Example 1 with AdapterDeploymentContext
use of org.keycloak.adapters.AdapterDeploymentContext in project openremote by openremote.
the class SimpleKeycloakServletExtension method handleDeployment.
@Override
@SuppressWarnings("UseSpecificCatch")
public void handleDeployment(DeploymentInfo deploymentInfo, ServletContext servletContext) {
AdapterDeploymentContext deploymentContext = new AdapterDeploymentContext(configResolver);
servletContext.setAttribute(AdapterDeploymentContext.class.getName(), deploymentContext);
UndertowUserSessionManagement userSessionManagement = new UndertowUserSessionManagement();
final NodesRegistrationManagement nodesRegistrationManagement = new NodesRegistrationManagement();
final ServletKeycloakAuthMech mech = createAuthenticationMechanism(deploymentInfo, deploymentContext, userSessionManagement, nodesRegistrationManagement);
UndertowAuthenticatedActionsHandler.Wrapper actions = new UndertowAuthenticatedActionsHandler.Wrapper(deploymentContext);
// setup handlers
deploymentInfo.addOuterHandlerChainWrapper(new ServletPreAuthActionsHandler.Wrapper(deploymentContext, userSessionManagement));
deploymentInfo.addAuthenticationMechanism(AUTH_MECHANISM, new AuthenticationMechanismFactory() {
@Override
public AuthenticationMechanism create(String s, FormParserFactory formParserFactory, Map<String, String> stringStringMap) {
return mech;
}
});
// authentication
// handles authenticated actions and cors.
deploymentInfo.addInnerHandlerChainWrapper(actions);
deploymentInfo.setIdentityManager(new IdentityManager() {
@Override
public Account verify(Account account) {
return account;
}
@Override
public Account verify(String id, Credential credential) {
throw new IllegalStateException("Should never be called in Keycloak flow");
}
@Override
public Account verify(Credential credential) {
throw new IllegalStateException("Should never be called in Keycloak flow");
}
});
log.debug("Setting jsession cookie path to: " + deploymentInfo.getContextPath());
ServletSessionConfig cookieConfig = new ServletSessionConfig();
cookieConfig.setPath(deploymentInfo.getContextPath());
deploymentInfo.setServletSessionConfig(cookieConfig);
ChangeSessionId.turnOffChangeSessionIdOnLogin(deploymentInfo);
deploymentInfo.addListener(new ListenerInfo(UndertowNodesRegistrationManagementWrapper.class, new InstanceFactory<UndertowNodesRegistrationManagementWrapper>() {
@Override
public InstanceHandle<UndertowNodesRegistrationManagementWrapper> createInstance() throws InstantiationException {
UndertowNodesRegistrationManagementWrapper listener = new UndertowNodesRegistrationManagementWrapper(nodesRegistrationManagement);
return new ImmediateInstanceHandle<UndertowNodesRegistrationManagementWrapper>(listener);
}
}));
}
Also used :
Account(io.undertow.security.idm.Account)
IdentityManager(io.undertow.security.idm.IdentityManager)
Credential(io.undertow.security.idm.Credential)
NodesRegistrationManagement(org.keycloak.adapters.NodesRegistrationManagement)
AuthenticationMechanism(io.undertow.security.api.AuthenticationMechanism)
AdapterDeploymentContext(org.keycloak.adapters.AdapterDeploymentContext)
FormParserFactory(io.undertow.server.handlers.form.FormParserFactory)
ImmediateInstanceHandle(io.undertow.servlet.util.ImmediateInstanceHandle)
AuthenticationMechanismFactory(io.undertow.security.api.AuthenticationMechanismFactory)
Example 2 with AdapterDeploymentContext
use of org.keycloak.adapters.AdapterDeploymentContext in project vboard by voyages-sncf-technologies.
the class WebSecurityConfig method configureKeycloakSecurity.
protected void configureKeycloakSecurity(HttpSecurity http) throws Exception {
// Not @Autowiring those beans as they may not be available because of the @Conditional
final AdapterDeploymentContext adc = applicationContext.getBean(AdapterDeploymentContext.class);
final KeycloakPreAuthActionsFilter keycloakPreAuthActionsFilter = applicationContext.getBean(KeycloakPreAuthActionsFilter.class);
http.addFilterBefore(keycloakPreAuthActionsFilter, LogoutFilter.class).addFilterBefore(keycloakAuthenticationProcessingFilter(), BasicAuthenticationFilter.class).exceptionHandling().authenticationEntryPoint(new KeycloakAuthenticationEntryPoint(adc));
http.logout().addLogoutHandler(new KeycloakLogoutHandler(adc)).logoutUrl("/sso/logout").permitAll().logoutSuccessUrl("/");
}
Also used :
AdapterDeploymentContext(org.keycloak.adapters.AdapterDeploymentContext)
KeycloakLogoutHandler(org.keycloak.adapters.springsecurity.authentication.KeycloakLogoutHandler)
LogoutFilter(org.springframework.security.web.authentication.logout.LogoutFilter)
KeycloakPreAuthActionsFilter(org.keycloak.adapters.springsecurity.filter.KeycloakPreAuthActionsFilter)
KeycloakAuthenticationEntryPoint(org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationEntryPoint)
Aggregations
AdapterDeploymentContext (org.keycloak.adapters.AdapterDeploymentContext)2
AuthenticationMechanism (io.undertow.security.api.AuthenticationMechanism)1
AuthenticationMechanismFactory (io.undertow.security.api.AuthenticationMechanismFactory)1
Account (io.undertow.security.idm.Account)1
Credential (io.undertow.security.idm.Credential)1
IdentityManager (io.undertow.security.idm.IdentityManager)1
FormParserFactory (io.undertow.server.handlers.form.FormParserFactory)1
ImmediateInstanceHandle (io.undertow.servlet.util.ImmediateInstanceHandle)1
NodesRegistrationManagement (org.keycloak.adapters.NodesRegistrationManagement)1
KeycloakAuthenticationEntryPoint (org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationEntryPoint)1
KeycloakLogoutHandler (org.keycloak.adapters.springsecurity.authentication.KeycloakLogoutHandler)1
KeycloakPreAuthActionsFilter (org.keycloak.adapters.springsecurity.filter.KeycloakPreAuthActionsFilter)1
LogoutFilter (org.springframework.security.web.authentication.logout.LogoutFilter)1
