||||
|
this.servletClass = servletClass;
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
public DeploymentBuilder adapterConfigPath(String adapterConfigPath) {
|
||||||
|
this.adapterConfigPath = adapterConfigPath;
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
public DeploymentBuilder role(String role) {
|
||||||
|
this.role = role;
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
public DeploymentBuilder isConstrained(boolean isConstrained) {
|
||||||
|
this.isConstrained = isConstrained;
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
public DeploymentBuilder keycloakConfigResolver(Class<? extends KeycloakConfigResolver> keycloakConfigResolver) {
|
||||||
|
this.keycloakConfigResolver = keycloakConfigResolver;
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
public DeploymentBuilder constraintUrl(String constraintUrl) {
|
||||||
|
this.constraintUrl = constraintUrl;
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
public DeploymentBuilder errorPage(String errorPage) {
|
||||||
|
this.errorPage = errorPage;
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void deployApplication() {
|
||||||
|
DeploymentInfo di = createDeploymentInfo(name, contextPath, servletClass);
|
||||||
|
if (null == keycloakConfigResolver) {
|
||||||
|
di.addInitParameter("keycloak.config.file", adapterConfigPath);
|
||||||
|
} else {
|
||||||
|
di.addInitParameter("keycloak.config.resolver", keycloakConfigResolver.getCanonicalName());
|
||||||
|
}
|
||||||
|
if (isConstrained) {
|
||||||
|
SecurityConstraint constraint = new SecurityConstraint();
|
||||||
|
WebResourceCollection collection = new WebResourceCollection();
|
||||||
|
collection.addUrlPattern(constraintUrl);
|
||||||
|
constraint.addWebResourceCollection(collection);
|
||||||
|
constraint.addRoleAllowed(role);
|
||||||
|
di.addSecurityConstraint(constraint);
|
||||||
|
}
|
||||||
|
LoginConfig loginConfig = new LoginConfig("KEYCLOAK", "demo", null, errorPage);
|
||||||
|
di.setLoginConfig(loginConfig);
|
||||||
|
addErrorPage(di);
|
||||||
|
|
||||||
|
server.getServer().deploy(di);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -66,6 +66,7 @@ public class Jetty8Test {
|
||||||
File base = new File(dir.getFile()).getParentFile();
|
File base = new File(dir.getFile()).getParentFile();
|
||||||
list.add(new WebAppContext(new File(base, "customer-portal").toString(), "/customer-portal"));
|
list.add(new WebAppContext(new File(base, "customer-portal").toString(), "/customer-portal"));
|
||||||
list.add(new WebAppContext(new File(base, "customer-db").toString(), "/customer-db"));
|
list.add(new WebAppContext(new File(base, "customer-db").toString(), "/customer-db"));
|
||||||
|
list.add(new WebAppContext(new File(base, "customer-db-error-page").toString(), "/customer-db-error-page"));
|
||||||
list.add(new WebAppContext(new File(base, "product-portal").toString(), "/product-portal"));
|
list.add(new WebAppContext(new File(base, "product-portal").toString(), "/product-portal"));
|
||||||
list.add(new WebAppContext(new File(base, "session-portal").toString(), "/session-portal"));
|
list.add(new WebAppContext(new File(base, "session-portal").toString(), "/session-portal"));
|
||||||
list.add(new WebAppContext(new File(base, "input-portal").toString(), "/input-portal"));
|
list.add(new WebAppContext(new File(base, "input-portal").toString(), "/input-portal"));
|
||||||
|
@ -131,6 +132,15 @@ public class Jetty8Test {
|
||||||
testStrategy.testNullBearerToken();
|
testStrategy.testNullBearerToken();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* KEYCLOAK-1368
|
||||||
|
* @throws Exception
|
||||||
|
*/
|
||||||
|
@Test
|
||||||
|
public void testNullBearerTokenCustomErrorPage() throws Exception {
|
||||||
|
testStrategy.testNullBearerTokenCustomErrorPage();
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* KEYCLOAK-518
|
* KEYCLOAK-518
|
||||||
* @throws Exception
