use of org.keycloak.adapters.AdapterDeploymentContext in project openremote by openremote.
the class SimpleKeycloakServletExtension method handleDeployment.
@Override
@SuppressWarnings("UseSpecificCatch")
public void handleDeployment(DeploymentInfo deploymentInfo, ServletContext servletContext) {
AdapterDeploymentContext deploymentContext = new AdapterDeploymentContext(configResolver);
servletContext.setAttribute(AdapterDeploymentContext.class.getName(), deploymentContext);
UndertowUserSessionManagement userSessionManagement = new UndertowUserSessionManagement();
final NodesRegistrationManagement nodesRegistrationManagement = new NodesRegistrationManagement();
final ServletKeycloakAuthMech mech = createAuthenticationMechanism(deploymentInfo, deploymentContext, userSessionManagement, nodesRegistrationManagement);
UndertowAuthenticatedActionsHandler.Wrapper actions = new UndertowAuthenticatedActionsHandler.Wrapper(deploymentContext);
// setup handlers
deploymentInfo.addOuterHandlerChainWrapper(new ServletPreAuthActionsHandler.Wrapper(deploymentContext, userSessionManagement));
deploymentInfo.addAuthenticationMechanism(AUTH_MECHANISM, new AuthenticationMechanismFactory() {
@Override
public AuthenticationMechanism create(String s, FormParserFactory formParserFactory, Map<String, String> stringStringMap) {
return mech;
}
});
// authentication
// handles authenticated actions and cors.
deploymentInfo.addInnerHandlerChainWrapper(actions);
deploymentInfo.setIdentityManager(new IdentityManager() {
@Override
public Account verify(Account account) {
return account;
}
@Override
public Account verify(String id, Credential credential) {
throw new IllegalStateException("Should never be called in Keycloak flow");
}
@Override
public Account verify(Credential credential) {
throw new IllegalStateException("Should never be called in Keycloak flow");
}
});
log.debug("Setting jsession cookie path to: " + deploymentInfo.getContextPath());
ServletSessionConfig cookieConfig = new ServletSessionConfig();
cookieConfig.setPath(deploymentInfo.getContextPath());
deploymentInfo.setServletSessionConfig(cookieConfig);
ChangeSessionId.turnOffChangeSessionIdOnLogin(deploymentInfo);
deploymentInfo.addListener(new ListenerInfo(UndertowNodesRegistrationManagementWrapper.class, new InstanceFactory<UndertowNodesRegistrationManagementWrapper>() {
@Override
public InstanceHandle<UndertowNodesRegistrationManagementWrapper> createInstance() throws InstantiationException {
UndertowNodesRegistrationManagementWrapper listener = new UndertowNodesRegistrationManagementWrapper(nodesRegistrationManagement);
return new ImmediateInstanceHandle<UndertowNodesRegistrationManagementWrapper>(listener);
}
}));
}
use of org.keycloak.adapters.AdapterDeploymentContext in project vboard by voyages-sncf-technologies.
the class WebSecurityConfig method configureKeycloakSecurity.
protected void configureKeycloakSecurity(HttpSecurity http) throws Exception {
// Not @Autowiring those beans as they may not be available because of the @Conditional
final AdapterDeploymentContext adc = applicationContext.getBean(AdapterDeploymentContext.class);
final KeycloakPreAuthActionsFilter keycloakPreAuthActionsFilter = applicationContext.getBean(KeycloakPreAuthActionsFilter.class);
http.addFilterBefore(keycloakPreAuthActionsFilter, LogoutFilter.class).addFilterBefore(keycloakAuthenticationProcessingFilter(), BasicAuthenticationFilter.class).exceptionHandling().authenticationEntryPoint(new KeycloakAuthenticationEntryPoint(adc));
http.logout().addLogoutHandler(new KeycloakLogoutHandler(adc)).logoutUrl("/sso/logout").permitAll().logoutSuccessUrl("/");
}
Aggregations