final jetty stuff

distribution/appliance-dist/assembly.xml

@@ -81,6 +81,8 @@
                 <include>org.keycloak:keycloak-as7-adapter-dist:zip</include>
                 <include>org.keycloak:keycloak-eap6-adapter-dist:zip</include>
                 <include>org.keycloak:keycloak-tomcat7-adapter-dist:zip</include>
+                <include>org.keycloak:keycloak-jetty91-adapter-dist:zip</include>
+                <include>org.keycloak:keycloak-jetty92-adapter-dist:zip</include>
             </includes>
             <outputDirectory>adapters</outputDirectory>
         </dependencySet>

distribution/appliance-dist/pom.xml

@@ -32,6 +32,18 @@
             <version>${project.version}</version>
             <type>zip</type>
         </dependency>
+        <dependency>
+            <groupId>org.keycloak</groupId>
+            <artifactId>keycloak-jetty91-adapter-dist</artifactId>
+            <version>${project.version}</version>
+            <type>zip</type>
+        </dependency>
+        <dependency>
+            <groupId>org.keycloak</groupId>
+            <artifactId>keycloak-jetty92-adapter-dist</artifactId>
+            <version>${project.version}</version>
+            <type>zip</type>
+        </dependency>
         <dependency>
             <groupId>org.keycloak</groupId>
             <artifactId>keycloak-eap6-adapter-dist</artifactId>

distribution/jetty91-adapter-zip/assembly.xml

@@ -25,8 +25,13 @@
             <useTransitiveDependencies>true</useTransitiveDependencies>
             <useTransitiveFiltering>true</useTransitiveFiltering>
             <includes>
-                <include>org.keycloak:keycloak-jetty9-adapter</include>
+                <include>org.keycloak:keycloak-jetty91-adapter</include>
             </includes>
+            <excludes>
+                <exclude>org.eclipse.jetty:jetty-server</exclude>
+                <exclude>org.eclipse.jetty:jetty-util</exclude>
+                <exclude>org.eclipse.jetty:jetty-security</exclude>
+            </excludes>
             <outputDirectory>lib/keycloak</outputDirectory>
         </dependencySet>
     </dependencySets>

distribution/jetty91-adapter-zip/pom.xml

@@ -8,15 +8,15 @@
         <relativePath>../../pom.xml</relativePath>
     </parent>
 
-    <artifactId>keycloak-jetty9-adapter-dist</artifactId>
+    <artifactId>keycloak-jetty91-adapter-dist</artifactId>
     <packaging>pom</packaging>
-    <name>Keycloak Jetty 9 Adapter Distro</name>
+    <name>Keycloak Jetty 9.1.x Adapter Distro</name>
     <description/>
 
     <dependencies>
         <dependency>
             <groupId>org.keycloak</groupId>
-            <artifactId>keycloak-jetty9-adapter</artifactId>
+            <artifactId>keycloak-jetty91-adapter</artifactId>
             <version>${project.version}</version>
         </dependency>
     </dependencies>

distribution/jetty92-adapter-zip/assembly.xml

@@ -0,0 +1,38 @@
+<assembly>
+    <id>war-dist</id>
+
+    <formats>
+        <format>zip</format>
+    </formats>
+    <includeBaseDirectory>false</includeBaseDirectory>
+
+    <fileSets>
+        <fileSet>
+            <directory></directory>
+            <includes>
+                <include>keycloak.mod</include>
+            </includes>
+            <outputDirectory>modules</outputDirectory>
+        </fileSet>
+        <fileSet>
+            <directory>${project.build.directory}/modules</directory>
+            <outputDirectory></outputDirectory>
+        </fileSet>
+    </fileSets>
+    <dependencySets>
+        <dependencySet>
+            <unpack>false</unpack>
+            <useTransitiveDependencies>true</useTransitiveDependencies>
+            <useTransitiveFiltering>true</useTransitiveFiltering>
+            <includes>
+                <include>org.keycloak:keycloak-jetty92-adapter</include>
+            </includes>
+            <excludes>
+                <exclude>org.eclipse.jetty:jetty-server</exclude>
+                <exclude>org.eclipse.jetty:jetty-util</exclude>
+                <exclude>org.eclipse.jetty:jetty-security</exclude>
+            </excludes>
+            <outputDirectory>lib/keycloak</outputDirectory>
+        </dependencySet>
+    </dependencySets>
+</assembly>

distribution/jetty92-adapter-zip/keycloak.mod

@@ -0,0 +1,11 @@
+#
+# Keycloak Jetty Adapter
+#
+
+[depend]
+server
+security
+
+[lib]
+lib/keycloak/*.jar
+

distribution/jetty92-adapter-zip/pom.xml

@@ -0,0 +1,53 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <parent>
+        <artifactId>keycloak-parent</artifactId>
+        <groupId>org.keycloak</groupId>
+        <version>1.1.0.Beta2-SNAPSHOT</version>
+        <relativePath>../../pom.xml</relativePath>
+    </parent>
+
+    <artifactId>keycloak-jetty92-adapter-dist</artifactId>
+    <packaging>pom</packaging>
+    <name>Keycloak Jetty 9.2.x Adapter Distro</name>
+    <description/>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.keycloak</groupId>
+            <artifactId>keycloak-jetty92-adapter</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+    </dependencies>
+    <build>
+        <plugins>
+            <plugin>
+                <artifactId>maven-assembly-plugin</artifactId>
+                <version>2.4</version>
+                <executions>
+                    <execution>
+                        <id>assemble</id>
+                        <phase>package</phase>
+                        <goals>
+                            <goal>single</goal>
+                        </goals>
+                        <configuration>
+                            <descriptors>
+                                <descriptor>assembly.xml</descriptor>
+                            </descriptors>
+                            <outputDirectory>
+                                target
+                            </outputDirectory>
+                            <workDirectory>
+                                target/assembly/work
+                            </workDirectory>
+                            <appendAssemblyId>false</appendAssemblyId>
+                        </configuration>
+                    </execution>
+                </executions>
+            </plugin>
+        </plugins>
+    </build>
+
+</project>

distribution/war-dist/assembly.xml

@@ -32,6 +32,8 @@
                 <include>org.keycloak:keycloak-as7-adapter-dist:zip</include>
                 <include>org.keycloak:keycloak-eap6-adapter-dist:zip</include>
                 <include>org.keycloak:keycloak-tomcat7-adapter-dist:zip</include>
+                <include>org.keycloak:keycloak-jetty91-adapter-dist:zip</include>
+                <include>org.keycloak:keycloak-jetty92-adapter-dist:zip</include>
             </includes>
             <outputDirectory>adapters</outputDirectory>
         </dependencySet>

distribution/war-dist/pom.xml

@@ -38,6 +38,18 @@
             <version>${project.version}</version>
             <type>zip</type>
         </dependency>
+        <dependency>
+            <groupId>org.keycloak</groupId>
+            <artifactId>keycloak-jetty91-adapter-dist</artifactId>
+            <version>${project.version}</version>
+            <type>zip</type>
+        </dependency>
+        <dependency>
+            <groupId>org.keycloak</groupId>
+            <artifactId>keycloak-jetty92-adapter-dist</artifactId>
+            <version>${project.version}</version>
+            <type>zip</type>
+        </dependency>
         <dependency>
             <groupId>org.keycloak</groupId>
             <artifactId>keycloak-example-themes-dist</artifactId>

docbook/reference/en/en-US/master.xml

@@ -12,6 +12,7 @@
                 <!ENTITY JBossAdapter SYSTEM "modules/jboss-adapter.xml">
                 <!ENTITY JavascriptAdapter SYSTEM "modules/javascript-adapter.xml">
                 <!ENTITY TomcatAdapter SYSTEM "modules/tomcat-adapter.xml">
+                <!ENTITY Jetty9Adapter SYSTEM "modules/jetty9-adapter.xml">
                 <!ENTITY InstalledApplications SYSTEM "modules/installed-applications.xml">
                 <!ENTITY Logout SYSTEM "modules/logout.xml">
                 <!ENTITY SAML SYSTEM "modules/saml.xml">
@@ -86,6 +87,7 @@ This one is short
         &AdapterConfig;
         &JBossAdapter;
         &TomcatAdapter;
+        &Jetty9Adapter;
         &JavascriptAdapter;
         &InstalledApplications;
         &Logout;

docbook/reference/en/en-US/modules/Overview.xml

@@ -98,7 +98,7 @@
                 Multitenancy support.  You can host and manage multiple realms for multiple organizations.
             </listitem>
             <listitem>
-                Supports JBoss AS7, EAP 6.x, Wildfly, Tomcat 7 and Pure JavaScript applications.  Plans to support Node.js, RAILS, GRAILS, and other non-Java deployments
+                Supports JBoss AS7, EAP 6.x, Wildfly, Tomcat 7, Jetty 9.1.x, Jetty 9.2.x, and Pure JavaScript applications.  Plans to support Node.js, RAILS, GRAILS, and other non-Java deployments
             </listitem>
         </itemizedlist>
     </para>

