Merge remote-tracking branch 'upstream/master'

This commit is contained in:
Bill Burke 2015-06-24 21:07:51 -04:00
commit be6c843bba
16 changed files with 246 additions and 255 deletions

View file

@ -35,11 +35,6 @@
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>Keycloak Client Connection Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet-mapping>
<servlet-name>Keycloak REST Interface</servlet-name>
<url-pattern>/*</url-pattern>

View file

@ -2,10 +2,10 @@ Keycloak Fuse demo
==================
Currently Keycloak supports securing your web applications running inside [JBoss Fuse](http://www.jboss.org/products/fuse/overview/) or [Apache Karaf](http://karaf.apache.org/). It leverages Jetty8 adapter
as both JBoss Fuse 6.1 and Apache Karaf 3 are bundled with [Jetty8](http://eclipse.org/jetty/) server under the covers and Jetty is used for running various kinds of web applications.
as both JBoss Fuse 6 and Apache Karaf 3 are bundled with [Jetty8](http://eclipse.org/jetty/) server under the covers and Jetty is used for running various kinds of web applications.
The Fuse example is slightly modified version of Keycloak base demo applications. The main difference among base demo is that for Fuse demo
are applications running on separate Fuse/Karaf server. Keycloak server is supposed to run separately on Wildfly 8 or JBoss EAP 6.3.
are applications running on separate Fuse/Karaf server. Keycloak server is supposed to run separately on Wildfly.
What is supported for Fuse/Karaf is:
* Security for classic WAR applications deployed on Fuse/Karaf with [pax-war extender](https://ops4j1.jira.com/wiki/display/ops4j/Pax+Web+Extender+-+War).
@ -13,7 +13,8 @@ What is supported for Fuse/Karaf is:
* Security for [Apache Camel](http://camel.apache.org/) Jetty endpoints running with [camel-jetty](http://camel.apache.org/jetty.html) component.
* Security for [Apache CXF](http://cxf.apache.org/) endpoints running on their own separate [Jetty engine](http://cxf.apache.org/docs/jetty-configuration.html).
Supports both securing JAX-RS and JAX-WS endpoints.
* Security for [Apache CXF](http://cxf.apache.org/) endpoints running on default engine provided by CXF servlet on [http://localhost:8181/cxf](http://localhost:8181/cxf)
* Security for [Apache CXF](http://cxf.apache.org/) endpoints running on default engine provided by CXF servlet on [http://localhost:8181/cxf](http://localhost:8181/cxf) . NOTE: Actually It's better and
more secure to use the separate Jetty Engine instead of the default one. The default engine works fine, but I would recommend the separate one.
Fuse demo contains those basic applications:
* **customer-app-fuse** A WAR application that is deployed with [pax-war extender](https://ops4j1.jira.com/wiki/display/ops4j/Pax+Web+Extender+-+War)
@ -30,18 +31,38 @@ Running of demo consists of 2 steps. First you need to run separate Keycloak ser
Base steps
----------
* Run external instance of Keycloak server on WildFly 8 or JBoss EAP 6.3 . Fuse demo suppose that server is running on [http://localhost:8080/auth](http://localhost:8080/auth)
* Run external instance of Keycloak server on WildFly . It's easiest to run and download Keycloak standalone server. Fuse demo suppose that server is running on [http://localhost:8080/auth](http://localhost:8080/auth)
* Import realm `demo` from the file testrealm.json on `examples/fuse/testrealm.json` . See [here](../demo-template/README.md#step-3-import-the-test-realm)
the details on how to import the realm
* Then build examples, which is needed so the feature repository is added to your local maven repo:
* Then download Keycloak examples and build Fuse example, which is needed so the feature repository is added to your local maven repo:
```
cd examples/fuse
unzip -q keycloak-examples-<VERSION>.zip
cd keycloak-examples-<VERSION>/fuse
mvn clean install
```
Run demo applications on Apache Karaf 3.0.2
-------------------------------------------
Running demo on JBoss Fuse 6.2
------------------------------
You just need to download and run JBoss Fuse and then run those commands from the karaf terminal to install the needed features and Keycloak fuse demo (Replace Keycloak versions with the current Keycloak version number):
```
features:addurl mvn:org.keycloak/keycloak-osgi-features/1.2.0.Beta1/xml/features
features:addurl mvn:org.keycloak.example.demo/keycloak-fuse-example-features/1.2.0.Beta1/xml/features
features:install keycloak-fuse-example
```
After that you can test running on [http://localhost:8181/customer-portal](http://localhost:8181/customer-portal) and login as "bburke@redhat.com" with password "password". Customer-portal is able to
receive the response from the endpoints provided by `cxf-jaxrs` and `camel` applications. Note that camel endpoint is available just for users with role `admin`
in this demo, so "bburke@redhat.com" can't access it. You may login as "admin" with password "password" in order to invoke camel endpoint.
