OAuth2 Access Token in Java EE Applications
Question
I'm trying to find a way to use OAuth2 Access Token authentication in a Java Enterprise application. So far, the only examples I've found are relevant to Spring Boot. For example, Spring Boot applications are able to define properties to access a Keycloak server and specify realm and client:
keycloak.realm=spring-boot-quickstart
keycloak.auth-server-url=http://localhost:8180/auth
keycloak.ssl-required=external
keycloak.resource=app-authz-rest-employee
keycloak.bearer-only=true
keycloak.credentials.secret=secret
keycloak.securityConstraints[0].authRoles[0]=user
keycloak.securityConstraints[0].securityCollections[0].name=protected
keycloak.securityConstraints[0].securityCollections[0].patterns[0]=/*
keycloak.policy-enforcer-config.enforcement-mode=ENFORCING
keycloak.policy-enforcer-config.claimInformationPointConfig.claims[http.uri]={request.relativePath}
Is there an equivalent configuration you can use for a Java Enterprise Application? Within the web.xml it seems you can only specify KEYCLOAK as auth-method:
<auth-method>KEYCLOAK</auth-method>
but that simply redirects to keycloak login challenge. I'd like rather to use Tokens. Maybe System Properties or other ways? Thanks
1 answers
solution1
0 2019-10-22 09:32:36
There are official examples of java ee sample applications secured by Keycloak
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.