|
* @throws Exception
|
||||||
|
|
|
@ -0,0 +1,29 @@
|
||||||
|
<?xml version="1.0"?>
|
||||||
|
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
|
||||||
|
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
|
||||||
|
<Get name="securityHandler">
|
||||||
|
<Set name="authenticator">
|
||||||
|
<New class="org.keycloak.adapters.jetty.KeycloakJettyAuthenticator">
|
||||||
|
<!--
|
||||||
|
<Set name="adapterConfig">
|
||||||
|
<New class="org.keycloak.representations.adapters.config.AdapterConfig">
|
||||||
|
<Set name="realm">tomcat</Set>
|
||||||
|
<Set name="resource">customer-portal</Set>
|
||||||
|
<Set name="authServerUrl">http://localhost:8081/auth</Set>
|
||||||
|
<Set name="sslRequired">external</Set>
|
||||||
|
<Set name="credentials">
|
||||||
|
<Map>
|
||||||
|
<Entry>
|
||||||
|
<Item>secret</Item>
|
||||||
|
<Item>password</Item>
|
||||||
|
</Entry>
|
||||||
|
</Map>
|
||||||
|
</Set>
|
||||||
|
<Set name="realmKey">MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB</Set>
|
||||||
|
</New>
|
||||||
|
</Set>
|
||||||
|
-->
|
||||||
|
</New>
|
||||||
|
</Set>
|
||||||
|
</Get>
|
||||||
|
</Configure>
|
|
@ -0,0 +1,10 @@
|
||||||
|
{
|
||||||
|
"realm" : "demo",
|
||||||
|
"resource" : "customer-db",
|
||||||
|
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
||||||
|
"auth-server-url": "http://localhost:8081/auth",
|
||||||
|
"ssl-required" : "external",
|
||||||
|
"bearer-only" : true,
|
||||||
|
"enable-cors" : true
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,59 @@
|
||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
|
||||||
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||||
|
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
|
||||||
|
version="3.0">
|
||||||
|
|
||||||
|
<module-name>adapter-test</module-name>
|
||||||
|
|
||||||
|
<servlet>
|
||||||
|
<servlet-name>Servlet</servlet-name>
|
||||||
|
<servlet-class>org.keycloak.testsuite.adapter.CustomerDatabaseServlet</servlet-class>
|
||||||
|
</servlet>
|
||||||
|
<servlet>
|
||||||
|
<servlet-name>Error Servlet</servlet-name>
|
||||||
|
<servlet-class>org.keycloak.testsuite.rule.ErrorServlet</servlet-class>
|
||||||
|
</servlet>
|
||||||
|
|
||||||
|
<servlet-mapping>
|
||||||
|
<servlet-name>Servlet</servlet-name>
|
||||||
|
<url-pattern>/*</url-pattern>
|
||||||
|
</servlet-mapping>
|
||||||
|
|
||||||
|
<servlet-mapping>
|
||||||
|
<servlet-name>Error Servlet</servlet-name>
|
||||||
|
<url-pattern>/error.html</url-pattern>
|
||||||
|
</servlet-mapping>
|
||||||
|
|
||||||
|
<security-constraint>
|
||||||
|
<web-resource-collection>
|
||||||
|
<web-resource-name>Users</web-resource-name>
|
||||||
|
<url-pattern>/*</url-pattern>
|
||||||
|
</web-resource-collection>
|
||||||
|
<auth-constraint>
|
||||||
|
<role-name>user</role-name>
|
||||||
|
</auth-constraint>
|
||||||
|
</security-constraint>
|
||||||
|
<security-constraint>
|
||||||
|
<web-resource-collection>
|
||||||
|
<web-resource-name>Errors</web-resource-name>
|
||||||
|
<url-pattern>/error.html</url-pattern>
|
||||||
|
</web-resource-collection>
|
||||||
|
</security-constraint>
|
||||||
|
|
||||||
|
<login-config>
|
||||||
|
<auth-method>FORM</auth-method>
|
||||||
|
<realm-name>demo</realm-name>
|
||||||
|
<form-login-config>
|
||||||
|
<form-login-page>/error.html</form-login-page>
|
||||||
|
<form-error-page>/error.html</form-error-page>
|
||||||
|
</form-login-config>
|
||||||
|
</login-config>
|
||||||
|
|
||||||
|
<security-role>
|
||||||
|
<role-name>admin</role-name>
|
||||||
|
</security-role>
|
||||||
|
<security-role>
|
||||||
|
<role-name>user</role-name>
|
||||||
|
</security-role>
|
||||||
|
</web-app>
|
|
@ -66,6 +66,7 @@ public class Jetty9Test {
|
||||||
File base = new File(dir.getFile()).getParentFile();
|
File base = new File(dir.getFile()).getParentFile();
|
||||||
list.add(new WebAppContext(new File(base, "customer-portal").toString(), "/customer-portal"));