From [http://localhost:8181/product-portal](http://localhost:8181/product-portal) you will see servlet endpoint, which invokes JAX-WS provided by `cxf-jaxws` application.
Note that this demo also secures whole default CXF endpoint on [http://localhost:8181/cxf](http://localhost:8181/cxf) hence every application running under it is secured too.
Running demo on Apache Karaf 3.0.3
----------------------------------
Demo is using Apache camel and Apache CXF, which are not in standalone Karaf by default. So you will need to install feature repositories for both of them.
Next step is to add feature repository for main set of Keycloak karaf features and for the demo. Once all feature URLs are added, you just need to install `keycloak-fuse-example` feature,
@ -57,23 +78,18 @@ feature:repo-add mvn:org.keycloak.example.demo/keycloak-fuse-example-features/1.
feature:install keycloak-fuse-example
```
After that you can test running on [http://localhost:8181/customer-portal](http://localhost:8181/customer-portal) and login as "bburke@redhat.com" with password "password". Customer-portal is able to
receive the response from the endpoints provided by `cxf-jaxrs` and `camel` applications. Note that camel endpoint is available just for users with role `admin`
in this demo, so "bburke@redhat.com" can't access it. You may login as "admin" with password "password" in order to invoke camel endpoint.
Now you can test example applications similarly like described for "JBoss Fuse 6.2" section.
From [http://localhost:8181/product-portal](http://localhost:8181/product-portal) you will see servlet endpoint, which invokes JAX-WS provided by `cxf-jaxws` application.
Note that this demo also secures whole default CXF endpoint on [http://localhost:8181/cxf](http://localhost:8181/cxf) hence every application running under it is secured too.
Running example on JBoss Fuse 6.1.0.redhat-379
----------------------------------------------
Running demo on JBoss Fuse 6.1.0.redhat-379
-------------------------------------------
Securing your applications on JBoss Fuse 6.1 is a bit more tricky. There is bug [https://ops4j1.jira.com/browse/PAXWEB-666](https://ops4j1.jira.com/browse/PAXWEB-666)
, which doesn't easily allow to secure default Jetty engine on [http://localhost:8181](http://localhost:8181) as it's not possible to inject
custom Jetty authenticator provided by Keycloak Jetty adapter into underlying Jetty server. Hence first step is to upgrade pax-web
version from default 3.0.6 to newer 3.1.2 . Then you need to "refresh" cxf feature too. Final step is to install "keycloak-fuse-example" feature.
All the steps could be performed with these commands in Fuse console (Replace Keycloak versions with the current Keycloak version number):
All the steps could be performed with these commands in Fuse console (Replace 1.2.0.Beta1 with the actual version number of Keycloak you are using):
```
features:uninstall pax-war
@ -84,7 +100,7 @@ features:removeurl mvn:org.ops4j.pax.web/pax-web-features/3.0.6/xml/features
```
Now restart fuse (use `osgi:shutdown` command and start it again from command line. You can ignore startup messages after restart
as pax-web is not installed at the moment. Then run those commands:
as pax-web is not installed at the moment. Then run those commands (replace 1.2.0.Beta1 with the actual version number of Keycloak you are using):
```
features:addurl mvn:org.ops4j.pax.web/pax-web-features/3.1.2/xml/features
@ -102,20 +118,8 @@ So last step is to install the demo now:
features:install keycloak-fuse-example
```
Now you can test example applications similarly like described for "Karaf" section.
Now you can test example applications similarly like described in "JBoss Fuse 6.2" section.
