3

Hello every one I have just been trying out key-cloak for IAM and it seems a great tool to me but one thing that I can't seem to figure out is how to integrate it with my current JAX-rs web services that run on an embedded jetty container. As far as I have searched no key-cloak client adapters exist for embedded jetty server and the jetty 9.x adapters only seem to work for jetty standalone (non-embedded) server. Does this mean I have to implement my own client adapter by implementing ContaineRequestFilter class and analyzing the request headers and utilizing the token introspection endpoint for resource server authorization? Also is this how all other client adapters work or is it some other way?

flavio.donze
  • 7,432
  • 9
  • 58
  • 91
JayD
  • 748
  • 1
  • 13
  • 38
  • 1
    Hmm - I asked the same question the other day on their forum. Hope we get an answer: https://keycloak.discourse.group/t/embedded-jetty-spark-java-example/769 – Mike Mitterer Dec 22 '19 at 18:15
  • There's little to no difference between jetty standalone and embedded-jetty, if it exists for standlone it will work for embedded-jetty as well. Do you have a link to the standalone option for keycloak? – Joakim Erdfelt Dec 23 '19 at 15:39
  • @JoakimErdfelt heres the link describing for standalone jetty server and keycloak adapter for it https://www.keycloak.org/docs/latest/securing_apps/#_jetty9_adapter – JayD Dec 24 '19 at 06:15

1 Answers1

1

There are two interesting projects on github, which both use Spring Boot:

https://github.com/Baeldung/spring-security-oauth/tree/master/oauth-sso/sso-authorization-server

Documented here: https://www.baeldung.com/keycloak-embedded-in-spring-boot-app

If you prefer Jetty as embedded webserver, change the pom.xml:

Exclude tomcat

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-web</artifactId>
    <exclusions>
        <exclusion>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-tomcat</artifactId>
        </exclusion>
    </exclusions>
</dependency>

Add Jetty

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-jetty</artifactId>
    <scope>provided</scope>
</dependency>

Also this project is interesting: https://github.com/thomasdarimont/embedded-spring-boot-keycloak-server

flavio.donze
  • 7,432
  • 9
  • 58
  • 91
  • I tried it, but the app is now failing with `org.springframework.context.ApplicationContextException: Unable to start web server; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'securityConfiguration': Unsatisfied dependency expressed through field 'keycloakConfigResolver'; nested exception is org.springframework.beans.factory.BeanCurrentlyInCreationException: Error creating bean with name 'keycloakConfigResolver': Requested bean is currently in creation: Is there an unresolvable circular reference?` – Dmitriy Popov Mar 09 '21 at 15:44
  • The same code was working with Tomcat in Spring Boot, but I tried switching since Keycloak fails under JDK 15, see https://stackoverflow.com/questions/61932188/keycloak-server-caused-by-java-lang-classnotfoundexception-java-security-acl-g. – Dmitriy Popov Mar 09 '21 at 15:45
  • Circular dependency is with my class `public class SecurityConfiguration extends KeycloakWebSecurityConfigurerAdapter {` – Dmitriy Popov Mar 09 '21 at 15:58