keycloak-scim/testsuite/integration-arquillian/test-apps/servlet-authz
Stefan Guilhen 3409a0c840 Fixes SAML tests in testsuite
- adds dependency to saaj-impl in saml core public
- updates test apps' web.xml files to use jakarta namespaces
- small cleanup in main pom
- changes order of e-mail servers in testsuite pom to enforce usage of greenmail (changes order in Undertow's classpath)

Closes #16711
2023-04-27 13:36:54 +02:00
..
src/main Fixes SAML tests in testsuite 2023-04-27 13:36:54 +02:00
keycloak-cache-disabled-authz-service.json Still test failures with BCFIPS approved mode due the hardcoded keys 2023-01-26 15:50:29 +01:00
keycloak-cache-lifespan-authz-service.json Still test failures with BCFIPS approved mode due the hardcoded keys 2023-01-26 15:50:29 +01:00
keycloak-claim-information-point-authz-service.json Still test failures with BCFIPS approved mode due the hardcoded keys 2023-01-26 15:50:29 +01:00
keycloak-lazy-load-authz-service.json Still test failures with BCFIPS approved mode due the hardcoded keys 2023-01-26 15:50:29 +01:00
keycloak-permissive-authz-service.json Still test failures with BCFIPS approved mode due the hardcoded keys 2023-01-26 15:50:29 +01:00
pom.xml Fix dependencies in testsuite, adapters and Quarkus module 2023-04-27 13:36:54 +02:00
README.md [KEYCLOAK-3372] - Adding tests for servlet authorization 2016-07-29 12:42:53 -03:00
servlet-authz-app-authz-service.json Removing upload scripts feature (#11117) 2022-04-20 14:25:16 +02:00
servlet-authz-realm.json Still test failures with BCFIPS approved mode due the hardcoded keys 2023-01-26 15:50:29 +01:00

About the Example Application

This is a simple Servlet-based application that will introduce you to some of the main concepts around Keycloak Authorization Services.

For this application, users can be regular users, premium users or administrators, where:

  • Regular users have very limited access.
  • Premium users have access to the premium area
  • Administrators have access to the administration area

In Keycloak, all the paths being protected are resources on the server.

This application will also show you how to create a dynamic menu with the permissions granted to an user.

Create the Example Realm and a Resource Server

Considering that your Keycloak Server is up and running, log in to the Keycloak Administration Console.

Now, create a new realm based on the following configuration file:

examples/authz/servlet-authz/servlet-authz-realm.json

That will import a pre-configured realm with everything you need to run this example. For more details about how to import a realm into Keycloak, check the Keycloak's reference documentation.

After importing that file, you'll have a new realm called servlet-authz.

Now, let's import another configuration using the Administration Console in order to configure the client application servlet-authz-app as a resource server with all resources, scopes, permissions and policies.

Click on Clients on the left side menu. Click on the servlet-authz-app on the client listing page. This will open the Client Details page. Once there, click on the Authorization tab.

Click on the Select file button, which means you want to import a resource server configuration. Now select the file that is located at:

examples/authz/servlet-authz/servlet-authz-app-config.json

Now click Upload and the resource server will be updated accordingly.

Deploy and Run the Example Applications

To deploy the example application, follow these steps:

cd examples/authz/servlet-authz
mvn clean package wildfly:deploy

Now, try to access the client application using the following URL:

http://localhost:8080/servlet-authz-app

If everything is correct, you will be redirect to Keycloak login page. You can login to the application with the following credentials:

  • username: jdoe / password: jdoe
  • username: alice / password: alice
  • username: admin / password: admin