Keycloak-Elytron secure ejbs

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Keycloak-Elytron secure ejbs

Besenti Samson

I am trying to configure elytron in wildfly 16 to secure ejbs using keycloak 6.0 that are accessed by a java client. Has anyone done a working example of this that I can follow? Specifically by way of the standalone.xml config and wildfly-config.xml. I have successfully stepped through an example using jboss properties file realm but getting lost when it comes to keycloak.


_______________________________________________
wildfly-dev mailing list
[hidden email]
https://lists.jboss.org/mailman/listinfo/wildfly-dev
Reply | Threaded
Open this post in threaded view
|

Re: Keycloak-Elytron secure ejbs

Pedro Igor Silva
Hi,

The elytron client configuration (wildfly-config.xml) can be configured to use the OAUTHBEARER [1]. You also need to configure SASL OAUTHBEARER on the server so that client and server can negotiate the mechanism.

The client configuration is using client credentials to obtain the token from Keycloak (or any other OAuth compliant server), but you can also use resource owner password grant type [2].

Regards,
Pedro Igor


On Thu, May 2, 2019 at 6:18 AM Besenti Samson <[hidden email]> wrote:

I am trying to configure elytron in wildfly 16 to secure ejbs using keycloak 6.0 that are accessed by a java client. Has anyone done a working example of this that I can follow? Specifically by way of the standalone.xml config and wildfly-config.xml. I have successfully stepped through an example using jboss properties file realm but getting lost when it comes to keycloak.

_______________________________________________
wildfly-dev mailing list
[hidden email]
https://lists.jboss.org/mailman/listinfo/wildfly-dev

_______________________________________________
wildfly-dev mailing list
[hidden email]
https://lists.jboss.org/mailman/listinfo/wildfly-dev