docbook/reference/en/en-US/modules/jetty9-adapter.xml

@@ -0,0 +1,159 @@
+<section id="jetty9-adapter">
+    <title>Jetty 9.x Adapters</title>
+    <para>
+        Keycloak has a separate adapter for Jetty 9.1.x and Jetty 9.2.x that you will have to install into your Jetty
+        installation.  You then have to provide some extra configuration in each WAR you deploy to
+        Jetty.  Let's go over these steps.
+    </para>
+    <section id="jetty9-adapter-installation">
+        <title>Adapter Installation</title>
+    <para>
+        There is a adapter zip file for Jetty 9.x in the <literal>adapters/</literal> directory in the Keycloak appliance
+        or war distribution.  Depending on your version of Jetty, you must unzip this file into Jetty's root directory.  Including
+        adapter's jars within your WEB-INF/lib directory will not work!
+    </para>
+    <para>
+<programlisting>
+$ cd $JETTY_HOME
+$ unzip keycloak-jetty92-adapter-dist.zip
+</programlisting>
+    </para>
+    <para>
+        Next, you will have to enable the keycloak module for your jetty.base.
+    </para>
+        <para>
+<programlisting>
+$ cd your-base
+$ java -jar $JETTY_HOME/start.jar --add-to-startd=keycloak
+</programlisting>
+
+        </para>
+    </section>
+
+    <section>
+        <title>Required Per WAR Configuration</title>
+        <para>
+            This section describes how to secure a WAR directly by adding config and editing files within your WAR package.
+        </para>
+        <para>
+            The first thing you must do is create a <literal>WEB-INF/jetty-web.xml</literal> file in your WAR package.  This is
+            a Jetty specific config file and you must define a Keycloak specific authenticator within it.
+        </para>
+        <programlisting>
+<![CDATA[
+<?xml version="1.0"?>
+<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
+<Configure class="org.eclipse.jetty.webapp.WebAppContext">
+    <Get name="securityHandler">
+        <Set name="authenticator">
+            <New class="org.keycloak.adapters.jetty.KeycloakJettyAuthenticator">
+            </New>
+        </Set>
+    </Get>
+</Configure>]]>
+        </programlisting>
+        <para>
+            Next you must create
+            a <literal>keycloak.json</literal> adapter config file within the <literal>WEB-INF</literal> directory
+            of your WAR.  The format of this config file is describe in the <link linkend='adapter-config'>general adapter configuration</link>
+            section.
+        </para>
+        <warning>
+            <para>
+                The Jetty 9.1.x adapter will not be able to find the <literal>keycloak.json</literal> file.  You will have to define
+                all adapter settings within the <literal>jetty-web.xml</literal> file as described below.
+            </para>
+        </warning>
+        <para>
+            Instead of using keycloak.json, you can define everything within the <literal>jetty-web.xml</literal>.  You'll
+            just have to figure out how the json settings match to the <literal>org.keycloak.representations.adapters.config.AdapterConfig</literal>
+            class.
+        </para>
+        <para>
+<programlisting>
+<![CDATA[
+<?xml version="1.0"?>
+<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
+<Configure class="org.eclipse.jetty.webapp.WebAppContext">
+  <Get name="securityHandler">
+    <Set name="authenticator">
+        <New class="org.keycloak.adapters.jetty.KeycloakJettyAuthenticator">
+            <Set name="adapterConfig">
+                <New class="org.keycloak.representations.adapters.config.AdapterConfig">
+                    <Set name="realm">tomcat</Set>
+                    <Set name="resource">customer-portal</Set>
+                    <Set name="authServerUrl">http://localhost:8081/auth</Set>
+                    <Set name="sslRequired">external</Set>
+                    <Set name="credentials">
+                        <Map>
+                            <Entry>
+                                <Item>secret</Item>
+                                <Item>password</Item>
+                            </Entry>
+                        </Map>
+                    </Set>
+                    <Set name="realmKey">MIGfMA0GCSqGSIb3DQEBAQUAA4</Set>
+                </New>
+            </Set>
+        </New>
+    </Set>
+  </Get>
+</Configure>
+]]>
+</programlisting>
+        </para>
+        <para>
+            You do not have to crack open your WAR to secure it with keycloak.  Instead create the jetty-web.xml file
+            in your webapps directory with the name of yourwar.xml.  Jetty should pick it up.  In this mode, you'll have
+            to declare keycloak.json configuration directly within the xml file.
+        </para>
+        <para>
+            Finally you must specify both a <literal>login-config</literal> and use standard servlet security to specify
+            role-base constraints on your URLs.  Here's an example:
+        </para>
+        <para>
+<programlisting>
+<![CDATA[
+<web-app xmlns="http://java.sun.com/xml/ns/javaee"
+      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+      xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
+      version="3.0">
+
+	<module-name>customer-portal</module-name>
+
+    <security-constraint>
+        <web-resource-collection>
+            <web-resource-name>Customers</web-resource-name>
+            <url-pattern>/*</url-pattern>
+        </web-resource-collection>
+        <auth-constraint>
+            <role-name>user</role-name>
+        </auth-constraint>
+    </security-constraint>
+
+    <security-constraint>
+        <web-resource-collection>
+            <url-pattern>/*</url-pattern>
+        </web-resource-collection>
+        <user-data-constraint>
+            <transport-guarantee>CONFIDENTIAL</transport-guarantee>
+        </user-data-constraint>
+    </security-constraint>
+
+    <login-config>
+        <auth-method>BASIC</auth-method>
+        <realm-name>this is ignored currently/realm-name>
+    </login-config>
+
+    <security-role>
+        <role-name>admin</role-name>
+    </security-role>
+    <security-role>
+        <role-name>user</role-name>
+    </security-role>
+</web-app>
+]]>
+</programlisting>
+        </para>
+    </section>
+</section>

integration/jetty/jetty9-core/pom.xml

@@ -9,10 +9,10 @@
 	</parent>
 	<modelVersion>4.0.0</modelVersion>
 
-	<artifactId>keycloak-jetty9-adapter</artifactId>
+	<artifactId>keycloak-jetty9-core</artifactId>
-	<name>Keycloak Jetty 9 Integration</name>
+	<name>Keycloak Jetty 9.x Core Integration</name>
     <properties>
-        <jetty9.version>9.2.4.v20141103</jetty9.version>
+        <jetty9.version>9.1.5.v20140505</jetty9.version>
     </properties>
 	<description />
 
@@ -32,11 +32,6 @@
 			<artifactId>keycloak-adapter-core</artifactId>
 			<version>${project.version}</version>
 		</dependency>
-		<dependency>
-			<groupId>org.keycloak</groupId>
-			<artifactId>keycloak-jboss-adapter-core</artifactId>
-			<version>${project.version}</version>
-		</dependency>
 		<dependency>
 			<groupId>org.apache.httpcomponents</groupId>
 			<artifactId>httpclient</artifactId>
@@ -66,42 +61,21 @@
             <groupId>org.eclipse.jetty</groupId>
             <artifactId>jetty-server</artifactId>
             <version>${jetty9.version}</version>
-            <scope>provided</scope>
+            <scope>compile</scope>
-        </dependency>
-
-        <dependency>
-            <groupId>org.eclipse.jetty</groupId>
-            <artifactId>jetty-jaas</artifactId>
-            <version>${jetty9.version}</version>
-            <scope>provided</scope>
         </dependency>
 
         <dependency>
             <groupId>org.eclipse.jetty</groupId>
             <artifactId>jetty-util</artifactId>
             <version>${jetty9.version}</version>
-            <scope>provided</scope>
+            <scope>compile</scope>
-        </dependency>
-
-        <dependency>
-            <groupId>org.eclipse.jetty</groupId>
-            <artifactId>jetty-webapp</artifactId>
-            <version>${jetty9.version}</version>
-            <scope>provided</scope>
         </dependency>
 
         <dependency>
             <groupId>org.eclipse.jetty</groupId>
             <artifactId>jetty-security</artifactId>
             <version>${jetty9.version}</version>
-            <scope>provided</scope>
+            <scope>compile</scope>
-        </dependency>
-
-        <dependency>
-            <groupId>org.eclipse.jetty</groupId>
-            <artifactId>jetty-servlet</artifactId>
-            <version>${jetty9.version}</version>
-            <scope>provided</scope>
         </dependency>
 
 		<dependency>

integration/jetty/jetty9-core/src/main/java/org/keycloak/adapters/jetty/AbstractJettyRequestAuthenticator.java

@@ -11,6 +11,7 @@ import org.keycloak.KeycloakPrincipal;
 import org.keycloak.KeycloakSecurityContext;
 import org.keycloak.adapters.AdapterTokenStore;
 import org.keycloak.adapters.AdapterUtils;
+import org.keycloak.adapters.HttpFacade;
 import org.keycloak.adapters.KeycloakAccount;
 import org.keycloak.adapters.KeycloakDeployment;
 import org.keycloak.adapters.OAuthRequestAuthenticator;
@@ -27,18 +28,14 @@ import java.util.Set;
  * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
  * @version $Revision: 1 $
  */
-public class JettyRequestAuthenticator extends RequestAuthenticator {
+public abstract class AbstractJettyRequestAuthenticator extends RequestAuthenticator {
-
+    protected static final Logger log = Logger.getLogger(AbstractJettyRequestAuthenticator.class);
-    private static final Logger log = Logger.getLogger(JettyRequestAuthenticator.class);
+    protected AbstractKeycloakJettyAuthenticator valve;
-    protected KeycloakJettyAuthenticator valve;
     protected Request request;
     protected KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal;
 
-    public JettyRequestAuthenticator(KeycloakDeployment deployment,
+    public AbstractJettyRequestAuthenticator(HttpFacade facade, KeycloakDeployment deployment, AdapterTokenStore tokenStore, int sslRedirectPort, AbstractKeycloakJettyAuthenticator valve, Request request) {
-                                     KeycloakJettyAuthenticator valve, AdapterTokenStore tokenStore,
+        super(facade, deployment, tokenStore, sslRedirectPort);
-                                     JettyHttpFacade facade,
-                                     Request request) {
-        super(facade, deployment, tokenStore, -1);
         this.valve = valve;
         this.request = request;
     }
@@ -55,29 +52,6 @@ public class JettyRequestAuthenticator extends RequestAuthenticator {
         };
     }
 