|
list.add(new WebAppContext(new File(base, "customer-portal").toString(), "/customer-portal"));
|
||||||
list.add(new WebAppContext(new File(base, "customer-db").toString(), "/customer-db"));
|
list.add(new WebAppContext(new File(base, "customer-db").toString(), "/customer-db"));
|
||||||
|
list.add(new WebAppContext(new File(base, "customer-db-error-page").toString(), "/customer-db-error-page"));
|
||||||
list.add(new WebAppContext(new File(base, "product-portal").toString(), "/product-portal"));
|
list.add(new WebAppContext(new File(base, "product-portal").toString(), "/product-portal"));
|
||||||
list.add(new WebAppContext(new File(base, "session-portal").toString(), "/session-portal"));
|
list.add(new WebAppContext(new File(base, "session-portal").toString(), "/session-portal"));
|
||||||
list.add(new WebAppContext(new File(base, "input-portal").toString(), "/input-portal"));
|
list.add(new WebAppContext(new File(base, "input-portal").toString(), "/input-portal"));
|
||||||
|
@ -131,6 +132,15 @@ public class Jetty9Test {
|
||||||
testStrategy.testNullBearerToken();
|
testStrategy.testNullBearerToken();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* KEYCLOAK-1368
|
||||||
|
* @throws Exception
|
||||||
|
*/
|
||||||
|
@Test
|
||||||
|
public void testNullBearerTokenCustomErrorPage() throws Exception {
|
||||||
|
testStrategy.testNullBearerTokenCustomErrorPage();
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* KEYCLOAK-518
|
* KEYCLOAK-518
|
||||||
* @throws Exception
|
* @throws Exception
|
||||||
|
|
|
@ -0,0 +1,29 @@
|
||||||
|
<?xml version="1.0"?>
|
||||||
|
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
|
||||||
|
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
|
||||||
|
<Get name="securityHandler">
|
||||||
|
<Set name="authenticator">
|
||||||
|
<New class="org.keycloak.adapters.jetty.KeycloakJettyAuthenticator">
|
||||||
|
<!--
|
||||||
|
<Set name="adapterConfig">
|
||||||
|
<New class="org.keycloak.representations.adapters.config.AdapterConfig">
|
||||||
|
<Set name="realm">tomcat</Set>
|
||||||
|
<Set name="resource">customer-portal</Set>
|
||||||
|
<Set name="authServerUrl">http://localhost:8081/auth</Set>
|
||||||
|
<Set name="sslRequired">external</Set>
|
||||||
|
<Set name="credentials">
|
||||||
|
<Map>
|
||||||
|
<Entry>
|
||||||
|
<Item>secret</Item>
|
||||||
|
<Item>password</Item>
|
||||||
|
</Entry>
|
||||||
|
</Map>
|
||||||
|
</Set>
|
||||||
|
<Set name="realmKey">MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB</Set>
|
||||||
|
</New>
|
||||||
|
</Set>
|
||||||
|
-->
|
||||||
|
</New>
|
||||||
|
</Set>
|
||||||
|
</Get>
|
||||||
|
</Configure>
|
|
@ -0,0 +1,10 @@
|
||||||
|
{
|
||||||
|
"realm" : "demo",
|
||||||
|
"resource" : "customer-db",
|
||||||
|
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
||||||
|
"auth-server-url": "http://localhost:8081/auth",
|
||||||
|
"ssl-required" : "external",
|
||||||
|
"bearer-only" : true,
|
||||||
|
"enable-cors" : true
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,59 @@
|
||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
|
||||||
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||||
|
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
|
||||||
|
version="3.0">
|
||||||
|
|
||||||
|
<module-name>adapter-test</module-name>
|
||||||
|
|
||||||
|
<servlet>
|
||||||
|
<servlet-name>Servlet</servlet-name>
|
||||||
|
<servlet-class>org.keycloak.testsuite.adapter.CustomerDatabaseServlet</servlet-class>
|
||||||
|
</servlet>
|
||||||
|
<servlet>
|
||||||
|
<servlet-name>Error Servlet</servlet-name>
|
||||||
|
<servlet-class>org.keycloak.testsuite.rule.ErrorServlet</servlet-class>
|
||||||
|
</servlet>
|
||||||
|
|
||||||
|
<servlet-mapping>
|
||||||
|
<servlet-name>Servlet</servlet-name>
|
||||||
|
<url-pattern>/*</url-pattern>
|
||||||
|
</servlet-mapping>
|
||||||
|
|
||||||
|
<servlet-mapping>
|
||||||
|