Running example on JBoss Fuse 6.2.0
-----------------------------------
This is snapshot version of JBoss Fuse, which is not released yet at this moment. It has pax-web bug mentioned above fix already, so just those commands are
sufficient to install the demo (Replace Keycloak versions with the current Keycloak version number):
```
features:addurl mvn:org.keycloak/keycloak-osgi-features/1.2.0.Beta1/xml/features
features:addurl mvn:org.keycloak.example.demo/keycloak-fuse-example-features/1.2.0.Beta1/xml/features
features:install keycloak-fuse-example
```
Now you can test example applications similarly like described for "Karaf" section.
How to secure your own applications
-----------------------------------

View file

@ -1,27 +0,0 @@
package org.keycloak.example.ws;
import javax.jws.WebMethod;
import javax.jws.WebParam;
import javax.jws.WebService;
import javax.xml.bind.annotation.XmlSeeAlso;
import javax.xml.ws.RequestWrapper;
import javax.xml.ws.ResponseWrapper;
import org.keycloak.example.ws.types.ObjectFactory;
@WebService
@XmlSeeAlso({ObjectFactory.class})
public interface Person {
@RequestWrapper(localName = "GetPerson", className = "GetPerson")
@ResponseWrapper(localName = "GetPersonResponse", className = "GetPersonResponse")
@WebMethod(operationName = "GetPerson")
public void getPerson(
@WebParam(mode = WebParam.Mode.INOUT, name = "personId")
javax.xml.ws.Holder<String> personId,
@WebParam(mode = WebParam.Mode.OUT, name = "ssn")
javax.xml.ws.Holder<String> ssn,
@WebParam(mode = WebParam.Mode.OUT, name = "name")
javax.xml.ws.Holder<String> name
) throws UnknownPersonFault;
}

View file

@ -1,22 +0,0 @@
package org.keycloak.example.ws;
import javax.jws.WebService;
import javax.xml.ws.Holder;
@WebService(serviceName = "PersonService", endpointInterface = "org.keycloak.example.ws.Person")
public class PersonImpl implements Person {
public void getPerson(Holder<String> personId, Holder<String> ssn, Holder<String> name)
throws UnknownPersonFault
{
if (personId.value == null || personId.value.length() == 0) {
org.keycloak.example.ws.types.UnknownPersonFault fault = new org.keycloak.example.ws.types.UnknownPersonFault();
fault.setPersonId(personId.value);
throw new UnknownPersonFault(null,fault);
} else {
name.value = "John Doe";
ssn.value = "123-456-7890";
}
}
}

View file

@ -0,0 +1,25 @@
package org.keycloak.example.ws;
import javax.jws.WebMethod;
import javax.jws.WebParam;
import javax.jws.WebService;
import javax.xml.bind.annotation.XmlSeeAlso;
import javax.xml.ws.RequestWrapper;
import javax.xml.ws.ResponseWrapper;
import org.keycloak.example.ws.types.ObjectFactory;
@WebService
@XmlSeeAlso({ObjectFactory.class})
public interface Product {
@RequestWrapper(localName = "GetProduct", className = "GetProduct")
@ResponseWrapper(localName = "GetProductResponse", className = "GetProductResponse")
@WebMethod(operationName = "GetProduct")
public void getProduct(
@WebParam(mode = WebParam.Mode.INOUT, name = "productId")
javax.xml.ws.Holder<String> productId,
@WebParam(mode = WebParam.Mode.OUT, name = "name")
javax.xml.ws.Holder<String> name
) throws UnknownProductFault;
}

View file

@ -0,0 +1,27 @@
package org.keycloak.example.ws;
import javax.jws.WebService;
import javax.xml.ws.Holder;
@WebService(serviceName = "ProductService", endpointInterface = "org.keycloak.example.ws.Product")
public class ProductImpl implements Product {
public void getProduct(Holder<String> productId, Holder<String> name)
throws UnknownProductFault
{
if (productId.value == null || productId.value.length() == 0) {
org.keycloak.example.ws.types.UnknownProductFault fault = new org.keycloak.example.ws.types.UnknownProductFault();
fault.setProductId(productId.value);
throw new UnknownProductFault(null,fault);
} else if (productId.value.trim().equals("1")) {
name.value = "IPad";
} else if (productId.value.trim().equals("2")) {
name.value = "IPhone";
} else {
org.keycloak.example.ws.types.UnknownProductFault fault = new org.keycloak.example.ws.types.UnknownProductFault();
fault.setProductId(productId.value);
throw new UnknownProductFault(null,fault);
}
}
}

View file

@ -1,36 +0,0 @@
package org.keycloak.example.ws;
import javax.xml.ws.WebFault;