-    protected void saveServletRequest(HttpServletRequest request, HttpSession session) {
-        // remember the current URI
-        synchronized (session) {
-            // But only if it is not set already, or we save every uri that leads to a login form redirect
-            if (session.getAttribute(FormAuthenticator.__J_URI) == null) {
-                StringBuffer buf = request.getRequestURL();
-                if (request.getQueryString() != null)
-                    buf.append("?").append(request.getQueryString());
-                session.setAttribute(FormAuthenticator.__J_URI, buf.toString());
-                session.setAttribute(FormAuthenticator.__J_METHOD, request.getMethod());
-
-                if (MimeTypes.Type.FORM_ENCODED.is(request.getContentType()) && HttpMethod.POST.is(request.getMethod())) {
-                    Request base_request = (request instanceof Request) ? (Request) request : HttpChannel
-                            .getCurrentHttpChannel().getRequest();
-                    MultiMap<String> formParameters = new MultiMap<String>();
-                    base_request.extractFormParameters(formParameters);
-                    session.setAttribute(FormAuthenticator.__J_POST, formParameters);
-                }
-            }
-        }
-    }
-
-
     @Override
     protected void completeOAuthAuthentication(final KeycloakPrincipal<RefreshableKeycloakSecurityContext> skp) {
         principal = skp;
@@ -134,7 +108,7 @@ public class JettyRequestAuthenticator extends RequestAuthenticator {
                 MultiMap<String> j_post = (MultiMap<String>) session.getAttribute(FormAuthenticator.__J_POST);
                 if (j_post != null) {
                     Request base_request = HttpChannel.getCurrentHttpChannel().getRequest();
-                    base_request.setContentParameters(j_post);
+                    restoreFormParameters(j_post, base_request);
                 }
                 session.removeAttribute(FormAuthenticator.__J_URI);
                 session.removeAttribute(FormAuthenticator.__J_METHOD);
@@ -149,4 +123,29 @@ public class JettyRequestAuthenticator extends RequestAuthenticator {
         HttpSession session = request.getSession(create);
         return session != null ? session.getId() : null;
     }
+
+    protected void saveServletRequest(HttpServletRequest request, HttpSession session) {
+        // remember the current URI
+        synchronized (session) {
+            // But only if it is not set already, or we save every uri that leads to a login form redirect
+            if (session.getAttribute(FormAuthenticator.__J_URI) == null) {
+                StringBuffer buf = request.getRequestURL();
+                if (request.getQueryString() != null)
+                    buf.append("?").append(request.getQueryString());
+                session.setAttribute(FormAuthenticator.__J_URI, buf.toString());
+                session.setAttribute(FormAuthenticator.__J_METHOD, request.getMethod());
+
+                if (MimeTypes.Type.FORM_ENCODED.is(request.getContentType()) && HttpMethod.POST.is(request.getMethod())) {
+                    Request base_request = (request instanceof Request) ? (Request) request : HttpChannel
+                            .getCurrentHttpChannel().getRequest();
+                    MultiMap<String> formParameters = extractFormParameters(base_request);
+                    session.setAttribute(FormAuthenticator.__J_POST, formParameters);
+                }
+            }
+        }
+    }
+
+    protected abstract MultiMap<String> extractFormParameters(Request base_request);
+
+    protected abstract void restoreFormParameters(MultiMap<String> j_post, Request base_request);
 }

integration/jetty/jetty9-core/src/main/java/org/keycloak/adapters/jetty/AbstractKeycloakJettyAuthenticator.java

@@ -46,17 +46,70 @@ import java.util.Set;
  * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
  * @version $Revision: 1 $
  */
-public class KeycloakJettyAuthenticator extends LoginAuthenticator {
+public abstract class AbstractKeycloakJettyAuthenticator extends LoginAuthenticator {
-    private static final org.jboss.logging.Logger log = Logger.getLogger(KeycloakJettyAuthenticator.class);
+    public static final String TOKEN_STORE_NOTE = "TOKEN_STORE_NOTE";
+    protected static final org.jboss.logging.Logger log = Logger.getLogger(AbstractKeycloakJettyAuthenticator.class);
     protected AdapterDeploymentContext deploymentContext;
     protected NodesRegistrationManagement nodesRegistrationManagement;
     protected AdapterConfig adapterConfig;
     protected KeycloakConfigResolver configResolver;
 
-    public KeycloakJettyAuthenticator() {
+    public AbstractKeycloakJettyAuthenticator() {
         super();
     }
 
+    private static InputStream getJSONFromServletContext(ServletContext servletContext) {
+        String json = servletContext.getInitParameter(AdapterConstants.AUTH_DATA_PARAM_NAME);
+        if (json == null) {
+            return null;
+        }
+        return new ByteArrayInputStream(json.getBytes());
+    }
+
+    public static AdapterTokenStore getTokenStore(Request request, HttpFacade facade, KeycloakDeployment resolvedDeployment) {
+        AdapterTokenStore store = (AdapterTokenStore)request.getAttribute(TOKEN_STORE_NOTE);
+        if (store != null) {
+            return store;
+        }
+
+        if (resolvedDeployment.getTokenStore() == TokenStore.SESSION) {
+            store = new JettySessionTokenStore(request, resolvedDeployment);
+        } else {
+            store = new JettyCookieTokenStore(request, facade, resolvedDeployment);
+        }
+
+        request.setAttribute(TOKEN_STORE_NOTE, store);
+        return store;
+    }
+
+    public static void logoutCurrent(Request request) {
+        AdapterDeploymentContext deploymentContext = (AdapterDeploymentContext)request.getAttribute(AdapterDeploymentContext.class.getName());
+        KeycloakSecurityContext ksc = (KeycloakSecurityContext)request.getAttribute(KeycloakSecurityContext.class.getName());
+        if (ksc != null) {
+            JettyHttpFacade facade = new JettyHttpFacade(request, null);
+            KeycloakDeployment deployment = deploymentContext.resolveDeployment(facade);
+            if (ksc instanceof RefreshableKeycloakSecurityContext) {
+                ((RefreshableKeycloakSecurityContext) ksc).logout(deployment);
+            }
+
+            AdapterTokenStore tokenStore = getTokenStore(request, facade, deployment);
+            tokenStore.logout();
+            request.removeAttribute(KeycloakSecurityContext.class.getName());
+        }
+    }
+
+    public static UserIdentity createIdentity(KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal) {
+        Set<String> roles = AdapterUtils.getRolesFromSecurityContext(principal.getKeycloakSecurityContext());
+        if (roles == null) {
+            roles = new HashSet<String>();
+        }
+        Subject theSubject = new Subject();
+        String[] theRoles = new String[roles.size()];
+        roles.toArray(theRoles);
+
+        return new DefaultUserIdentity(theSubject, principal, theRoles);
+    }
+
     @Override
     public void setConfiguration(AuthConfiguration configuration) {
         //super.setConfiguration(configuration);
@@ -91,7 +144,8 @@ public class KeycloakJettyAuthenticator extends LoginAuthenticator {
         String contextPath = ContextHandler.getCurrentContext().getContextPath();
         ServletContext theServletContext = ContextHandler.getCurrentContext().getContext(contextPath);
 
-        if (configResolver == null) {
+        // Jetty 9.1.x servlet context will be null :(
+        if (configResolver == null && theServletContext != null) {
             String configResolverClass = theServletContext.getInitParameter("keycloak.config.resolver");
             if (configResolverClass != null) {
                 try {
@@ -108,28 +162,18 @@ public class KeycloakJettyAuthenticator extends LoginAuthenticator {
         } else if (adapterConfig != null) {
             KeycloakDeployment kd = KeycloakDeploymentBuilder.build(adapterConfig);
             deploymentContext = new AdapterDeploymentContext(kd);
-        } else {
+        } else if (theServletContext != null) {
             InputStream configInputStream = getConfigInputStream(theServletContext);
-            if (configInputStream == null) {
+            if (configInputStream != null) {
-                deploymentContext = new AdapterDeploymentContext(new KeycloakDeployment());
-
-            } else {
                 deploymentContext = new AdapterDeploymentContext(KeycloakDeploymentBuilder.build(configInputStream));
              }
-
         }
-        theServletContext.setAttribute(AdapterDeploymentContext.class.getName(), deploymentContext);
+        if (deploymentContext == null) {
-    }
+            deploymentContext = new AdapterDeploymentContext(new KeycloakDeployment());
-
-    private static InputStream getJSONFromServletContext(ServletContext servletContext) {
-        String json = servletContext.getInitParameter(AdapterConstants.AUTH_DATA_PARAM_NAME);
-        if (json == null) {
-            return null;
         }
-        return new ByteArrayInputStream(json.getBytes());
+        if (theServletContext != null) theServletContext.setAttribute(AdapterDeploymentContext.class.getName(), deploymentContext);
     }
 
-
     private InputStream getConfigInputStream(ServletContext servletContext) {
         InputStream is = getJSONFromServletContext(servletContext);
         if (is == null) {
@@ -152,8 +196,6 @@ public class KeycloakJettyAuthenticator extends LoginAuthenticator {
         if (log.isTraceEnabled()) {
             log.trace("*** authenticate");
         }
-        if (!mandatory)
-            return new DeferredAuthentication(this);
         Request request = HttpChannel.getCurrentHttpChannel().getRequest();
         JettyHttpFacade facade = new JettyHttpFacade(request, (HttpServletResponse)res);
         KeycloakDeployment deployment = deploymentContext.resolveDeployment(facade);
@@ -165,11 +207,13 @@ public class KeycloakJettyAuthenticator extends LoginAuthenticator {
         if (handler.handleRequest()) {
             return Authentication.SEND_SUCCESS;
         }
+        if (!mandatory)
+            return new DeferredAuthentication(this);
         AdapterTokenStore tokenStore = getTokenStore(request, facade, deployment);
 
         nodesRegistrationManagement.tryRegister(deployment);
 