<servlet-name>Error Servlet</servlet-name>
|
||||||
|
<url-pattern>/error.html</url-pattern>
|
||||||
|
</servlet-mapping>
|
||||||
|
|
||||||
|
<security-constraint>
|
||||||
|
<web-resource-collection>
|
||||||
|
<web-resource-name>Users</web-resource-name>
|
||||||
|
<url-pattern>/*</url-pattern>
|
||||||
|
</web-resource-collection>
|
||||||
|
<auth-constraint>
|
||||||
|
<role-name>user</role-name>
|
||||||
|
</auth-constraint>
|
||||||
|
</security-constraint>
|
||||||
|
<security-constraint>
|
||||||
|
<web-resource-collection>
|
||||||
|
<web-resource-name>Errors</web-resource-name>
|
||||||
|
<url-pattern>/error.html</url-pattern>
|
||||||
|
</web-resource-collection>
|
||||||
|
</security-constraint>
|
||||||
|
|
||||||
|
<login-config>
|
||||||
|
<auth-method>FORM</auth-method>
|
||||||
|
<realm-name>demo</realm-name>
|
||||||
|
<form-login-config>
|
||||||
|
<form-login-page>/error.html</form-login-page>
|
||||||
|
<form-error-page>/error.html</form-error-page>
|
||||||
|
</form-login-config>
|
||||||
|
</login-config>
|
||||||
|
|
||||||
|
<security-role>
|
||||||
|
<role-name>admin</role-name>
|
||||||
|
</security-role>
|
||||||
|
<security-role>
|
||||||
|
<role-name>user</role-name>
|
||||||
|
</security-role>
|
||||||
|
</web-app>
|
|
@ -66,6 +66,7 @@ public class Jetty9Test {
|
||||||
File base = new File(dir.getFile()).getParentFile();
|
File base = new File(dir.getFile()).getParentFile();
|
||||||
list.add(new WebAppContext(new File(base, "customer-portal").toString(), "/customer-portal"));
|
list.add(new WebAppContext(new File(base, "customer-portal").toString(), "/customer-portal"));
|
||||||
list.add(new WebAppContext(new File(base, "customer-db").toString(), "/customer-db"));
|
list.add(new WebAppContext(new File(base, "customer-db").toString(), "/customer-db"));
|
||||||
|
list.add(new WebAppContext(new File(base, "customer-db-error-page").toString(), "/customer-db-error-page"));
|
||||||
list.add(new WebAppContext(new File(base, "product-portal").toString(), "/product-portal"));
|
list.add(new WebAppContext(new File(base, "product-portal").toString(), "/product-portal"));
|
||||||
list.add(new WebAppContext(new File(base, "session-portal").toString(), "/session-portal"));
|
list.add(new WebAppContext(new File(base, "session-portal").toString(), "/session-portal"));
|
||||||
list.add(new WebAppContext(new File(base, "input-portal").toString(), "/input-portal"));
|
list.add(new WebAppContext(new File(base, "input-portal").toString(), "/input-portal"));
|
||||||
|
@ -131,6 +132,15 @@ public class Jetty9Test {
|
||||||
testStrategy.testNullBearerToken();
|
testStrategy.testNullBearerToken();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* KEYCLOAK-1368
|
||||||
|
* @throws Exception
|
||||||
|
*/
|
||||||
|
@Test
|
||||||
|
public void testNullBearerTokenCustomErrorPage() throws Exception {
|
||||||
|
testStrategy.testNullBearerTokenCustomErrorPage();
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* KEYCLOAK-518
|
* KEYCLOAK-518
|
||||||
* @throws Exception
|
* @throws Exception
|
||||||
|
|
|
@ -0,0 +1,29 @@
|
||||||
|
<?xml version="1.0"?>
|
||||||
|
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
|
||||||
|
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
|
||||||
|
<Get name="securityHandler">
|
||||||
|
<Set name="authenticator">
|
||||||
|
<New class="org.keycloak.adapters.jetty.KeycloakJettyAuthenticator">
|
||||||
|
<!--
|
||||||
|
<Set name="adapterConfig">
|
||||||
|
<New class="org.keycloak.representations.adapters.config.AdapterConfig">
|
||||||
|
<Set name="realm">tomcat</Set>
|
||||||
|
<Set name="resource">customer-portal</Set>
|
||||||
|
<Set name="authServerUrl">http://localhost:8081/auth</Set>
|
||||||
|
<Set name="sslRequired">external</Set>
|
||||||
|
<Set name="credentials">
|
||||||
|
<Map>
|
||||||
|
<Entry>
|
||||||
|
<Item>secret</Item>
|
||||||
|
<Item>password</Item>
|
||||||
