From 41bbec0fa7d767536d892c4ad76dadcb54aa796f Mon Sep 17 00:00:00 2001 From: Sam Huang Date: Tue, 23 Mar 2021 10:16:47 -0600 Subject: Add keycloak integration Issue-ID: AAI-3298 Signed-off-by: Sam Huang Change-Id: I2d99769ab8d189d61de610ec020b15a8fe0aa652 --- .../src/main/resources/application-keycloak.properties | 13 +++++++++++++ aai-traversal/src/main/resources/application.properties | 11 +++++++++-- 2 files changed, 22 insertions(+), 2 deletions(-) create mode 100644 aai-traversal/src/main/resources/application-keycloak.properties (limited to 'aai-traversal/src/main/resources') diff --git a/aai-traversal/src/main/resources/application-keycloak.properties b/aai-traversal/src/main/resources/application-keycloak.properties new file mode 100644 index 0000000..86adb59 --- /dev/null +++ b/aai-traversal/src/main/resources/application-keycloak.properties @@ -0,0 +1,13 @@ +spring.autoconfigure.exclude=\ + org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,\ + org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration + +multi.tenancy.enabled=true +keycloak.auth-server-url=http://localhost:8180/auth +keycloak.realm=aai-traversal +keycloak.resource=aai-traversal-app +keycloak.public-client=false +keycloak.principal-attribute=preferred_username + +keycloak.ssl-required=external +keycloak.bearer-only=true diff --git a/aai-traversal/src/main/resources/application.properties b/aai-traversal/src/main/resources/application.properties index 14d6b64..a22f708 100644 --- a/aai-traversal/src/main/resources/application.properties +++ b/aai-traversal/src/main/resources/application.properties @@ -9,7 +9,11 @@ spring.jersey.type=filter spring.main.allow-bean-definition-overriding=true server.servlet.context-path=/ -spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration +spring.autoconfigure.exclude=\ + org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,\ + org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration,\ + org.keycloak.adapters.springboot.KeycloakAutoConfiguration,\ + org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration spring.jersey.application-path=${schema.uri.base.path} @@ -27,7 +31,7 @@ server.basic.auth.location=${server.local.startpath}etc/auth/realm.properties server.port=8446 server.ssl.enabled-protocols=TLSv1.1,TLSv1.2 - +server.compression.excluded-user-agents= # By default spring boot jetty will exclude the following ciphers # We need to specifically add this to support tls v1.1 server.ssl.ciphers=^.*_(MD5|SHA|SHA1)$ @@ -35,7 +39,10 @@ server.ssl.client-auth=want server.ssl.key-store-type=JKS # Start of Internal Specific Properties +# Switch to one-way-ssl spring.profiles.active=production,one-way-ssl +# Switch to keycloak +#spring.profiles.active=production, keycloak ### server.certs.location=${server.local.startpath}etc/auth/ server.keystore.name.pkcs12=aai_keystore -- cgit 1.2.3-korg