@WebFault(name = "UnknownPersonFault")
public class UnknownPersonFault extends Exception {
public static final long serialVersionUID = 20081110144906L;
private org.keycloak.example.ws.types.UnknownPersonFault unknownPersonFault;
public UnknownPersonFault() {
super();
}
public UnknownPersonFault(String message) {
super(message);
}
public UnknownPersonFault(String message, Throwable cause) {
super(message, cause);
}
public UnknownPersonFault(String message, org.keycloak.example.ws.types.UnknownPersonFault unknownPersonFault) {
super(message);
this.unknownPersonFault = unknownPersonFault;
}
public UnknownPersonFault(String message, org.keycloak.example.ws.types.UnknownPersonFault unknownPersonFault, Throwable cause) {
super(message, cause);
this.unknownPersonFault = unknownPersonFault;
}
public org.keycloak.example.ws.types.UnknownPersonFault getFaultInfo() {
return this.unknownPersonFault;
}
}

View file

@ -0,0 +1,36 @@
package org.keycloak.example.ws;
import javax.xml.ws.WebFault;
@WebFault(name = "UnknownProductFault")
public class UnknownProductFault extends Exception {
public static final long serialVersionUID = 20081110144906L;
private org.keycloak.example.ws.types.UnknownProductFault unknownProductFault;
public UnknownProductFault() {
super();
}
public UnknownProductFault(String message) {
super(message);
}
public UnknownProductFault(String message, Throwable cause) {
super(message, cause);
}
public UnknownProductFault(String message, org.keycloak.example.ws.types.UnknownProductFault unknownProductFault) {
super(message);
this.unknownProductFault = unknownProductFault;
}
public UnknownProductFault(String message, org.keycloak.example.ws.types.UnknownProductFault unknownProductFault, Throwable cause) {
super(message, cause);
this.unknownProductFault = unknownProductFault;
}
public org.keycloak.example.ws.types.UnknownProductFault getFaultInfo() {
return this.unknownProductFault;
}
}

View file

@ -18,7 +18,7 @@ import javax.xml.bind.annotation.XmlType;
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;sequence>
* &lt;element name="personId" type="{http://www.w3.org/2001/XMLSchema}string"/>
* &lt;element name="productId" type="{http://www.w3.org/2001/XMLSchema}string"/>
* &lt;/sequence>
* &lt;/restriction>
* &lt;/complexContent>
@ -29,36 +29,36 @@ import javax.xml.bind.annotation.XmlType;
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "", propOrder = {
"personId"
"productId"
})
@XmlRootElement(name = "GetPerson")
public class GetPerson {
@XmlRootElement(name = "GetProduct")
public class GetProduct {
@XmlElement(required = true)
protected String personId;
protected String productId;
/**
* Gets the value of the personId property.
* Gets the value of the productId property.
*
* @return
* possible object is
* {@link String }
*
*/
public String getPersonId() {
return personId;
public String getProductId() {
return productId;
}
/**
* Sets the value of the personId property.
* Sets the value of the productId property.
*
* @param value
* allowed object is
* {@link String }
*
*/
public void setPersonId(String value) {
this.personId = value;
public void setProductId(String value) {
this.productId = value;
}
}

View file

@ -18,8 +18,7 @@ import javax.xml.bind.annotation.XmlType;
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;sequence>
* &lt;element name="personId" type="{http://www.w3.org/2001/XMLSchema}string"/>
* &lt;element name="ssn" type="{http://www.w3.org/2001/XMLSchema}string"/>
* &lt;element name="productId" type="{http://www.w3.org/2001/XMLSchema}string"/>*
* &lt;element name="name" type="{http://www.w3.org/2001/XMLSchema}string"/>
* &lt;/sequence>
* &lt;/restriction>
@ -31,66 +30,39 @@ import javax.xml.bind.annotation.XmlType;
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "", propOrder = {
"personId",
"ssn",
"productId",
"name"
})
@XmlRootElement(name = "GetPersonResponse")
public class GetPersonResponse {
@XmlRootElement(name = "GetProductResponse")
public class GetProductResponse {
@XmlElement(required = true)
protected String personId;
@XmlElement(required = true)
protected String ssn;
protected String productId;
@XmlElement(required = true)
protected String name;
/**
* Gets the value of the personId property.