-        JettyRequestAuthenticator authenticator = new JettyRequestAuthenticator(deployment, this, tokenStore, facade, request);
+        AbstractJettyRequestAuthenticator authenticator = createRequestAuthenticator(request, facade, deployment, tokenStore);
         AuthOutcome outcome = authenticator.authenticate();
         if (outcome == AuthOutcome.AUTHENTICATED) {
             if (facade.isEnded()) {
@@ -191,26 +235,22 @@ public class KeycloakJettyAuthenticator extends LoginAuthenticator {
         return Authentication.SEND_CONTINUE;
     }
 
+    protected abstract AbstractJettyRequestAuthenticator createRequestAuthenticator(Request request, JettyHttpFacade facade, KeycloakDeployment deployment, AdapterTokenStore tokenStore);
+
     @Override
     public String getAuthMethod() {
         return "KEYCLOAK";
     }
 
-    public static final String TOKEN_STORE_NOTE = "TOKEN_STORE_NOTE";
+    protected Authentication register(Request request, KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal) {
-    public static AdapterTokenStore getTokenStore(Request request, HttpFacade facade, KeycloakDeployment resolvedDeployment) {
+        request.setAttribute(AdapterDeploymentContext.class.getName(), deploymentContext);
-        AdapterTokenStore store = (AdapterTokenStore)request.getAttribute(TOKEN_STORE_NOTE);
+        Authentication authentication = request.getAuthentication();
-        if (store != null) {
+        if (!(authentication instanceof KeycloakAuthentication)) {
-            return store;
+            UserIdentity userIdentity = createIdentity(principal);
+            authentication = new KeycloakAuthentication(getAuthMethod(), userIdentity);
+            request.setAuthentication(authentication);
         }
-
+        return authentication;
-        if (resolvedDeployment.getTokenStore() == TokenStore.SESSION) {
-            store = new JettySessionTokenStore(request, resolvedDeployment);
-        } else {
-            store = new JettyCookieTokenStore(request, facade, resolvedDeployment);
-        }
-
-        request.setAttribute(TOKEN_STORE_NOTE, store);
-        return store;
     }
 
     public static class KeycloakAuthentication extends UserAuthentication
@@ -228,46 +268,4 @@ public class KeycloakJettyAuthenticator extends LoginAuthenticator {
 
 
     }
-
-    public static void logoutCurrent(Request request) {
-        AdapterDeploymentContext deploymentContext = (AdapterDeploymentContext)request.getAttribute(AdapterDeploymentContext.class.getName());
-        KeycloakSecurityContext ksc = (KeycloakSecurityContext)request.getAttribute(KeycloakSecurityContext.class.getName());
-        if (ksc != null) {
-            JettyHttpFacade facade = new JettyHttpFacade(request, null);
-            KeycloakDeployment deployment = deploymentContext.resolveDeployment(facade);
-            if (ksc instanceof RefreshableKeycloakSecurityContext) {
-                ((RefreshableKeycloakSecurityContext) ksc).logout(deployment);
-            }
-
-            AdapterTokenStore tokenStore = getTokenStore(request, facade, deployment);
-            tokenStore.logout();
-            request.removeAttribute(KeycloakSecurityContext.class.getName());
-        }
-    }
-
-
-    protected Authentication register(Request request, KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal) {
-        request.setAttribute(AdapterDeploymentContext.class.getName(), deploymentContext);
-        Authentication authentication = request.getAuthentication();
-        if (!(authentication instanceof KeycloakAuthentication)) {
-            UserIdentity userIdentity = createIdentity(principal);
-            authentication = new KeycloakAuthentication(getAuthMethod(), userIdentity);
-            request.setAuthentication(authentication);
-        }
-        return authentication;
-    }
-
-    public static UserIdentity createIdentity(KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal) {
-        Set<String> roles = AdapterUtils.getRolesFromSecurityContext(principal.getKeycloakSecurityContext());
-        if (roles == null) {
-            roles = new HashSet<String>();
-        }
-        Subject theSubject = new Subject();
-        String[] theRoles = new String[roles.size()];
-        roles.toArray(theRoles);
-
-        return new DefaultUserIdentity(theSubject, principal, theRoles);
-    }
-
-
 }

integration/jetty/jetty9-core/src/main/java/org/keycloak/adapters/jetty/JettySessionTokenStore.java

@@ -65,7 +65,7 @@ public class JettySessionTokenStore implements AdapterTokenStore {
         securityContext.setCurrentRequestInfo(deployment, this);
         request.setAttribute(KeycloakSecurityContext.class.getName(), securityContext);
 
-        JettyRequestAuthenticator jettyAuthenticator = (JettyRequestAuthenticator) authenticator;
+        AbstractJettyRequestAuthenticator jettyAuthenticator = (AbstractJettyRequestAuthenticator) authenticator;
         KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal = AdapterUtils.createPrincipal(deployment, securityContext);
         jettyAuthenticator.principal = principal;
         jettyAuthenticator.restoreRequest();

integration/jetty/jetty9-core/src/main/java/org/keycloak/adapters/jetty/JettyUserSessionManagement.java

@@ -1,6 +1,7 @@
 package org.keycloak.adapters.jetty;
 
 import org.eclipse.jetty.server.SessionManager;
+import org.jboss.logging.Logger;
 import org.keycloak.adapters.UserSessionManagement;
 
 import javax.servlet.http.HttpSession;
@@ -11,6 +12,7 @@ import java.util.List;
  * @version $Revision: 1 $
  */
 public class JettyUserSessionManagement implements UserSessionManagement {
+    private static final org.jboss.logging.Logger log = Logger.getLogger(JettyUserSessionManagement.class);
     protected SessionManager sessionManager;
 
     public JettyUserSessionManagement(SessionManager sessionManager) {
@@ -24,6 +26,7 @@ public class JettyUserSessionManagement implements UserSessionManagement {
 
     @Override
     public void logoutHttpSessions(List<String> ids) {
+        log.trace("---> logoutHttpSessions");
         for (String id : ids) {
             HttpSession httpSession = sessionManager.getHttpSession(id);
             if (httpSession != null) httpSession.invalidate();

integration/jetty/jetty9.1/pom.xml

@@ -0,0 +1,105 @@
+<?xml version="1.0"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <parent>
+		<artifactId>keycloak-parent</artifactId>
+		<groupId>org.keycloak</groupId>
+        <version>1.1.0.Beta2-SNAPSHOT</version>
+		<relativePath>../../../pom.xml</relativePath>
+	</parent>
+	<modelVersion>4.0.0</modelVersion>
+
+	<artifactId>keycloak-jetty91-adapter</artifactId>
+	<name>Keycloak Jetty 9.1.x Integration</name>
+    <properties>
+        <jetty9.version>9.1.5.v20140505</jetty9.version>
+    </properties>
+	<description />
+
+	<dependencies>
+        <dependency>
+            <groupId>org.jboss.logging</groupId>
+            <artifactId>jboss-logging</artifactId>
+            <version>${jboss.logging.version}</version>
+        </dependency>
+		<dependency>
+			<groupId>org.keycloak</groupId>
+			<artifactId>keycloak-core</artifactId>
+			<version>${project.version}</version>
+		</dependency>
+        <dependency>
+            <groupId>org.keycloak</groupId>
+            <artifactId>keycloak-adapter-core</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.keycloak</groupId>
+            <artifactId>keycloak-jetty9-core</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+		<dependency>
+			<groupId>org.apache.httpcomponents</groupId>
+			<artifactId>httpclient</artifactId>
+			<version>${keycloak.apache.httpcomponents.version}</version>
+		</dependency>
+		<dependency>
+			<groupId>net.iharder</groupId>
+			<artifactId>base64</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.bouncycastle</groupId>
+			<artifactId>bcprov-jdk16</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.codehaus.jackson</groupId>
+			<artifactId>jackson-core-asl</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.codehaus.jackson</groupId>
+			<artifactId>jackson-mapper-asl</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.codehaus.jackson</groupId>
+			<artifactId>jackson-xc</artifactId>
+		</dependency>
+        <dependency>
+            <groupId>org.eclipse.jetty</groupId>
+            <artifactId>jetty-server</artifactId>
+            <version>${jetty9.version}</version>
+            <scope>compile</scope>
+        </dependency>
+
+        <dependency>
+            <groupId>org.eclipse.jetty</groupId>
+            <artifactId>jetty-util</artifactId>
+            <version>${jetty9.version}</version>
+            <scope>compile</scope>
+        </dependency>
+
+        <dependency>
+            <groupId>org.eclipse.jetty</groupId>
+            <artifactId>jetty-security</artifactId>
+            <version>${jetty9.version}</version>
+            <scope>compile</scope>
+        </dependency>
+
+		<dependency>
+			<groupId>junit</groupId>
+			<artifactId>junit</artifactId>
+			<scope>test</scope>
+		</dependency>
+	</dependencies>
+	<build>
+		<plugins>
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-compiler-plugin</artifactId>
+				<configuration>
+					<source>1.6</source>
+					<target>1.6</target>
+				</configuration>
+			</plugin>
+		</plugins>
+	</build>
+
+</project>

integration/jetty/jetty9.1/src/main/java/org/keycloak/adapters/jetty/JettyRequestAuthenticator.java

@@ -0,0 +1,32 @@
+package org.keycloak.adapters.jetty;
+
+import org.eclipse.jetty.server.Request;
+import org.eclipse.jetty.util.MultiMap;
+import org.keycloak.adapters.AdapterTokenStore;
+import org.keycloak.adapters.KeycloakDeployment;
+
+/**
+ * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
+ * @version $Revision: 1 $
+ */
+public class JettyRequestAuthenticator extends AbstractJettyRequestAuthenticator {
+
+    public JettyRequestAuthenticator(KeycloakDeployment deployment,
+                                     AbstractKeycloakJettyAuthenticator valve, AdapterTokenStore tokenStore,
+                                     JettyHttpFacade facade,
+                                     Request request) {
+        super(facade, deployment, tokenStore, -1, valve, request);
+    }
+
+
+    @Override
+    protected MultiMap<String> extractFormParameters(Request base_request) {
+        MultiMap<String> formParameters = new MultiMap<String>();
+        base_request.extractParameters();
+        return base_request.getParameters();
+    }
+    @Override
+    protected void restoreFormParameters(MultiMap<String> j_post, Request base_request) {
+        base_request.setParameters(j_post);
+    }
+}

integration/jetty/jetty9.1/src/main/java/org/keycloak/adapters/jetty/KeycloakJettyAuthenticator.java