|
</Entry>
|
||||||
|
</Map>
|
||||||
|
</Set>
|
||||||
|
<Set name="realmKey">MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB</Set>
|
||||||
|
</New>
|
||||||
|
</Set>
|
||||||
|
-->
|
||||||
|
</New>
|
||||||
|
</Set>
|
||||||
|
</Get>
|
||||||
|
</Configure>
|
|
@ -0,0 +1,10 @@
|
||||||
|
{
|
||||||
|
"realm" : "demo",
|
||||||
|
"resource" : "customer-db",
|
||||||
|
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
||||||
|
"auth-server-url": "http://localhost:8081/auth",
|
||||||
|
"ssl-required" : "external",
|
||||||
|
"bearer-only" : true,
|
||||||
|
"enable-cors" : true
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,59 @@
|
||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
|
||||||
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||||
|
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
|
||||||
|
version="3.0">
|
||||||
|
|
||||||
|
<module-name>adapter-test</module-name>
|
||||||
|
|
||||||
|
<servlet>
|
||||||
|
<servlet-name>Servlet</servlet-name>
|
||||||
|
<servlet-class>org.keycloak.testsuite.adapter.CustomerDatabaseServlet</servlet-class>
|
||||||
|
</servlet>
|
||||||
|
<servlet>
|
||||||
|
<servlet-name>Error Servlet</servlet-name>
|
||||||
|
<servlet-class>org.keycloak.testsuite.rule.ErrorServlet</servlet-class>
|
||||||
|
</servlet>
|
||||||
|
|
||||||
|
<servlet-mapping>
|
||||||
|
<servlet-name>Servlet</servlet-name>
|
||||||
|
<url-pattern>/*</url-pattern>
|
||||||
|
</servlet-mapping>
|
||||||
|
|
||||||
|
<servlet-mapping>
|
||||||
|
<servlet-name>Error Servlet</servlet-name>
|
||||||
|
<url-pattern>/error.html</url-pattern>
|
||||||
|
</servlet-mapping>
|
||||||
|
|
||||||
|
<security-constraint>
|
||||||
|
<web-resource-collection>
|
||||||
|
<web-resource-name>Users</web-resource-name>
|
||||||
|
<url-pattern>/*</url-pattern>
|
||||||
|
</web-resource-collection>
|
||||||
|
<auth-constraint>
|
||||||
|
<role-name>user</role-name>
|
||||||
|
</auth-constraint>
|
||||||
|
</security-constraint>
|
||||||
|
<security-constraint>
|
||||||
|
<web-resource-collection>
|
||||||
|
<web-resource-name>Errors</web-resource-name>
|
||||||
|
<url-pattern>/error.html</url-pattern>
|
||||||
|
</web-resource-collection>
|
||||||
|
</security-constraint>
|
||||||
|
|
||||||
|
<login-config>
|
||||||
|
<auth-method>FORM</auth-method>
|
||||||
|
<realm-name>demo</realm-name>
|
||||||
|
<form-login-config>
|
||||||
|
<form-login-page>/error.html</form-login-page>
|
||||||
|
<form-error-page>/error.html</form-error-page>
|
||||||
|
</form-login-config>
|
||||||
|
</login-config>
|
||||||
|
|
||||||
|
<security-role>
|
||||||
|
<role-name>admin</role-name>
|
||||||
|
</security-role>
|
||||||
|
<security-role>
|
||||||
|
<role-name>user</role-name>
|
||||||
|
</security-role>
|
||||||
|
</web-app>
|
|
@ -60,6 +60,7 @@ public class TomcatTest {
|
||||||
System.setProperty("my.host.name", "localhost");
|
System.setProperty("my.host.name", "localhost");
|
||||||
tomcat.deploy("/customer-portal", "customer-portal");
|
tomcat.deploy("/customer-portal", "customer-portal");
|
||||||
tomcat.deploy("/customer-db", "customer-db");
|
tomcat.deploy("/customer-db", "customer-db");
|
||||||
|
tomcat.deploy("/customer-db-error-page", "customer-db-error-page");
|
||||||
tomcat.deploy("/product-portal", "product-portal");
|
tomcat.deploy("/product-portal", "product-portal");
|
||||||
tomcat.deploy("/secure-portal", "secure-portal");
|
tomcat.deploy("/secure-portal", "secure-portal");
|
||||||
tomcat.deploy("/session-portal", "session-portal");
|
tomcat.deploy("/session-portal", "session-portal");
|
||||||
|
@ -119,6 +120,15 @@ public class TomcatTest {
|
||||||
testStrategy.testNullBearerToken();
|
testStrategy.testNullBearerToken();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* KEYCLOAK-1368
|
||||||
|
* @throws Exception
|
||||||
|
*/
|
||||||
|
@Test
|
||||||
|
public void testNullBearerTokenCustomErrorPage() throws Exception {
