From d8df697ccf8eadfc883c41fc9ce34425616f76a1 Mon Sep 17 00:00:00 2001 From: Bill Burke Date: Fri, 17 Jan 2014 12:27:21 -0500 Subject: [PATCH] minor changes --- .../resources/admin/js/controllers/realm.js | 8 ++ .../en/en-US/modules/eap6-adapter.xml | 15 +++- .../src/main/webapp/WEB-INF/jboss-web.xml | 2 +- .../src/main/webapp/WEB-INF/jboss-web.xml | 2 +- .../src/main/webapp/WEB-INF/jboss-web.xml | 2 +- .../as7/BearerTokenAuthenticatorValve.java | 80 ------------------- ...e.java => KeycloakAuthenticatorValve.java} | 6 +- 7 files changed, 28 insertions(+), 87 deletions(-) delete mode 100755 integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/BearerTokenAuthenticatorValve.java rename integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/{OAuthAuthenticatorValve.java => KeycloakAuthenticatorValve.java} (95%) diff --git a/admin-ui/src/main/resources/META-INF/resources/admin/js/controllers/realm.js b/admin-ui/src/main/resources/META-INF/resources/admin/js/controllers/realm.js index aa6199320d..b7b113accc 100755 --- a/admin-ui/src/main/resources/META-INF/resources/admin/js/controllers/realm.js +++ b/admin-ui/src/main/resources/META-INF/resources/admin/js/controllers/realm.js @@ -117,6 +117,8 @@ module.controller('RealmCreateCtrl', function($scope, Current, Realm, $upload, $ $scope.save = function() { var realmCopy = angular.copy($scope.realm); + var ssl = window.location.protocol == 'https:'; + realmCopy.sslNotRequired = !ssl; console.log('creating new realm **'); Realm.create(realmCopy, function(data, headers) { var data = Realm.query(function() { @@ -438,6 +440,12 @@ module.controller('RealmDefaultRolesCtrl', function ($scope, Realm, realm, appli $scope.selectedRealmDefRoles = []; $scope.applications = angular.copy(applications); + for (var i = 0; i < applications.length; i++) { + if (applications[i].name == 'account') { + $scope.application = $scope.applications[i]; + break; + } + } $scope.availableAppRoles = []; $scope.selectedAppRoles = []; diff --git a/docbook/reference/en/en-US/modules/eap6-adapter.xml b/docbook/reference/en/en-US/modules/eap6-adapter.xml index 88ec08025a..391a27793a 100755 --- a/docbook/reference/en/en-US/modules/eap6-adapter.xml +++ b/docbook/reference/en/en-US/modules/eap6-adapter.xml @@ -45,7 +45,20 @@ the adapter's dependencies may conflict with your application's. - After creating the jboss-deployment-structure.xml configuration file, you must create + Next thing you have to do is turn on the Keycloak adapter for this deployment. To do this you must + create a WEB-INF/jboss-web.xml file and specify a a Keycloak valve. This will override + any login-config setting you have defined with web.xml + + + + + org.keycloak.adapters.as7.KeycloakAuthenticatorValve + +]]> + + + + After creating the jboss-web.xml configuration file, you must create a keycloak.json adapter config file within the WEB-INF directory of your WAR. The format of this config file is describe in the general adapter configuration section. diff --git a/examples/demo-template/customer-app/src/main/webapp/WEB-INF/jboss-web.xml b/examples/demo-template/customer-app/src/main/webapp/WEB-INF/jboss-web.xml index a28a2651c9..42df73f16c 100755 --- a/examples/demo-template/customer-app/src/main/webapp/WEB-INF/jboss-web.xml +++ b/examples/demo-template/customer-app/src/main/webapp/WEB-INF/jboss-web.xml @@ -1,5 +1,5 @@ - org.keycloak.adapters.as7.OAuthAuthenticatorValve + org.keycloak.adapters.as7.KeycloakAuthenticatorValve \ No newline at end of file diff --git a/examples/demo-template/database-service/src/main/webapp/WEB-INF/jboss-web.xml b/examples/demo-template/database-service/src/main/webapp/WEB-INF/jboss-web.xml index d1ca3931f9..42df73f16c 100755 --- a/examples/demo-template/database-service/src/main/webapp/WEB-INF/jboss-web.xml +++ b/examples/demo-template/database-service/src/main/webapp/WEB-INF/jboss-web.xml @@ -1,5 +1,5 @@ - org.keycloak.adapters.as7.BearerTokenAuthenticatorValve + org.keycloak.adapters.as7.KeycloakAuthenticatorValve \ No newline at end of file diff --git a/examples/demo-template/product-app/src/main/webapp/WEB-INF/jboss-web.xml b/examples/demo-template/product-app/src/main/webapp/WEB-INF/jboss-web.xml index a28a2651c9..42df73f16c 100755 --- a/examples/demo-template/product-app/src/main/webapp/WEB-INF/jboss-web.xml +++ b/examples/demo-template/product-app/src/main/webapp/WEB-INF/jboss-web.xml @@ -1,5 +1,5 @@ - org.keycloak.adapters.as7.OAuthAuthenticatorValve + org.keycloak.adapters.as7.KeycloakAuthenticatorValve \ No newline at end of file diff --git a/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/BearerTokenAuthenticatorValve.java b/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/BearerTokenAuthenticatorValve.java