@@ -0,0 +1,24 @@
+package org.keycloak.adapters.jetty;
+
+import org.eclipse.jetty.server.Request;
+import org.keycloak.adapters.AdapterTokenStore;
+import org.keycloak.adapters.KeycloakDeployment;
+
+/**
+ * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
+ * @version $Revision: 1 $
+ */
+public class KeycloakJettyAuthenticator extends AbstractKeycloakJettyAuthenticator {
+
+    public KeycloakJettyAuthenticator() {
+        super();
+    }
+
+
+    @Override
+    protected AbstractJettyRequestAuthenticator createRequestAuthenticator(Request request, JettyHttpFacade facade, KeycloakDeployment deployment, AdapterTokenStore tokenStore) {
+        return new JettyRequestAuthenticator(deployment, this, tokenStore, facade, request);
+    }
+
+
+}

integration/jetty/jetty9.2/pom.xml

@@ -0,0 +1,105 @@
+<?xml version="1.0"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <parent>
+		<artifactId>keycloak-parent</artifactId>
+		<groupId>org.keycloak</groupId>
+        <version>1.1.0.Beta2-SNAPSHOT</version>
+		<relativePath>../../../pom.xml</relativePath>
+	</parent>
+	<modelVersion>4.0.0</modelVersion>
+
+	<artifactId>keycloak-jetty92-adapter</artifactId>
+	<name>Keycloak Jetty 9.2.x Integration</name>
+    <properties>
+        <jetty9.version>9.2.4.v20141103</jetty9.version>
+    </properties>
+	<description />
+
+	<dependencies>
+        <dependency>
+            <groupId>org.jboss.logging</groupId>
+            <artifactId>jboss-logging</artifactId>
+            <version>${jboss.logging.version}</version>
+        </dependency>
+		<dependency>
+			<groupId>org.keycloak</groupId>
+			<artifactId>keycloak-core</artifactId>
+			<version>${project.version}</version>
+		</dependency>
+        <dependency>
+            <groupId>org.keycloak</groupId>
+            <artifactId>keycloak-adapter-core</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.keycloak</groupId>
+            <artifactId>keycloak-jetty9-core</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+		<dependency>
+			<groupId>org.apache.httpcomponents</groupId>
+			<artifactId>httpclient</artifactId>
+			<version>${keycloak.apache.httpcomponents.version}</version>
+		</dependency>
+		<dependency>
+			<groupId>net.iharder</groupId>
+			<artifactId>base64</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.bouncycastle</groupId>
+			<artifactId>bcprov-jdk16</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.codehaus.jackson</groupId>
+			<artifactId>jackson-core-asl</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.codehaus.jackson</groupId>
+			<artifactId>jackson-mapper-asl</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.codehaus.jackson</groupId>
+			<artifactId>jackson-xc</artifactId>
+		</dependency>
+        <dependency>
+            <groupId>org.eclipse.jetty</groupId>
+            <artifactId>jetty-server</artifactId>
+            <version>${jetty9.version}</version>
+            <scope>compile</scope>
+        </dependency>
+
+        <dependency>
+            <groupId>org.eclipse.jetty</groupId>
+            <artifactId>jetty-util</artifactId>
+            <version>${jetty9.version}</version>
+            <scope>compile</scope>
+        </dependency>
+
+        <dependency>
+            <groupId>org.eclipse.jetty</groupId>
+            <artifactId>jetty-security</artifactId>
+            <version>${jetty9.version}</version>
+            <scope>compile</scope>
+        </dependency>
+
+		<dependency>
+			<groupId>junit</groupId>
+			<artifactId>junit</artifactId>
+			<scope>test</scope>
+		</dependency>
+	</dependencies>
+	<build>
+		<plugins>
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-compiler-plugin</artifactId>
+				<configuration>
+					<source>1.6</source>
+					<target>1.6</target>
+				</configuration>
+			</plugin>
+		</plugins>
+	</build>
+
+</project>

integration/jetty/jetty9.2/src/main/java/org/keycloak/adapters/jetty/JettyRequestAuthenticator.java

@@ -0,0 +1,32 @@
+package org.keycloak.adapters.jetty;
+
+import org.eclipse.jetty.server.Request;
+import org.eclipse.jetty.util.MultiMap;
+import org.keycloak.adapters.AdapterTokenStore;
+import org.keycloak.adapters.KeycloakDeployment;
+
+/**
+ * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
+ * @version $Revision: 1 $
+ */
+public class JettyRequestAuthenticator extends AbstractJettyRequestAuthenticator {
+
+    public JettyRequestAuthenticator(KeycloakDeployment deployment,
+                                     AbstractKeycloakJettyAuthenticator valve, AdapterTokenStore tokenStore,
+                                     JettyHttpFacade facade,
+                                     Request request) {
+        super(facade, deployment, tokenStore, -1, valve, request);
+    }
+
+
+    @Override
+    protected MultiMap<String> extractFormParameters(Request base_request) {
+        MultiMap<String> formParameters = new MultiMap<String>();
+        base_request.extractFormParameters(formParameters);
+        return formParameters;
+    }
+    @Override
+    protected void restoreFormParameters(MultiMap<String> j_post, Request base_request) {
+        base_request.setContentParameters(j_post);
+    }
+}

integration/jetty/jetty9.2/src/main/java/org/keycloak/adapters/jetty/KeycloakJettyAuthenticator.java

@@ -0,0 +1,24 @@
+package org.keycloak.adapters.jetty;
+
+import org.eclipse.jetty.server.Request;
+import org.keycloak.adapters.AdapterTokenStore;
+import org.keycloak.adapters.KeycloakDeployment;
+
+/**
+ * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
+ * @version $Revision: 1 $
+ */
+public class KeycloakJettyAuthenticator extends AbstractKeycloakJettyAuthenticator {
+
+    public KeycloakJettyAuthenticator() {
+        super();
+    }
+
+
+    @Override
+    protected AbstractJettyRequestAuthenticator createRequestAuthenticator(Request request, JettyHttpFacade facade, KeycloakDeployment deployment, AdapterTokenStore tokenStore) {
+        return new JettyRequestAuthenticator(deployment, this, tokenStore, facade, request);
+    }
+
+
+}

integration/jetty/pom.xml

@@ -0,0 +1,21 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <parent>
+        <artifactId>keycloak-parent</artifactId>
+        <groupId>org.keycloak</groupId>
+        <version>1.1.0.Beta2-SNAPSHOT</version>
+        <relativePath>../../pom.xml</relativePath>
+    </parent>
+    <name>Keycloak Jetty Integration</name>
+    <description/>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>keycloak-jetty-integration-pom</artifactId>
+    <packaging>pom</packaging>
+
+    <modules>
+        <module>jetty9-core</module>
+        <module>jetty9.2</module>
+        <module>jetty9.1</module>
+    </modules>
+</project>

integration/pom.xml

@@ -20,7 +20,7 @@
         <module>jboss-adapter-core</module>
         <module>as7-eap6/adapter</module>
         <module>tomcat7/adapter</module>
-        <module>jetty9/adapter</module>
+        <module>jetty</module>
         <module>undertow</module>
         <module>wildfly-adapter</module>
         <module>wildfly-subsystem</module>

integration/tomcat7/adapter/pom.xml

@@ -11,6 +11,9 @@
 
 	<artifactId>keycloak-tomcat7-adapter</artifactId>
 	<name>Keycloak Tomcat7 Integration</name>
+    <properties>
+        <tomcat.version>7.0.52</tomcat.version>
+    </properties>
 	<description />
 
 	<dependencies>
@@ -29,11 +32,6 @@
 			<artifactId>keycloak-adapter-core</artifactId>
 			<version>${project.version}</version>
 		</dependency>
-		<dependency>
-			<groupId>org.keycloak</groupId>
-			<artifactId>keycloak-jboss-adapter-core</artifactId>
-			<version>${project.version}</version>
-		</dependency>
 		<dependency>
 			<groupId>org.apache.httpcomponents</groupId>
 			<artifactId>httpclient</artifactId>
@@ -62,13 +60,13 @@
 		<dependency>
 			<groupId>org.apache.tomcat</groupId>
 			<artifactId>tomcat-servlet-api</artifactId>
-			<version>7.0.52</version>
+			<version>${tomcat.version}</version>
 			<scope>provided</scope>
 		</dependency>
 		<dependency>
 			<groupId>org.apache.tomcat</groupId>
 			<artifactId>tomcat-catalina</artifactId>
-			<version>7.0.54</version>
+            <version>${tomcat.version}</version>
 			<scope>provided</scope>
 		</dependency>
 