|
||||||
|
testStrategy.testNullBearerTokenCustomErrorPage();
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* KEYCLOAK-518
|
* KEYCLOAK-518
|
||||||
* @throws Exception
|
* @throws Exception
|
||||||
|
|
|
@ -0,0 +1,3 @@
|
||||||
|
<Context path="/customer-db-error-page">
|
||||||
|
<Valve className="org.keycloak.adapters.tomcat.KeycloakAuthenticatorValve"/>
|
||||||
|
</Context>
|
|
@ -0,0 +1,10 @@
|
||||||
|
{
|
||||||
|
"realm" : "demo",
|
||||||
|
"resource" : "customer-db",
|
||||||
|
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
||||||
|
"auth-server-url": "http://localhost:8081/auth",
|
||||||
|
"ssl-required" : "external",
|
||||||
|
"bearer-only" : true,
|
||||||
|
"enable-cors" : true
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,59 @@
|
||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
|
||||||
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||||
|
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
|
||||||
|
version="3.0">
|
||||||
|
|
||||||
|
<module-name>adapter-test</module-name>
|
||||||
|
|
||||||
|
<servlet>
|
||||||
|
<servlet-name>Servlet</servlet-name>
|
||||||
|
<servlet-class>org.keycloak.testsuite.adapter.CustomerDatabaseServlet</servlet-class>
|
||||||
|
</servlet>
|
||||||
|
<servlet>
|
||||||
|
<servlet-name>Error Servlet</servlet-name>
|
||||||
|
<servlet-class>org.keycloak.testsuite.rule.ErrorServlet</servlet-class>
|
||||||
|
</servlet>
|
||||||
|
|
||||||
|
<servlet-mapping>
|
||||||
|
<servlet-name>Servlet</servlet-name>
|
||||||
|
<url-pattern>/*</url-pattern>
|
||||||
|
</servlet-mapping>
|
||||||
|
|
||||||
|
<servlet-mapping>
|
||||||
|
<servlet-name>Error Servlet</servlet-name>
|
||||||
|
<url-pattern>/error.html</url-pattern>
|
||||||
|
</servlet-mapping>
|
||||||
|
|
||||||
|
<security-constraint>
|
||||||
|
<web-resource-collection>
|
||||||
|
<web-resource-name>Users</web-resource-name>
|
||||||
|
<url-pattern>/*</url-pattern>
|
||||||
|
</web-resource-collection>
|
||||||
|
<auth-constraint>
|
||||||
|
<role-name>user</role-name>
|
||||||
|
</auth-constraint>
|
||||||
|
</security-constraint>
|
||||||
|
<security-constraint>
|
||||||
|
<web-resource-collection>
|
||||||
|
<web-resource-name>Errors</web-resource-name>
|
||||||
|
<url-pattern>/error.html</url-pattern>
|
||||||
|
</web-resource-collection>
|
||||||
|
</security-constraint>
|
||||||
|
|
||||||
|
<login-config>
|
||||||
|
<auth-method>BASIC</auth-method>
|
||||||
|
<realm-name>demo</realm-name>
|
||||||
|
<form-login-config>
|
||||||
|
<form-login-page>/error.html</form-login-page>
|
||||||
|
<form-error-page>/error.html</form-error-page>
|
||||||
|
</form-login-config>
|
||||||
|
</login-config>
|
||||||
|
|
||||||
|
<security-role>
|
||||||
|
<role-name>admin</role-name>
|
||||||
|
</security-role>
|
||||||
|
<security-role>
|
||||||
|
<role-name>user</role-name>
|
||||||
|
</security-role>
|
||||||
|
</web-app>
|
|
@ -65,6 +65,7 @@ public class Tomcat7Test {
|
||||||
File base = new File(dir.getFile()).getParentFile();
|
File base = new File(dir.getFile()).getParentFile();
|
||||||
tomcat.addWebapp("/customer-portal", new File(base, "customer-portal").toString());
|
tomcat.addWebapp("/customer-portal", new File(base, "customer-portal").toString());
|
||||||
tomcat.addWebapp("/customer-db", new File(base, "customer-db").toString());
|
tomcat.addWebapp("/customer-db", new File(base, "customer-db").toString());
|
||||||
|
tomcat.addWebapp("/customer-db-error-page", new File(base, "customer-db-error-page").toString());
|
||||||
tomcat.addWebapp("/product-portal", new File(base, "product-portal").toString());
|
tomcat.addWebapp("/product-portal", new File(base, "product-portal").toString());
|
||||||
tomcat.addWebapp("/secure-portal", new File(base, "secure-portal").toString());
|
tomcat.addWebapp("/secure-portal", new File(base, "secure-portal").toString());
|
||||||