deleted file mode 100755 index 4cececc4f7..0000000000 --- a/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/BearerTokenAuthenticatorValve.java +++ /dev/null @@ -1,80 +0,0 @@ -package org.keycloak.adapters.as7; - -import org.apache.catalina.Lifecycle; -import org.apache.catalina.LifecycleEvent; -import org.apache.catalina.LifecycleException; -import org.apache.catalina.LifecycleListener; -import org.apache.catalina.authenticator.AuthenticatorBase; -import org.apache.catalina.connector.Request; -import org.apache.catalina.connector.Response; -import org.apache.catalina.core.StandardContext; -import org.apache.catalina.deploy.LoginConfig; -import org.jboss.logging.Logger; -import org.keycloak.adapters.ResourceMetadata; -import org.keycloak.adapters.as7.config.CatalinaAdapterConfigLoader; -import org.keycloak.representations.adapters.config.AdapterConfig; -import org.keycloak.adapters.config.AdapterConfigLoader; - -import javax.security.auth.login.LoginException; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; - -/** - * Uses a configured remote auth server to do Bearer token authentication only. SkeletonKeyTokens are used - * to provide user data and role mappings. - * - * @author Bill Burke - * @version $Revision: 1 $ - */ -public class BearerTokenAuthenticatorValve extends AuthenticatorBase implements LifecycleListener { - private static final Logger log = Logger.getLogger(BearerTokenAuthenticatorValve.class); - protected AdapterConfig adapterConfig; - protected ResourceMetadata resourceMetadata; - - @Override - public void start() throws LifecycleException { - super.start(); - StandardContext standardContext = (StandardContext) context; - standardContext.addLifecycleListener(this); - } - - @Override - public void lifecycleEvent(LifecycleEvent event) { - if (event.getType() == Lifecycle.AFTER_START_EVENT) init(); - } - - protected void init() { - AdapterConfigLoader adapterConfigLoader = new CatalinaAdapterConfigLoader(context); - adapterConfig = adapterConfigLoader.getAdapterConfig(); - adapterConfigLoader.init(); - resourceMetadata = adapterConfigLoader.getResourceMetadata(); - AuthenticatedActionsValve actions = new AuthenticatedActionsValve(adapterConfig, getNext(), getContainer(), getController()); - setNext(actions); - } - - @Override - public void invoke(Request request, Response response) throws IOException, ServletException { - try { - log.debugv("{0} {1}", request.getMethod(), request.getRequestURI()); - if (adapterConfig.isCors() && new CorsPreflightChecker(adapterConfig).checkCorsPreflight(request, response)) { - return; - } - super.invoke(request, response); - } finally { - } - } - - @Override - protected boolean authenticate(Request request, HttpServletResponse response, LoginConfig config) throws IOException { - try { - CatalinaBearerTokenAuthenticator bearer = new CatalinaBearerTokenAuthenticator(resourceMetadata, true, adapterConfig.isUseResourceRoleMappings()); - if (bearer.login(request, response)) { - return true; - } - return false; - } catch (LoginException e) { - } - return false; - } -} diff --git a/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/OAuthAuthenticatorValve.java b/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/KeycloakAuthenticatorValve.java similarity index 95% rename from integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/OAuthAuthenticatorValve.java rename to integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/KeycloakAuthenticatorValve.java index 056e80d40e..b1a53f2800 100755 --- a/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/OAuthAuthenticatorValve.java +++ b/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/KeycloakAuthenticatorValve.java @@ -45,9 +45,9 @@ import java.util.Set; * @author Bill Burke * @version $Revision: 1 $ */ -public class OAuthAuthenticatorValve extends FormAuthenticator implements LifecycleListener { +public class KeycloakAuthenticatorValve extends FormAuthenticator implements LifecycleListener { protected RealmConfiguration realmConfiguration; - private static final Logger log = Logger.getLogger(OAuthAuthenticatorValve.class); + private static final Logger log = Logger.getLogger(KeycloakAuthenticatorValve.class); protected UserSessionManagement userSessionManagement = new UserSessionManagement(); protected AdapterConfig adapterConfig; protected ResourceMetadata resourceMetadata; @@ -116,7 +116,7 @@ public class OAuthAuthenticatorValve extends FormAuthenticator implements Lifecy } // initiate or continue oauth2 protocol - oauth(request, response); + if (!adapterConfig.isBearerOnly()) oauth(request, response); } catch (LoginException e) { } return false;