Some minor changes to WildFly example README.md
This commit is contained in:
parent
739866de0c
commit
6146dd48f7
1 changed files with 18 additions and 21 deletions
|
@ -1,4 +1,4 @@
|
||||||
Login, Distributed SSO, Distributed Logout, and Oauth Token Grant Wildfly Examples
|
Login, Distributed SSO, Distributed Logout, and OAuth Token Grant Wildfly Examples
|
||||||
===================================
|
===================================
|
||||||
The following examples requires Wildfly 8.0.0. Here's the highlights of the examples
|
The following examples requires Wildfly 8.0.0. Here's the highlights of the examples
|
||||||
* Delegating authentication of a web app to the remote authentication server via OAuth 2 protocols
|
* Delegating authentication of a web app to the remote authentication server via OAuth 2 protocols
|
||||||
|
@ -7,12 +7,11 @@ The following examples requires Wildfly 8.0.0. Here's the highlights of the exa
|
||||||
* Bearer token authentication and authorization of JAX-RS services
|
* Bearer token authentication and authorization of JAX-RS services
|
||||||
* Obtaining bearer tokens via the OAuth2 protocol
|
* Obtaining bearer tokens via the OAuth2 protocol
|
||||||
|
|
||||||
There are multiple WAR projects. These all will run on the same jboss instance, but pretend each one is running on a different
|
There are multiple WAR projects. These will all run on the same WildFly instance, but pretend each one is running on a different
|
||||||
machine on the network or Internet.
|
machine on the network or Internet.
|
||||||
* **customer-app** A WAR applications that does remote login using OAUTH2 browser redirects with the auth server
|
* **customer-app** A WAR application that does remote login using OAuth2 browser redirects with the auth server
|
||||||
* **product-app** A WAR applications that does remote login using OAUTH2 browser redirects with the auth server
|
* **product-app** A WAR application that does remote login using OAuth2 browser redirects with the auth server
|
||||||
* **database-service** JAX-RS services authenticated by bearer tokens only. The customer and product app invoke on it
|
* **database-service** JAX-RS services authenticated by bearer tokens only. The customer and product app invoke on it to get data
|
||||||
to get data
|
|
||||||
* **third-party** Simple WAR that obtain a bearer token using OAuth2 using browser redirects to the auth-server.
|
* **third-party** Simple WAR that obtain a bearer token using OAuth2 using browser redirects to the auth-server.
|
||||||
|
|
||||||
The UI of each of these applications is very crude and exists just to show our OAuth2 implementation in action.
|
The UI of each of these applications is very crude and exists just to show our OAuth2 implementation in action.
|
||||||
|
@ -23,30 +22,31 @@ _This demo is meant to run on the same server instance as the Keycloak Server!_
|
||||||
Step 1: Make sure you've set up the Keycloak Server
|
Step 1: Make sure you've set up the Keycloak Server
|
||||||
--------------------------------------
|
--------------------------------------
|
||||||
If you've downloaded the Keycloak Appliance Distribution, there is already a Wildfly distro all set up for you. This
|
If you've downloaded the Keycloak Appliance Distribution, there is already a Wildfly distro all set up for you. This
|
||||||
Wildfly distro has the adapter jboss modules all installed as well as the keycloak server all set up.
|
Wildfly distro has the adapter jboss modules all installed as well as the Keycloak Server all set up.
|
||||||
|
|
||||||
If you want to install Keycloak Server and run the demo on an existing Wildfly instance:
|
If you want to install Keycloak Server and run the demo on an existing Wildfly instance:
|
||||||
|
|
||||||
Obtain latest keycloak-war-dist-all.zip. This distro is used to install keycloak onto an existing JBoss installation
|
Obtain latest keycloak-war-dist-all.zip. This distro is used to install keycloak onto an existing JBoss installation
|
||||||
|
|
||||||
$ cd ${jboss.home}/standalone
|
$ cd ${jboss.home}/standalone
|
||||||
$ cp -r ${keycloak-war-dist-all}/deployments .
|
$ cp -r ${keycloak-war-dist-all}/deployments .