tomcat.addWebapp("/session-portal", new File(base, "session-portal").toString());
|
tomcat.addWebapp("/session-portal", new File(base, "session-portal").toString());
|
||||||
|
@ -124,6 +125,16 @@ public class Tomcat7Test {
|
||||||
testStrategy.testNullBearerToken();
|
testStrategy.testNullBearerToken();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* KEYCLOAK-1368
|
||||||
|
* @throws Exception
|
||||||
|
*/
|
||||||
|
@Test
|
||||||
|
public void testNullBearerTokenCustomErrorPage() throws Exception {
|
||||||
|
testStrategy.testNullBearerTokenCustomErrorPage();
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* KEYCLOAK-518
|
* KEYCLOAK-518
|
||||||
* @throws Exception
|
* @throws Exception
|
||||||
|
|
|
@ -0,0 +1,3 @@
|
||||||
|
<Context path="/customer-db-error-page">
|
||||||
|
<Valve className="org.keycloak.adapters.tomcat.KeycloakAuthenticatorValve"/>
|
||||||
|
</Context>
|
|
@ -0,0 +1,10 @@
|
||||||
|
{
|
||||||
|
"realm" : "demo",
|
||||||
|
"resource" : "customer-db",
|
||||||
|
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
||||||
|
"auth-server-url": "http://localhost:8081/auth",
|
||||||
|
"ssl-required" : "external",
|
||||||
|
"bearer-only" : true,
|
||||||
|
"enable-cors" : true
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,59 @@
|
||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
|
||||||
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||||
|
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
|
||||||
|
version="3.0">
|
||||||
|
|
||||||
|
<module-name>adapter-test</module-name>
|
||||||
|
|
||||||
|
<servlet>
|
||||||
|
<servlet-name>Servlet</servlet-name>
|
||||||
|
<servlet-class>org.keycloak.testsuite.adapter.CustomerDatabaseServlet</servlet-class>
|
||||||
|
</servlet>
|
||||||
|
<servlet>
|
||||||
|
<servlet-name>Error Servlet</servlet-name>
|
||||||
|
<servlet-class>org.keycloak.testsuite.rule.ErrorServlet</servlet-class>
|
||||||
|
</servlet>
|
||||||
|
|
||||||
|
<servlet-mapping>
|
||||||
|
<servlet-name>Servlet</servlet-name>
|
||||||
|
<url-pattern>/*</url-pattern>
|
||||||
|
</servlet-mapping>
|
||||||
|
|
||||||
|
<servlet-mapping>
|
||||||
|
<servlet-name>Error Servlet</servlet-name>
|
||||||
|
<url-pattern>/error.html</url-pattern>
|
||||||
|
</servlet-mapping>
|
||||||
|
|
||||||
|
<security-constraint>
|
||||||
|
<web-resource-collection>
|
||||||
|
<web-resource-name>Users</web-resource-name>
|
||||||
|
<url-pattern>/*</url-pattern>
|
||||||
|
</web-resource-collection>
|
||||||
|
<auth-constraint>
|
||||||
|
<role-name>user</role-name>
|
||||||
|
</auth-constraint>
|
||||||
|
</security-constraint>
|
||||||
|
<security-constraint>
|
||||||
|
<web-resource-collection>
|
||||||
|
<web-resource-name>Errors</web-resource-name>
|
||||||
|
<url-pattern>/error.html</url-pattern>
|
||||||
|
</web-resource-collection>
|
||||||
|
</security-constraint>
|
||||||
|
|
||||||
|
<login-config>
|
||||||
|
<auth-method>BASIC</auth-method>
|
||||||
|
<realm-name>demo</realm-name>
|
||||||
|
<form-login-config>
|
||||||
|
<form-login-page>/error.html</form-login-page>
|
||||||
|
<form-error-page>/error.html</form-error-page>
|
||||||
|
</form-login-config>
|
||||||
|
</login-config>
|
||||||
|
|
||||||
|
<security-role>
|
||||||
|
<role-name>admin</role-name>
|
||||||
|
</security-role>
|
||||||
|
<security-role>
|
||||||
|
<role-name>user</role-name>
|
||||||
|
</security-role>
|
||||||
|
</web-app>
|
|
@ -64,6 +64,7 @@ public class TomcatTest {
|
||||||
File base = new File(dir.getFile()).getParentFile();
|
File base = new File(dir.getFile()).getParentFile();
|
||||||
tomcat.addWebapp("/customer-portal", new File(base, "customer-portal").toString());
|
tomcat.addWebapp("/customer-portal", new File(base, "customer-portal").toString());
|
||||||
tomcat.addWebapp("/customer-db", new File(base, "customer-db").toString());
|
tomcat.addWebapp("/customer-db", new File(base, "customer-db").toString());
|