* Gets the value of the productId property.
*
* @return
* possible object is
* {@link String }
*
*/
public String getPersonId() {
return personId;
public String getProductId() {
return productId;
}
/**
* Sets the value of the personId property.
* Sets the value of the productId property.
*
* @param value
* allowed object is
* {@link String }
*
*/
public void setPersonId(String value) {
this.personId = value;
}
/**
* Gets the value of the ssn property.
*
* @return
* possible object is
* {@link String }
*
*/
public String getSsn() {
return ssn;
}
/**
* Sets the value of the ssn property.
*
* @param value
* allowed object is
* {@link String }
*
*/
public void setSsn(String value) {
this.ssn = value;
public void setProductId(String value) {
this.productId = value;
}
/**

View file

@ -30,27 +30,27 @@ public class ObjectFactory {
}
/**
* Create an instance of {@link GetPersonResponse }
* Create an instance of {@link GetProductResponse }
*
*/
public GetPersonResponse createGetPersonResponse() {
return new GetPersonResponse();
public GetProductResponse createGetProductResponse() {
return new GetProductResponse();
}
/**
* Create an instance of {@link GetPerson }
* Create an instance of {@link GetProduct }
*
*/
public GetPerson createGetPerson() {
return new GetPerson();
public GetProduct createGetProduct() {
return new GetProduct();
}
/**
* Create an instance of {@link UnknownPersonFault }
* Create an instance of {@link UnknownProductFault }
*
*/
public UnknownPersonFault createUnknownPersonFault() {
return new UnknownPersonFault();
public UnknownProductFault createUnknownProductFault() {
return new UnknownProductFault();
}
}

View file

@ -18,7 +18,7 @@ import javax.xml.bind.annotation.XmlType;
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;sequence>
* &lt;element name="personId" type="{http://www.w3.org/2001/XMLSchema}string"/>
* &lt;element name="productId" type="{http://www.w3.org/2001/XMLSchema}string"/>
* &lt;/sequence>
* &lt;/restriction>
* &lt;/complexContent>
@ -29,36 +29,36 @@ import javax.xml.bind.annotation.XmlType;
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "", propOrder = {
"personId"
"productId"
})
@XmlRootElement(name = "UnknownPersonFault")
public class UnknownPersonFault {
@XmlRootElement(name = "UnknownProductFault")
public class UnknownProductFault {
@XmlElement(required = true)
protected String personId;
protected String productId;
/**
* Gets the value of the personId property.
* Gets the value of the productId property.
*
* @return
* possible object is
* {@link String }
*
*/
public String getPersonId() {
return personId;
public String getProductId() {
return productId;
}
/**
* Sets the value of the personId property.
* Sets the value of the productId property.
*
* @param value
* allowed object is
* {@link String }
*
*/
public void setPersonId(String value) {
this.personId = value;
public void setProductId(String value) {
this.productId = value;
}
}

View file

@ -64,7 +64,7 @@
</httpj:engine-factory>
<jaxws:endpoint
implementor="org.keycloak.example.ws.PersonImpl"
address="http://localhost:8282/PersonServiceCF" depends-on="kc-cxf-endpoint"/>
implementor="org.keycloak.example.ws.ProductImpl"
address="http://localhost:8282/ProductServiceCF" depends-on="kc-cxf-endpoint"/>
</beans>

View file

@ -24,7 +24,7 @@ Skip this step if you installed demo already.
sshRealm=keycloak
```
3) Copy file from Keycloak fuse examples `examples/fuse/fuse-admin/keycloak-direct-access.json` to `$FUSE_HOME/etc/` directory.
3) Copy file from Keycloak fuse examples `keycloak-examples-<VERSION>/fuse/fuse-admin/keycloak-direct-access.json` to `$FUSE_HOME/etc/` directory.
This file contains configuration of the client application, which is used by JAAS DirectAccessGrantsLoginModule from `keycloak` JAAS realm for SSH authentication.
