<dependency>
<groupId>org.wildfly.swarm</groupId>
<artifactId>keycloak</artifactId>
</dependency>
Single Sign On using Keycloak
Keycloak is an authentication and authorization server created by JBoss. It runs separate from any particular application. It acts as the primary authentication/authorization database of record and can also provide social-login capabilities.
WildFly Swarm provides easy integration with Keycloak.
Currently, WildFly Swarm supports version 2.1.0.Final.
Adding Keycloak support
To bring Keycloak integration to your application, you need the following dependency:
Once this is added, you can use the Secured
archive type to secure your application. The easiest way to integrate is by providing a keycloak.json
file in your application classpath and use .as(Secured.class)
.
JAXRSArchive deployment = ShrinkWrap.create(JAXRSArchive.class);
deployment.as(Secured.class);
By default, this only adds support, but not a requirement, on Keycloak. Anonymous users can still access the entire application. If they are authenticated, the SecurityContext
will be populated with the user’s information.
Protecting your application
You can also protect various aspects of your application after using .as(Secured.class)
by chaining calls to .protect(path)
deployment.as(Secured.class)
.protect( "/some-resource" )
.withMethod( "GET" )
.withRoles( "admin" );