testsuite/jetty/jetty91/pom.xml

@@ -0,0 +1,515 @@
+<?xml version="1.0"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <parent>
+        <artifactId>keycloak-testsuite-pom</artifactId>
+        <groupId>org.keycloak</groupId>
+        <version>1.1.0.Beta2-SNAPSHOT</version>
+        <relativePath>../../pom.xml</relativePath>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>keycloak-testsuite-jetty91</artifactId>
+    <name>Keycloak Jetty 9.1.x Integration TestSuite</name>
+    <properties>
+        <jetty9.version>9.1.5.v20140505</jetty9.version>
+    </properties>
+    <description />
+
+   <dependencies>
+        <dependency>
+            <groupId>org.keycloak</groupId>
+            <artifactId>keycloak-dependencies-server-all</artifactId>
+            <version>${project.version}</version>
+            <type>pom</type>
+        </dependency>
+        <dependency>
+            <groupId>org.keycloak</groupId>
+            <artifactId>keycloak-admin-client</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>log4j</groupId>
+            <artifactId>log4j</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-api</artifactId>
+            <version>1.6.1</version>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-log4j12</artifactId>
+            <version>1.6.1</version>
+        </dependency>
+        <dependency>
+            <groupId>org.jboss.spec.javax.servlet</groupId>
+            <artifactId>jboss-servlet-api_3.0_spec</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.jboss.resteasy</groupId>
+            <artifactId>jaxrs-api</artifactId>
+            <version>${resteasy.version.latest}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.jboss.resteasy</groupId>
+            <artifactId>resteasy-jaxrs</artifactId>
+            <version>${resteasy.version.latest}</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>log4j</groupId>
+                    <artifactId>log4j</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.slf4j</groupId>
+                    <artifactId>slf4j-api</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.slf4j</groupId>
+                    <artifactId>slf4j-simple</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+        <dependency>
+            <groupId>org.jboss.resteasy</groupId>
+            <artifactId>resteasy-client</artifactId>
+            <version>${resteasy.version.latest}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.jboss.resteasy</groupId>
+            <artifactId>resteasy-crypto</artifactId>
+            <version>${resteasy.version.latest}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.jboss.resteasy</groupId>
+            <artifactId>resteasy-multipart-provider</artifactId>
+            <version>${resteasy.version.latest}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.jboss.resteasy</groupId>
+            <artifactId>resteasy-jackson-provider</artifactId>
+            <version>${resteasy.version.latest}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.jboss.resteasy</groupId>
+            <artifactId>resteasy-undertow</artifactId>
+            <version>${resteasy.version.latest}</version>
+        </dependency>
+        <dependency>
+            <groupId>com.google.zxing</groupId>
+            <artifactId>javase</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.bouncycastle</groupId>
+            <artifactId>bcprov-jdk16</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.httpcomponents</groupId>
+            <artifactId>httpclient</artifactId>
+            <version>${keycloak.apache.httpcomponents.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.keycloak</groupId>
+            <artifactId>keycloak-ldap-federation</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+       <dependency>
+           <groupId>org.keycloak</groupId>
+           <artifactId>keycloak-undertow-adapter</artifactId>
+           <version>${project.version}</version>
+       </dependency>
+       <dependency>
+           <groupId>org.keycloak</groupId>
+           <artifactId>keycloak-jetty91-adapter</artifactId>
+           <version>${project.version}</version>
+       </dependency>
+       <dependency>
+            <groupId>org.jboss.logging</groupId>
+            <artifactId>jboss-logging</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>io.undertow</groupId>
+            <artifactId>undertow-servlet</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>io.undertow</groupId>
+            <artifactId>undertow-core</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.codehaus.jackson</groupId>
+            <artifactId>jackson-core-asl</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.codehaus.jackson</groupId>
+            <artifactId>jackson-mapper-asl</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.codehaus.jackson</groupId>
+            <artifactId>jackson-xc</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>junit</groupId>
+            <artifactId>junit</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.hamcrest</groupId>
+            <artifactId>hamcrest-all</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.hibernate.javax.persistence</groupId>
+            <artifactId>hibernate-jpa-2.0-api</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>com.h2database</groupId>
+            <artifactId>h2</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.hibernate</groupId>
+            <artifactId>hibernate-entitymanager</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>com.icegreen</groupId>
+            <artifactId>greenmail</artifactId>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.slf4j</groupId>
+                    <artifactId>slf4j-api</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+        <dependency>
+            <groupId>org.infinispan</groupId>
+            <artifactId>infinispan-core</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.seleniumhq.selenium</groupId>
+            <artifactId>selenium-java</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>xml-apis</groupId>
+            <artifactId>xml-apis</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.seleniumhq.selenium</groupId>
+            <artifactId>selenium-chrome-driver</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.wildfly</groupId>
+            <artifactId>wildfly-undertow</artifactId>
+            <version>${wildfly.version}</version>
+            <scope>test</scope>
+        </dependency>
+       <dependency>
+           <groupId>org.keycloak</groupId>
+           <artifactId>keycloak-testsuite-integration</artifactId>
+           <version>${project.version}</version>
+           <scope>test</scope>
+       </dependency>
+       <dependency>
+           <groupId>org.keycloak</groupId>
+           <artifactId>keycloak-testsuite-integration</artifactId>
+           <version>${project.version}</version>
+           <type>test-jar</type>
+           <scope>test</scope>
+       </dependency>
+       <dependency>
+           <groupId>org.eclipse.jetty</groupId>
+           <artifactId>jetty-util</artifactId>
+           <version>${jetty9.version}</version>
+           <scope>provided</scope>
+       </dependency>
+
+       <dependency>
+           <groupId>org.eclipse.jetty</groupId>
+           <artifactId>jetty-webapp</artifactId>
+           <version>${jetty9.version}</version>
+           <scope>provided</scope>
+       </dependency>
+
+       <dependency>
+           <groupId>org.eclipse.jetty</groupId>
+           <artifactId>jetty-security</artifactId>
+           <version>${jetty9.version}</version>
+           <scope>provided</scope>
+       </dependency>
+
+       <dependency>
+           <groupId>org.eclipse.jetty</groupId>
+           <artifactId>jetty-servlet</artifactId>
+           <version>${jetty9.version}</version>
+           <scope>provided</scope>
+       </dependency>
+
+     </dependencies>
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-jar-plugin</artifactId>
+                <version>2.2</version>
+                <executions>
+                    <execution>
+                        <goals>
+                            <goal>test-jar</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-deploy-plugin</artifactId>
+                <configuration>
+                    <skip>true</skip>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <configuration>
+                    <source>${maven.compiler.source}</source>
+                    <target>${maven.compiler.target}</target>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>org.codehaus.mojo</groupId>
+                <artifactId>exec-maven-plugin</artifactId>
+                <configuration>
+                    <workingDirectory>${project.basedir}</workingDirectory>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+
+    <profiles>
+        <profile>
+            <id>keycloak-server</id>
+            <build>
+                <plugins>
+                    <plugin>
+                        <groupId>org.codehaus.mojo</groupId>
+                        <artifactId>exec-maven-plugin</artifactId>
+                        <configuration>
+                            <mainClass>org.keycloak.testutils.KeycloakServer</mainClass>
+                        </configuration>
+                    </plugin>
+                </plugins>
+            </build>
+        </profile>
+        <profile>
+            <id>mail-server</id>
+            <build>
+                <plugins>
+                    <plugin>
+                        <groupId>org.codehaus.mojo</groupId>
+                        <artifactId>exec-maven-plugin</artifactId>
+                        <configuration>
+                            <mainClass>org.keycloak.testutils.MailServer</mainClass>
+                        </configuration>
+                    </plugin>
+                </plugins>
+            </build>
+        </profile>
+        <profile>
+            <id>totp</id>
+            <build>
+                <plugins>
+                    <plugin>
+                        <groupId>org.codehaus.mojo</groupId>
+                        <artifactId>exec-maven-plugin</artifactId>
+                        <configuration>
+                            <mainClass>org.keycloak.testutils.TotpGenerator</mainClass>
+                        </configuration>
+                    </plugin>
+                </plugins>
+            </build>
+        </profile>
+
+        <profile>
+            <id>jpa</id>
+
+            <build>
+                <plugins>
+                    <plugin>
+                        <groupId>org.apache.maven.plugins</groupId>
+                        <artifactId>maven-surefire-plugin</artifactId>
+                        <configuration>
+                            <systemPropertyVariables>
+                                <keycloak.realm.provider>jpa</keycloak.realm.provider>
+                                <keycloak.user.provider>jpa</keycloak.user.provider>
+                                <keycloak.eventStore.provider>jpa</keycloak.eventStore.provider>
+                                <keycloak.userSessions.provider>jpa</keycloak.userSessions.provider>
+                            </systemPropertyVariables>
+                        </configuration>
+                    </plugin>
+                </plugins>
+            </build>
+        </profile>
+
+        <profile>
+            <id>mongo</id>
+
+            <properties>
+                <keycloak.connectionsMongo.host>localhost</keycloak.connectionsMongo.host>
+                <keycloak.connectionsMongo.port>27018</keycloak.connectionsMongo.port>
+                <keycloak.connectionsMongo.db>keycloak</keycloak.connectionsMongo.db>
+                <keycloak.connectionsMongo.clearOnStartup>true</keycloak.connectionsMongo.clearOnStartup>
+                <keycloak.connectionsMongo.bindIp>127.0.0.1</keycloak.connectionsMongo.bindIp>
+            </properties>
+
+            <build>
+                <plugins>
+
+                    <!-- Postpone tests to "integration-test" phase, so that we can bootstrap embedded mongo on 27018 before running tests -->
+                    <plugin>
+                        <groupId>org.apache.maven.plugins</groupId>
+                        <artifactId>maven-surefire-plugin</artifactId>
+                        <executions>
+                            <execution>
+                                <id>test</id>
+                                <phase>integration-test</phase>
+                                <goals>
+                                    <goal>test</goal>
+                                </goals>
+                                <configuration>
+                                    <systemPropertyVariables>
+                                        <keycloak.realm.provider>mongo</keycloak.realm.provider>
+                                        <keycloak.user.provider>mongo</keycloak.user.provider>
+                                        <keycloak.audit.provider>mongo</keycloak.audit.provider>
+                                        <keycloak.userSessions.provider>mongo</keycloak.userSessions.provider>
+                                        <keycloak.connectionsMongo.host>${keycloak.connectionsMongo.host}</keycloak.connectionsMongo.host>
+                                        <keycloak.connectionsMongo.port>${keycloak.connectionsMongo.port}</keycloak.connectionsMongo.port>
+                                        <keycloak.connectionsMongo.db>${keycloak.connectionsMongo.db}</keycloak.connectionsMongo.db>
+                                        <keycloak.connectionsMongo.clearOnStartup>${keycloak.connectionsMongo.clearOnStartup}</keycloak.connectionsMongo.clearOnStartup>
+                                        <keycloak.connectionsMongo.bindIp>${keycloak.connectionsMongo.bindIp}</keycloak.connectionsMongo.bindIp>
+                                    </systemPropertyVariables>
+                                </configuration>
+                            </execution>
+                            <execution>
+                                <id>default-test</id>
+                                <configuration>
+                                    <skip>true</skip>
+                                </configuration>
+                            </execution>
+                        </executions>
+                    </plugin>
+
+                    <!-- Embedded mongo -->
+                    <plugin>
+                        <groupId>com.github.joelittlejohn.embedmongo</groupId>
+                        <artifactId>embedmongo-maven-plugin</artifactId>
+                        <executions>
+                            <execution>
+                                <id>start-mongodb</id>
+                                <phase>pre-integration-test</phase>
+                                <goals>
+                                    <goal>start</goal>
+                                </goals>
+                                <configuration>
+                                    <port>${keycloak.connectionsMongo.port}</port>
+                                    <logging>file</logging>
+                                    <logFile>${project.build.directory}/mongodb.log</logFile>
+                                    <bindIp>${keycloak.connectionsMongo.bindIp}</bindIp>
+                                </configuration>
+                            </execution>
+                            <execution>
+                                <id>stop-mongodb</id>
+                                <phase>post-integration-test</phase>
+                                <goals>
+                                    <goal>stop</goal>
+                                </goals>
+                            </execution>
+                        </executions>
+                    </plugin>
+                </plugins>
+            </build>
+
+        </profile>
+
+        <profile>
+            <id>infinispan</id>
+
+            <build>
+                <plugins>
+                    <plugin>
+                        <groupId>org.apache.maven.plugins</groupId>
+                        <artifactId>maven-surefire-plugin</artifactId>
+                        <configuration>
+                            <systemPropertyVariables>
+                                <keycloak.realm.cache.provider>infinispan</keycloak.realm.cache.provider>
+                                <keycloak.user.cache.provider>infinispan</keycloak.user.cache.provider>
+                                <keycloak.userSessions.provider>infinispan</keycloak.userSessions.provider>
+                            </systemPropertyVariables>
+                        </configuration>
+                    </plugin>
+                </plugins>
+            </build>
+        </profile>
+
+        <!-- MySQL -->
+        <profile>
+            <activation>
+                <property>
+                    <name>keycloak.connectionsJpa.driver</name>
+                    <value>com.mysql.jdbc.Driver</value>
+                </property>
+            </activation>
+            <id>mysql</id>
+            <dependencies>
+                <dependency>
+                    <groupId>mysql</groupId>
+                    <artifactId>mysql-connector-java</artifactId>
+                    <version>${mysql.version}</version>
+                </dependency>
+            </dependencies>
+        </profile>
+
+        <!-- PostgreSQL -->
+        <profile>
+            <activation>
+                <property>
+                    <name>keycloak.connectionsJpa.driver</name>
+                    <value>org.postgresql.Driver</value>
+                </property>
+            </activation>
+            <id>postgresql</id>
+            <dependencies>
+                <dependency>
+                    <groupId>org.postgresql</groupId>
+                    <artifactId>postgresql</artifactId>
+                    <version>${postgresql.version}</version>
+                </dependency>
+            </dependencies>
+        </profile>
+
+        <profile>
+            <id>clean-jpa</id>
+            <build>
+                <plugins>
+                    <plugin>
+                        <groupId>org.liquibase</groupId>
+                        <artifactId>liquibase-maven-plugin</artifactId>
+                        <configuration>
+                            <changeLogFile>META-INF/jpa-changelog-master.xml</changeLogFile>
+
+                            <url>${keycloak.connectionsJpa.url}</url>
+                            <driver>${keycloak.connectionsJpa.driver}</driver>
+                            <username>${keycloak.connectionsJpa.user}</username>
+                            <password>${keycloak.connectionsJpa.password}</password>
+
+                            <promptOnNonLocalDatabase>false</promptOnNonLocalDatabase>
+                        </configuration>
+                        <executions>
+                            <execution>
+                                <id>clean-jpa</id>
+                                <phase>clean</phase>
+                                <goals>
+                                    <goal>dropAll</goal>
+                                </goals>
+                            </execution>
+                        </executions>
+                    </plugin>
+                </plugins>
+            </build>
+        </profile>
+    </profiles>
+</project>