4) Start Fuse and install `keycloak` JAAS realm into Fuse. This could be done easily by installing `keycloak-jaas` feature, which has JAAS realm predefined
@ -36,7 +36,7 @@ features:addurl mvn:org.keycloak/keycloak-osgi-features/1.2.0.Beta1/xml/features
features:install keycloak-jaas
```
5) Now let's type this from your terminal:
5) Now let's type this from your terminal to login via SSH as `admin` user:
```
ssh -o PubkeyAuthentication=no -p 8101 admin@localhost
@ -51,11 +51,10 @@ JMX authentication with keycloak credentials on JBoss Fuse 6.1
This may be needed in case if you really want to use jconsole or other external tool to perform remote connection to JMX through RMI. Otherwise it may
be better to use just hawt.io/jolokia as jolokia agent is installed in hawt.io by default.
1) In file `$FUSE_HOME/etc/org.apache.karaf.management.cfg` you can change these 2 properties:
1) In file `$FUSE_HOME/etc/org.apache.karaf.management.cfg` you can change this property:
```
jmxRealm=keycloak
jmxRole=org.keycloak.adapters.jaas.RolePrincipal:admin
```
2) In jconsole you can fill URL like:
@ -71,8 +70,8 @@ may be still able to access MBeans remotely via HTTP (Hawtio). So make sure to p
really protect JMX mbeans.
SSH and JMX on JBoss Fuse 6.2 and Apache Karaf 3.0.2
--------------------------------------------
SSH and JMX on JBoss Fuse 6.2 and Apache Karaf 3.0.3
----------------------------------------------------
For SSH steps are very similar to above for 6.1. In JBoss Fuse 6.2 you may need to install `ssh` feature as it doesn't seem to be installed here by default.
```
@ -80,11 +79,6 @@ features:install ssh
```
For JMX, the steps are similar like for Fuse 6.1, however there is more fine grained authorization for JMX access in Fuse 6.2 and Karaf 3.
You need to install just jmxRealm in `$FUSE_HOME/etc/org.apache.karaf.management.cfg` . Property `jmxRole` is no longer valid.
```
jmxRealm=keycloak
```
Actually if you login as user `admin`, you have very limited privileges without possibility to do much JMX operations as this user has just `admin` role, which is not allowed to do much in JMX.

View file

@ -19,12 +19,12 @@ import org.apache.cxf.jaxws.JaxWsProxyFactoryBean;
import org.apache.cxf.message.Message;
import org.keycloak.KeycloakSecurityContext;
import org.keycloak.constants.ServiceUrlConstants;
import org.keycloak.example.ws.Person;
import org.keycloak.example.ws.UnknownPersonFault;
import org.keycloak.example.ws.Product;
import org.keycloak.example.ws.UnknownProductFault;
import org.keycloak.util.KeycloakUriBuilder;
/**
* Servlet for receiving informations about products from backend JAXWS service. Actually it's about "persons" not "products" :)
* Servlet for receiving informations about products from backend JAXWS service
*
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
*/
@ -46,26 +46,27 @@ public class ProductPortalServlet extends HttpServlet {
out.println("<p>Goto: <a href=\"/customer-portal\">customers</a> | <a href=\"" + logoutUri + "\">logout</a> | <a href=\"" + acctUri + "\">manage acct</a></p>");
out.println("Servlet User Principal <b>" + req.getUserPrincipal() + "</b> made this request.");
String unsecuredWsClientResponse = sendWsReq(req, false);
String securedWsClientResponse = sendWsReq(req, true);
String unsecuredWsClientResponse = sendWsReq(req, "1", false);
String securedWsClientResponse = sendWsReq(req, "1", true);
String securedWsClient2Response = sendWsReq(req, "2", true);
out.println("<p>Person with ID 1 - unsecured request: <b>" + unsecuredWsClientResponse + "</b></p>");
out.println("<p>Person with ID 1 - secured request: <b>" + securedWsClientResponse + "</b></p>");
out.println("<p>Product with ID 1 - unsecured request (it should end with failure): <b>" + unsecuredWsClientResponse + "</b></p><br>");
out.println("<p>Product with ID 1 - secured request: <b>" + securedWsClientResponse + "</b></p><br>");
out.println("<p>Product with ID 2 - secured request: <b>" + securedWsClient2Response + "</b></p><br>");
out.println("</body></html>");
out.flush();
out.close();
}
