aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/aai/components/aai-traversal/resources/config
diff options
context:
space:
mode:
authorSam Huang <sam.huang@yoppworks.com>2021-03-26 13:27:17 -0600
committerSylvain Desbureaux <sylvain.desbureaux@orange.com>2021-05-06 18:33:27 +0000
commit56a6dd4a4fe0acd3a5ed25c5b601a1fa539215b8 (patch)
treea10cb889c93629b41355dd613f9207f0af7be701 /kubernetes/aai/components/aai-traversal/resources/config
parent5308e409a6f0ccfdc3c6cfa649d5dbd6878671eb (diff)
[AAI] Keycloak integration into aai-traversal
In order to support multi-tenancy, keycloak(https://www.keycloak.org/) as Identity and Access Management has been integrated into aai-traversal and needs to be configured accordignly based on created instance Issue-ID: AAI-3300 Signed-off-by: Sam Huang <sam.huang@yoppworks.com> Change-Id: I393fb98ef6ac9cc6f4bf9d476cd682531d15011e
Diffstat (limited to 'kubernetes/aai/components/aai-traversal/resources/config')
-rw-r--r--kubernetes/aai/components/aai-traversal/resources/config/application-keycloak.properties13
1 files changed, 13 insertions, 0 deletions
diff --git a/kubernetes/aai/components/aai-traversal/resources/config/application-keycloak.properties b/kubernetes/aai/components/aai-traversal/resources/config/application-keycloak.properties
new file mode 100644
index 0000000000..dd1956b63f
--- /dev/null
+++ b/kubernetes/aai/components/aai-traversal/resources/config/application-keycloak.properties
@@ -0,0 +1,13 @@
+spring.autoconfigure.exclude=\
+ org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,\
+ org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration
+
+multi.tenancy.enabled={{ .Values.config.keycloak.multiTenancy.enabled }}
+keycloak.auth-server-url=http://{{ .Values.config.keycloak.host }}:{{ .Values.config.keycloak.port }}/auth
+keycloak.realm={{ .Values.config.keycloak.realm }}
+keycloak.resource={{ .Values.config.keycloak.resource }}
+keycloak.public-client=false
+keycloak.principal-attribute=preferred_username
+
+keycloak.ssl-required=external
+keycloak.bearer-only=true