testsuite/jetty/jetty91/src/test/java/org/keycloak/testsuite/Jetty9Test.java

@@ -29,7 +29,6 @@ import org.eclipse.jetty.server.Server;
 import org.eclipse.jetty.server.handler.HandlerCollection;
 import org.eclipse.jetty.servlet.ServletHolder;
 import org.eclipse.jetty.util.security.Constraint;
-import org.eclipse.jetty.util.security.Password;
 import org.eclipse.jetty.webapp.WebAppContext;
 import org.junit.AfterClass;
 import org.junit.Assert;
@@ -40,6 +39,7 @@ import org.junit.Rule;
 import org.junit.Test;
 import org.keycloak.KeycloakSecurityContext;
 import org.keycloak.OAuth2Constants;
+import org.keycloak.adapters.jetty.AbstractKeycloakJettyAuthenticator;
 import org.keycloak.adapters.jetty.KeycloakJettyAuthenticator;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.RealmModel;
@@ -58,12 +58,9 @@ import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.ws.rs.core.UriBuilder;
-import java.io.File;
 import java.io.IOException;
 import java.io.OutputStream;
-import java.net.URL;
 import java.security.Principal;
-import java.util.regex.Matcher;
 
 /**
  * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
@@ -129,7 +126,7 @@ public class Jetty9Test {
 
         ConstraintSecurityHandler securityHandler = formHandler();
 
-        KeycloakJettyAuthenticator authenticator = new KeycloakJettyAuthenticator();
+        AbstractKeycloakJettyAuthenticator authenticator = new KeycloakJettyAuthenticator();
         securityHandler.setAuthenticator(authenticator);
 
         appContext.setSecurityHandler(securityHandler);

testsuite/jetty/jetty92/pom.xml

@@ -5,12 +5,12 @@
         <artifactId>keycloak-testsuite-pom</artifactId>
         <groupId>org.keycloak</groupId>
         <version>1.1.0.Beta2-SNAPSHOT</version>
-        <relativePath>../pom.xml</relativePath>
+        <relativePath>../../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 
-    <artifactId>keycloak-testsuite-jetty9</artifactId>
+    <artifactId>keycloak-testsuite-jetty92</artifactId>
-    <name>Keycloak Jetty 9 Integration TestSuite</name>
+    <name>Keycloak Jetty 9.2.x Integration TestSuite</name>
     <properties>
         <jetty9.version>9.2.4.v20141103</jetty9.version>
     </properties>
@@ -120,7 +120,7 @@
        </dependency>
        <dependency>
            <groupId>org.keycloak</groupId>
-           <artifactId>keycloak-jetty9-adapter</artifactId>
+           <artifactId>keycloak-jetty92-adapter</artifactId>
            <version>${project.version}</version>
        </dependency>
        <dependency>