private String sendWsReq(HttpServletRequest req, boolean secured) {
private String sendWsReq(HttpServletRequest req, String productId, boolean secured) {
JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean();
factory.setServiceClass(Person.class);
factory.setAddress("http://localhost:8282/PersonServiceCF");
factory.setServiceClass(Product.class);
factory.setAddress("http://localhost:8282/ProductServiceCF");
Person simpleClient = (Person)factory.create();
java.lang.String _getPerson_personIdVal = "1";
javax.xml.ws.Holder<java.lang.String> _getPerson_personId = new javax.xml.ws.Holder<java.lang.String>(_getPerson_personIdVal);
javax.xml.ws.Holder<java.lang.String> _getPerson_ssn = new javax.xml.ws.Holder<java.lang.String>();
javax.xml.ws.Holder<java.lang.String> _getPerson_name = new javax.xml.ws.Holder<java.lang.String>();
Product simpleClient = (Product)factory.create();
java.lang.String _getProduct_productIdVal = productId;
javax.xml.ws.Holder<java.lang.String> _getProduct_productId = new javax.xml.ws.Holder<java.lang.String>(_getProduct_productIdVal);
javax.xml.ws.Holder<java.lang.String> _getProduct_name = new javax.xml.ws.Holder<java.lang.String>();
// Attach Authorization header
if (secured) {
@ -79,12 +80,12 @@ public class ProductPortalServlet extends HttpServlet {
}
try {
simpleClient.getPerson(_getPerson_personId, _getPerson_ssn, _getPerson_name);
return String.format("Person received: id=%s, name=%s, ssn=%s", _getPerson_personId.value, _getPerson_name.value, _getPerson_ssn.value);
} catch (UnknownPersonFault upf) {
return "UnknownPersonFault has occurred. Details: " + upf.toString();
simpleClient.getProduct(_getProduct_productId, _getProduct_name);
return String.format("Product received: id=%s, name=%s", _getProduct_productId.value, _getProduct_name.value);
} catch (UnknownProductFault upf) {
return "UnknownProductFault has occurred. Details: " + upf.toString();
} catch (WebServiceException wse) {
String error = "Can't receive person. Reason: " + wse.getMessage();
String error = "Can't receive product. Reason: " + wse.getMessage();
if (wse.getCause() != null) {
Throwable cause = wse.getCause();
error = error + " Details: " + cause.getClass().getName() + ": " + cause.getMessage();

36
pom.xml
View file

@ -81,12 +81,14 @@
<greenmail.version>1.3.1b</greenmail.version>
<xmlsec.version>1.5.1</xmlsec.version>
<enforcer.plugin.version>1.4</enforcer.plugin.version>
<jboss.as.plugin.version>7.5.Final</jboss.as.plugin.version>
<wildfly.plugin.version>1.0.1.Final</wildfly.plugin.version>
<minify.plugin.version>1.7.2</minify.plugin.version>
<embedmongo.plugin.version>0.1.12</embedmongo.plugin.version>
<jmeter.plugin.version>1.9.0</jmeter.plugin.version>
<jmeter.analysis.plugin.version>1.0.4</jmeter.analysis.plugin.version>
<osgi.bundle.plugin.version>2.3.7</osgi.bundle.plugin.version>
</properties>
<url>http://keycloak.org</url>
@ -885,7 +887,8 @@
<groupId>org.keycloak</groupId>
<artifactId>keycloak-wf9-server-subsystem</artifactId>
<version>${project.version}</version>
</dependency> <dependency>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-subsystem</artifactId>
<version>${project.version}</version>
@ -1129,12 +1132,6 @@
<version>${project.version}</version>
<type>zip</type>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-server-overlay</artifactId>
<version>${project.version}</version>
<type>zip</type>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-wf8-adapter-dist</artifactId>
@ -1289,6 +1286,31 @@
<artifactId>wildfly-server-provisioning-maven-plugin</artifactId>
<version>${wildfly.build-tools.version}</version>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
<version>${enforcer.plugin.version}</version>
<executions>
<execution>
<id>enforce-maven</id>
<goals>
<goal>enforce</goal>
</goals>
<configuration>
<rules>
<requireMavenVersion>
<version>3.1.1</version>
</requireMavenVersion>
</rules>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.felix</groupId>
<artifactId>maven-bundle-plugin</artifactId>
<version>${osgi.bundle.plugin.version}</version>
</plugin>
</plugins>
</pluginManagement>
</build>