||||||
|
tomcat.addWebapp("/customer-db-error-page", new File(base, "customer-db-error-page").toString());
|
||||||
tomcat.addWebapp("/product-portal", new File(base, "product-portal").toString());
|
tomcat.addWebapp("/product-portal", new File(base, "product-portal").toString());
|
||||||
tomcat.addWebapp("/secure-portal", new File(base, "secure-portal").toString());
|
tomcat.addWebapp("/secure-portal", new File(base, "secure-portal").toString());
|
||||||
tomcat.addWebapp("/session-portal", new File(base, "session-portal").toString());
|
tomcat.addWebapp("/session-portal", new File(base, "session-portal").toString());
|
||||||
|
@ -124,6 +125,15 @@ public class TomcatTest {
|
||||||
testStrategy.testNullBearerToken();
|
testStrategy.testNullBearerToken();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* KEYCLOAK-1368
|
||||||
|
* @throws Exception
|
||||||
|
*/
|
||||||
|
@Test
|
||||||
|
public void testNullBearerTokenCustomErrorPage() throws Exception {
|
||||||
|
testStrategy.testNullBearerTokenCustomErrorPage();
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* KEYCLOAK-518
|
* KEYCLOAK-518
|
||||||
* @throws Exception
|
* @throws Exception
|
||||||
|
|
|
@ -0,0 +1,3 @@
|
||||||
|
<Context path="/customer-db-error-page">
|
||||||
|
<Valve className="org.keycloak.adapters.tomcat.KeycloakAuthenticatorValve"/>
|
||||||
|
</Context>
|
|
@ -0,0 +1,10 @@
|
||||||
|
{
|
||||||
|
"realm" : "demo",
|
||||||
|
"resource" : "customer-db",
|
||||||
|
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
||||||
|
"auth-server-url": "http://localhost:8081/auth",
|
||||||
|
"ssl-required" : "external",
|
||||||
|
"bearer-only" : true,
|
||||||
|
"enable-cors" : true
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,59 @@
|
||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
|
||||||
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||||
|
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
|
||||||
|
version="3.0">
|
||||||
|
|
||||||
|
<module-name>adapter-test</module-name>
|
||||||
|
|
||||||
|
<servlet>
|
||||||
|
<servlet-name>Servlet</servlet-name>
|
||||||
|
<servlet-class>org.keycloak.testsuite.adapter.CustomerDatabaseServlet</servlet-class>
|
||||||
|
</servlet>
|
||||||
|
<servlet>
|
||||||
|
<servlet-name>Error Servlet</servlet-name>
|
||||||
|
<servlet-class>org.keycloak.testsuite.rule.ErrorServlet</servlet-class>
|
||||||
|
</servlet>
|
||||||
|
|
||||||
|
<servlet-mapping>
|
||||||
|
<servlet-name>Servlet</servlet-name>
|
||||||
|
<url-pattern>/*</url-pattern>
|
||||||
|
</servlet-mapping>
|
||||||
|
|
||||||
|
<servlet-mapping>
|
||||||
|
<servlet-name>Error Servlet</servlet-name>
|
||||||
|
<url-pattern>/error.html</url-pattern>
|
||||||
|
</servlet-mapping>
|
||||||
|
|
||||||
|
<security-constraint>
|
||||||
|
<web-resource-collection>
|
||||||
|
<web-resource-name>Users</web-resource-name>
|
||||||
|
<url-pattern>/*</url-pattern>
|
||||||
|
</web-resource-collection>
|
||||||
|
<auth-constraint>
|
||||||
|
<role-name>user</role-name>
|
||||||
|
</auth-constraint>
|
||||||
|
</security-constraint>
|
||||||
|
<security-constraint>
|
||||||
|
<web-resource-collection>
|
||||||
|
<web-resource-name>Errors</web-resource-name>
|
||||||
|
<url-pattern>/error.html</url-pattern>
|
||||||
|
</web-resource-collection>
|
||||||
|
</security-constraint>
|
||||||
|
|
||||||
|
<login-config>
|
||||||
|
<auth-method>BASIC</auth-method>
|
||||||
|
<realm-name>demo</realm-name>
|
||||||
|
<form-login-config>
|
||||||
|
<form-login-page>/error.html</form-login-page>
|
||||||
|
<form-error-page>/error.html</form-error-page>
|
||||||
|
</form-login-config>
|
||||||
|
</login-config>
|
||||||
|
|
||||||
|
<security-role>
|
||||||
|
<role-name>admin</role-name>
|
||||||
|
</security-role>
|
||||||
|
<security-role>
|
||||||
|
<role-name>user</role-name>
|
||||||
|
</security-role>
|
||||||
|
</web-app>
|
Loading…
Reference in a new issue