testsuite/jetty/jetty92/src/test/java/org/keycloak/testsuite/Jetty9Test.java

@@ -0,0 +1,229 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2012, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.keycloak.testsuite;
+
+import org.eclipse.jetty.security.ConstraintMapping;
+import org.eclipse.jetty.security.ConstraintSecurityHandler;
+import org.eclipse.jetty.security.HashLoginService;
+import org.eclipse.jetty.server.Handler;
+import org.eclipse.jetty.server.Server;
+import org.eclipse.jetty.server.handler.HandlerCollection;
+import org.eclipse.jetty.servlet.ServletHolder;
+import org.eclipse.jetty.util.security.Constraint;
+import org.eclipse.jetty.webapp.WebAppContext;
+import org.junit.AfterClass;
+import org.junit.Assert;
+import org.junit.BeforeClass;
+import org.junit.ClassRule;
+import org.junit.Ignore;
+import org.junit.Rule;
+import org.junit.Test;
+import org.keycloak.KeycloakSecurityContext;
+import org.keycloak.OAuth2Constants;
+import org.keycloak.adapters.jetty.AbstractKeycloakJettyAuthenticator;
+import org.keycloak.adapters.jetty.KeycloakJettyAuthenticator;
+import org.keycloak.models.KeycloakSession;
+import org.keycloak.models.RealmModel;
+import org.keycloak.protocol.oidc.OpenIDConnectService;
+import org.keycloak.representations.idm.RealmRepresentation;
+import org.keycloak.services.managers.RealmManager;
+import org.keycloak.testsuite.pages.LoginPage;
+import org.keycloak.testsuite.rule.AbstractKeycloakRule;
+import org.keycloak.testsuite.rule.WebResource;
+import org.keycloak.testsuite.rule.WebRule;
+import org.keycloak.testutils.KeycloakServer;
+import org.openqa.selenium.WebDriver;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.ws.rs.core.UriBuilder;
+import java.io.IOException;
+import java.io.OutputStream;
+import java.security.Principal;
+
+/**
+ * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
+ */
+public class Jetty9Test {
+    static String logoutUri = OpenIDConnectService.logoutUrl(UriBuilder.fromUri("http://localhost:8081/auth"))
+            .queryParam(OAuth2Constants.REDIRECT_URI, "http://localhost:8080/customer-portal").build("demo").toString();
+
+    @ClassRule
+    public static AbstractKeycloakRule keycloakRule = new AbstractKeycloakRule() {
+        @Override
+        protected void configure(KeycloakSession session, RealmManager manager, RealmModel adminRealm) {
+            RealmRepresentation representation = KeycloakServer.loadJson(getClass().getResourceAsStream("/jetty-test/demorealm.json"), RealmRepresentation.class);
+            RealmModel realm = manager.importRealm(representation);
+       }
+    };
+
+    public static class SendUsernameServlet extends HttpServlet {
+        @Override
+        protected void doGet(final HttpServletRequest req, final HttpServletResponse resp) throws ServletException, IOException {
+            if (req.getPathInfo().endsWith("logout")) {
+                req.logout();
+                resp.setContentType("text/plain");
+                OutputStream stream = resp.getOutputStream();
+                stream.write("logout".getBytes());
+                return;
+
+            }
+            resp.setContentType("text/plain");
+            OutputStream stream = resp.getOutputStream();
+            Principal principal = req.getUserPrincipal();
+            if (principal == null) {
+                stream.write("null".getBytes());
+                return;
+            }
+            String name = principal.getName();
+            stream.write(name.getBytes());
+            stream.write("\n".getBytes());
+            KeycloakSecurityContext context = (KeycloakSecurityContext)req.getAttribute(KeycloakSecurityContext.class.getName());
+            stream.write(context.getIdToken().getName().getBytes());
+            stream.write("\n".getBytes());
+            stream.write(logoutUri.getBytes());
+
+        }
+        @Override
+        protected void doPost(final HttpServletRequest req, final HttpServletResponse resp) throws ServletException, IOException {
+            doGet(req, resp);
+        }
+    }
+
+    public static Server server = null;
+    protected static WebAppContext appContext = null;
+
+
+    protected static void deploySP() throws Exception {
+        appContext = new WebAppContext();
+        appContext.setResourceBase(Jetty9Test.class.getClassLoader().getResource("jetty-test/webapp").toExternalForm());
+        appContext.setContextPath("/customer-portal");
+        appContext.setParentLoaderPriority(true);
+
+        appContext.addServlet(new ServletHolder(new SendUsernameServlet()), "/*");
+
+
+        ConstraintSecurityHandler securityHandler = formHandler();
+
+        AbstractKeycloakJettyAuthenticator authenticator = new KeycloakJettyAuthenticator();
+        securityHandler.setAuthenticator(authenticator);
+
+        appContext.setSecurityHandler(securityHandler);
+    }
+
+    private static ConstraintSecurityHandler formHandler() {
+        Constraint constraint = new Constraint();
+        constraint.setName(Constraint.__FORM_AUTH);
+        ;
+        constraint.setRoles(new String[] { "user", "admin" });
+        constraint.setAuthenticate(true);
+
+        ConstraintMapping constraintMapping = new ConstraintMapping();
+        constraintMapping.setConstraint(constraint);
+        constraintMapping.setPathSpec("/*");
+
+        ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
+        securityHandler.setConstraintMappings(new ConstraintMapping[] { constraintMapping });
+
+        HashLoginService loginService = new HashLoginService();
+        securityHandler.setLoginService(loginService);
+        return securityHandler;
+    }
+
+
+
+    @BeforeClass
+    public static void initJetty() throws Exception {
+        server = new Server(8080);
+
+        deploySP();
+
+        HandlerCollection handlers = new HandlerCollection();
+        handlers.setHandlers(new Handler[] { appContext });
+        server.setHandler(handlers);
+
+        server.start();
+    }
+
+
+
+    @AfterClass
+    public static void shutdownJetty() throws Exception {
+        server.stop();
+        server.destroy();
+    }
+
+    @Rule
+    public WebRule webRule = new WebRule(this);
+    @WebResource
+    protected WebDriver driver;
+    @WebResource
+    protected LoginPage loginPage;
+
+    public static final String LOGIN_URL = OpenIDConnectService.loginPageUrl(UriBuilder.fromUri("http://localhost:8081/auth")).build("demo").toString();
+    @Test
+    public void testLoginSSOAndLogout() throws Exception {
+        driver.navigate().to("http://localhost:8080/customer-portal");
+        System.out.println("Current url: " + driver.getCurrentUrl());
+        Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
+        loginPage.login("bburke@redhat.com", "password");
+        System.out.println("Current url: " + driver.getCurrentUrl());
+        Assert.assertEquals(driver.getCurrentUrl(), "http://localhost:8080/customer-portal/");
+        String pageSource = driver.getPageSource();
+        System.out.println(pageSource);
+        Assert.assertTrue(pageSource.contains("Bill Burke"));
+
+        // test logout
+
+        String logoutUri = OpenIDConnectService.logoutUrl(UriBuilder.fromUri("http://localhost:8081/auth"))
+                .queryParam(OAuth2Constants.REDIRECT_URI, "http://localhost:8080/customer-portal").build("demo").toString();
+        driver.navigate().to(logoutUri);
+        Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
+        driver.navigate().to("http://localhost:8080/customer-portal");
+        String currentUrl = driver.getCurrentUrl();
+        Assert.assertTrue(currentUrl.startsWith(LOGIN_URL));
+
+        // test servletRequest.logout()
+        loginPage.login("bburke@redhat.com", "password");
+        System.out.println("Current url: " + driver.getCurrentUrl());
+        Assert.assertEquals(driver.getCurrentUrl(), "http://localhost:8080/customer-portal/");
+        pageSource = driver.getPageSource();
+        System.out.println(pageSource);
+        Assert.assertTrue(pageSource.contains("Bill Burke"));
+        driver.navigate().to("http://localhost:8080/customer-portal/logout");
+        pageSource = driver.getPageSource();
+        Assert.assertTrue(pageSource.contains("logout"));
+        driver.navigate().to("http://localhost:8080/customer-portal");
+        currentUrl = driver.getCurrentUrl();
+        Assert.assertTrue(currentUrl.startsWith(LOGIN_URL));
+
+
+    }
+
+    @Test
+    @Ignore
+    public void runit() throws Exception {
+        Thread.sleep(10000000);
+    }
+}

testsuite/jetty/jetty92/src/test/resources/jetty-test/demorealm.json

@@ -0,0 +1,58 @@
+{
+    "id": "demo",
+    "realm": "demo",
+    "enabled": true,
+    "accessTokenLifespan": 3000,
+    "accessCodeLifespan": 10,
+    "accessCodeLifespanUserAction": 6000,
+    "sslRequired": "external",
+    "registrationAllowed": false,
+    "social": false,
+    "passwordCredentialGrantAllowed": true,
+    "updateProfileOnInitialSocialLogin": false,
+    "privateKey": "MIICXAIBAAKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQABAoGAfmO8gVhyBxdqlxmIuglbz8bcjQbhXJLR2EoS8ngTXmN1bo2L90M0mUKSdc7qF10LgETBzqL8jYlQIbt+e6TH8fcEpKCjUlyq0Mf/vVbfZSNaVycY13nTzo27iPyWQHK5NLuJzn1xvxxrUeXI6A2WFpGEBLbHjwpx5WQG9A+2scECQQDvdn9NE75HPTVPxBqsEd2z10TKkl9CZxu10Qby3iQQmWLEJ9LNmy3acvKrE3gMiYNWb6xHPKiIqOR1as7L24aTAkEAtyvQOlCvr5kAjVqrEKXalj0Tzewjweuxc0pskvArTI2Oo070h65GpoIKLc9jf+UA69cRtquwP93aZKtW06U8dQJAF2Y44ks/mK5+eyDqik3koCI08qaC8HYq2wVl7G2QkJ6sbAaILtcvD92ToOvyGyeE0flvmDZxMYlvaZnaQ0lcSQJBAKZU6umJi3/xeEbkJqMfeLclD27XGEFoPeNrmdx0q10Azp4NfJAY+Z8KRyQCR2BEG+oNitBOZ+YXF9KCpH3cdmECQHEigJhYg+ykOvr1aiZUMFT72HU0jnmQe2FVekuG+LJUt2Tm7GtMjTFoGpf0JwrVuZN39fOYAlo+nTixgeW7X8Y=",
+    "publicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
+    "requiredCredentials": [ "password" ],
+    "users" : [
+        {
+            "username" : "bburke@redhat.com",
+            "enabled": true,
+            "email" : "bburke@redhat.com",
+            "firstName": "Bill",
+            "lastName": "Burke",
+            "credentials" : [
+                { "type" : "password",
+                    "value" : "password" }
+            ],
+            "realmRoles": [ "user", "admin" ],
+            "applicationRoles": {
+                "account": [ "manage-account" ]
+            }
+        }
+    ],
+    "roles" : {
+        "realm" : [
+            {
+                "name": "user",
+                "description": "User privileges"
+            },
+            {
+                "name": "admin",
+                "description": "Administrator privileges"
+            }
+        ]
+    },
+    "applications": [
+        {
+            "name": "customer-portal",
+            "enabled": true,
+            "fullScopeAllowed": true,
+            "adminUrl": "http://localhost:8080/customer-portal",
+            "baseUrl": "http://localhost:8080/customer-portal",
+            "redirectUris": [
+                "http://localhost:8080/customer-portal/*"
+            ],
+            "secret": "password"
+        }
+    ]
+}

testsuite/jetty/jetty92/src/test/resources/jetty-test/webapp/WEB-INF/keycloak.json

@@ -0,0 +1,10 @@
+{
+    "realm": "demo",
+    "resource": "customer-portal",
+    "realm-public-key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
+    "auth-server-url": "http://localhost:8081/auth",
+    "ssl-required" : "external",
+    "credentials": {
+        "secret": "password"
+    }
+}

testsuite/pom.xml

@@ -27,7 +27,8 @@
     <modules>
         <module>integration</module>
         <module>tomcat7</module>
-        <module>jetty9</module>
+        <module>jetty/jetty92</module>
+        <module>jetty/jetty91</module>
         <module>performance</module>
         <module>tools</module>
         <module>performance-web</module>