You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@isis.apache.org by da...@apache.org on 2021/07/15 13:56:45 UTC
[isis-app-simpleapp] 02/02: ISIS-2793: hacking
This is an automated email from the ASF dual-hosted git repository.
danhaywood pushed a commit to branch ISIS-2793-keycloak-rewrite
in repository https://gitbox.apache.org/repos/asf/isis-app-simpleapp.git
commit 46d6faf5a0d34a318227c5069d4a4bafa8753156
Author: danhaywood <da...@haywood-associates.co.uk>
AuthorDate: Thu Jul 15 14:56:22 2021 +0100
ISIS-2793: hacking
---
pom.xml | 2 +-
webapp/pom.xml | 7 +++++
.../main/java/domainapp/webapp/AppManifest.java | 22 +++++++++-----
.../main/resources/config/application.properties | 35 ++++++++++++++++++++++
4 files changed, 58 insertions(+), 8 deletions(-)
diff --git a/pom.xml b/pom.xml
index df02610..71fd836 100644
--- a/pom.xml
+++ b/pom.xml
@@ -6,7 +6,7 @@
<parent>
<groupId>org.apache.isis.app</groupId>
<artifactId>isis-app-starter-parent</artifactId>
- <version>2.0.0-M5.20210713-0226-85ec9782</version>
+ <version>2.0.0-SNAPSHOT</version>
<relativePath/>
</parent>
diff --git a/webapp/pom.xml b/webapp/pom.xml
index f843b8e..330d616 100644
--- a/webapp/pom.xml
+++ b/webapp/pom.xml
@@ -70,8 +70,15 @@
<dependency>
<groupId>org.apache.isis.security</groupId>
+ <artifactId>isis-security-keycloak</artifactId>
+ </dependency>
+
+<!--
+ <dependency>
+ <groupId>org.apache.isis.security</groupId>
<artifactId>isis-security-shiro</artifactId>
</dependency>
+-->
<dependency>
<groupId>org.apache.isis.mavendeps</groupId>
diff --git a/webapp/src/main/java/domainapp/webapp/AppManifest.java b/webapp/src/main/java/domainapp/webapp/AppManifest.java
index e02e4e7..57272f0 100644
--- a/webapp/src/main/java/domainapp/webapp/AppManifest.java
+++ b/webapp/src/main/java/domainapp/webapp/AppManifest.java
@@ -1,19 +1,19 @@
package domainapp.webapp;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Import;
-import org.springframework.context.annotation.PropertySource;
-import org.springframework.context.annotation.PropertySources;
-
import org.apache.isis.core.config.presets.IsisPresets;
import org.apache.isis.core.runtimeservices.IsisModuleCoreRuntimeServices;
import org.apache.isis.extensions.flyway.impl.IsisModuleExtFlywayImpl;
import org.apache.isis.persistence.jpa.eclipselink.IsisModuleJpaEclipselink;
-import org.apache.isis.security.shiro.IsisModuleSecurityShiro;
+import org.apache.isis.security.bypass.authorization.AuthorizorBypass;
+import org.apache.isis.security.keycloak.IsisModuleSecurityKeycloak;
import org.apache.isis.testing.fixtures.applib.IsisModuleTestingFixturesApplib;
import org.apache.isis.testing.h2console.ui.IsisModuleTestingH2ConsoleUi;
import org.apache.isis.viewer.restfulobjects.jaxrsresteasy4.IsisModuleViewerRestfulObjectsJaxrsResteasy4;
import org.apache.isis.viewer.wicket.viewer.IsisModuleViewerWicketViewer;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Import;
+import org.springframework.context.annotation.PropertySource;
+import org.springframework.context.annotation.PropertySources;
import domainapp.webapp.application.ApplicationModule;
import domainapp.webapp.application.fixture.scenarios.DomainAppDemo;
@@ -23,7 +23,10 @@ import domainapp.webapp.quartz.QuartzModule;
@Configuration
@Import({
IsisModuleCoreRuntimeServices.class,
- IsisModuleSecurityShiro.class,
+
+ IsisModuleSecurityKeycloak.class,
+ AuthorizorBypass.class,
+
IsisModuleJpaEclipselink.class,
IsisModuleViewerRestfulObjectsJaxrsResteasy4.class,
IsisModuleViewerWicketViewer.class,
@@ -44,4 +47,9 @@ import domainapp.webapp.quartz.QuartzModule;
@PropertySource(IsisPresets.DebugDiscovery),
})
public class AppManifest {
+
+// @Bean
+// public LogoutHandler logout(LogoutHandlerWkt logoutHandlerWkt) {
+// return (request, response, authentication) -> logoutHandlerWkt.forceLogout();
+// }
}
diff --git a/webapp/src/main/resources/config/application.properties b/webapp/src/main/resources/config/application.properties
index 8a7dcce..ba6dfa2 100644
--- a/webapp/src/main/resources/config/application.properties
+++ b/webapp/src/main/resources/config/application.properties
@@ -25,6 +25,41 @@ eclipselink.create-ddl-jdbc-file-name=create-db-schema.sql
eclipselink.application-location=.
eclipselink.jpa.upper-case-column-names=false
+#keycloak.realm=simpleapp
+#keycloak.auth-server-url=http://localhost:9090/auth
+#keycloak.resource=simpleapp-client
+#keycloak.credentials.secret=ea64432f-ea0a-429e-b4c8-c91778ee74b3
+#keycloak.use-resource-role-mappings=true
+#
+#keycloak.securityConstraints[0].authRoles[0]=regular-user
+#keycloak.securityConstraints[0].securityCollections[0].name=secured
+#keycloak.securityConstraints[0].securityCollections[0].patterns[0]=/wicket
+##keycloak.securityConstraints[0].securityCollections[0].patterns[1]=/restful
+##keycloak.securityConstraints[0].securityCollections[0].patterns[2]=/logout
+
+
+server.port=8082
+
+kc.base-url=http://localhost:9090/auth
+kc.realm=demo
+kc.realm-url=${kc.base-url}/realms/${kc.realm}
+
+spring.security.oauth2.client.registration.demo.client-id=app-demo
+spring.security.oauth2.client.registration.demo.client-name=Demo App
+spring.security.oauth2.client.registration.demo.client-secret=e3f519b4-0272-4261-9912-8b7453ac4ecd
+spring.security.oauth2.client.registration.demo.provider=keycloak
+spring.security.oauth2.client.registration.demo.authorization-grant-type=authorization_code
+spring.security.oauth2.client.registration.demo.scope=openid, profile
+#spring.security.oauth2.client.registration.demo.redirect-uri={baseUrl}/wicket/
+spring.security.oauth2.client.registration.demo.redirect-uri={baseUrl}/login/oauth2/code/{registrationId}
+#spring.security.oauth2.client.registration.demo.redirect-uri={baseUrl}/wicket/signin
+spring.security.oauth2.client.provider.keycloak.authorization-uri=${kc.realm-url}/protocol/openid-connect/auth
+spring.security.oauth2.client.provider.keycloak.jwk-set-uri=${kc.realm-url}/protocol/openid-connect/certs
+spring.security.oauth2.client.provider.keycloak.token-uri=${kc.realm-url}/protocol/openid-connect/token
+spring.security.oauth2.client.provider.keycloak.user-name-attribute=preferred_username
+
+isis.viewer.wicket.logout.invalidate-sessiom=true
+
# uncomment to run during bootstrap
#isis.testing.fixtures.initial-script = domainapp.webapp.application.fixture.scenarios.DomainAppDemo