|
||||||
|
|
||||||
To install the adapter:
|
To install the adapter:
|
||||||
$ cd ${jboss.home}
|
|
||||||
$ unzip ${keycloak-war-dist-al}/adapters/keycloak-wildfly-adapter-dist.zip
|
$ cd ${jboss.home}
|
||||||
|
$ unzip ${keycloak-war-dist-al}/adapters/keycloak-wildfly-adapter-dist.zip
|
||||||
|
|
||||||
Step 2: Boot Keycloak Server
|
Step 2: Boot Keycloak Server
|
||||||
---------------------------------------
|
---------------------------------------
|
||||||
Where you go to start up the Keycloak Server depends on which distro you installed.
|
Where you go to start up the Keycloak Server depends on which distro you installed.
|
||||||
|
|
||||||
$ ./standalone.sh
|
$ ./bin/standalone.sh
|
||||||
|
|
||||||
Step 3: Import the Test Realm
|
Step 3: Import the Test Realm
|
||||||
---------------------------------------
|
---------------------------------------
|
||||||
Next thing you have to do is import the test realm for the demo. Clicking on the below link will bring you to the
|
Next thing you have to do is import the test realm for the demo. Clicking on the below link will bring you to the
|
||||||
create realm page in the admin UI. The username/password is admin/admin to login in. Keycloak will ask you to
|
create realm page in the Admin UI. The username/password is admin/admin to login in. Keycloak will ask you to
|
||||||
create a new password admin password before you can go to the create realm page.
|
create a new admin password before you can go to the create realm page.
|
||||||
|
|
||||||
[http://localhost:8080/auth-server/admin/index.html#/create/realm](http://localhost:8080/auth-server/admin/index.html#/create/realm)
|
[http://localhost:8080/auth-server/admin/index.html#/create/realm](http://localhost:8080/auth-server/admin/index.html#/create/realm)
|
||||||
|
|
||||||
|
@ -63,13 +63,13 @@ next you must build and deploy
|
||||||
|
|
||||||
Step 5: Login and Observe Apps
|
Step 5: Login and Observe Apps
|
||||||
---------------------------------------
|
---------------------------------------
|
||||||
Try going to the customer app and viewing customer data:
|
Try going to the customer app and view customer data:
|
||||||
|
|
||||||
[http://localhost:8080/customer-portal/customers/view.jsp](http://localhost:8080/customer-portal/customers/view.jsp)
|
[http://localhost:8080/customer-portal/customers/view.jsp](http://localhost:8080/customer-portal/customers/view.jsp)
|
||||||
|
|
||||||
This should take you to the auth-server login screen. Enter username: bburke@redhat.com and password: password.
|
This should take you to the auth-server login screen. Enter username: bburke@redhat.com and password: password.
|
||||||
|
|
||||||
If you click on the products link, you'll be take to the products app and show a product listing. The redirects
|
If you click on the products link, you'll be taken to the products app and show a product listing. The redirects
|
||||||
are still happening, but the auth-server knows you are already logged in so the login is bypassed.
|
are still happening, but the auth-server knows you are already logged in so the login is bypassed.
|
||||||
|
|
||||||
If you click on the logout link of either of the product or customer app, you'll be logged out of all the applications.
|
If you click on the logout link of either of the product or customer app, you'll be logged out of all the applications.
|
||||||
|
@ -77,7 +77,7 @@ If you click on the logout link of either of the product or customer app, you'll
|
||||||
Step 6: Traditional OAuth2 Example
|
Step 6: Traditional OAuth2 Example
|
||||||
----------------------------------
|
----------------------------------
|
||||||
The customer and product apps are logins. The third-party app is the traditional OAuth2 usecase of a client wanting
|
The customer and product apps are logins. The third-party app is the traditional OAuth2 usecase of a client wanting
|
||||||
to get permission to access a user's data. To run this example
|
to get permission to access a user's data. To run this example open
|
||||||
|
|
||||||
[http://localhost:8080/oauth-client](http://localhost:8080/oauth-client)
|
[http://localhost:8080/oauth-client](http://localhost:8080/oauth-client)
|
||||||
|
|
||||||
|
@ -87,10 +87,7 @@ an oauth grant page. This page asks you if you want to grant certain permission
|
||||||
Admin Console
|
Admin Console
|
||||||
==========================
|
==========================
|
||||||
|
|
||||||
1. Login
|
[http://localhost:8080/auth-server/admin/index.html](http://localhost:8080/auth-server/admin/index.html)
|
||||||
|
|
||||||
Login:
|
|
||||||
[http://localhost:8080/auth-server/rest/saas/login](http://localhost:8080/auth-server/rest/saas/login)
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue