In this video, we will secure a JavaEE REST API using Keycloak. This is a companion video of my previous tutorial available at https://gtw15...
In this video, we will secure a JavaEE REST API using Keycloak.
This is a companion video of my previous tutorial available at https://gtw1526.blogspot.com/2019/08/how-to-secure-angular-app-with-keycloak.html.
Needless to say, we first need to go through that tutorial before this one. Things to remember:
- Make sure that the environment is correctly set (take note of base and API URL). Remember that I’m running Keycloak on another machine, thus I’m using a network IP and port 8080. You can run Keycloak on the same machine by updating the standalone configuration, port-offset value at the end of the file (do message me if you need help)
- The API call is in the home component.
- Http interceptor is at secure-http-interceptor.ts file.
- Keycloak server must be running
Before we can run the app we first need to configure the Wildfly server where we will deploy the API project. I’m using version 15.
- Download Keycloak’s client from their website that matches your Keycloak installation, in our case keycloak-wildfly-adapter-dist-6.0.1.
- Extract and copy into the Wildfly folder. It should have 3 folders: bin, docs, and modules.
- Go to the bin folder and run jboss-cli.bat --file=adapter-install-offline.cli. Your keycloak subsystem should’ve been installed on standalone.xml. If you need to work on another configuration like standalone-full then edit adapter-install-offline.cli and change the server.config parameter.
- There should be a keycloak.json configuration that we can download from the Keycloak server in the project’s src/main/webapp/WEB-INF folder.
- JaxRsActivator, where we define the package location of the REST API and configure a cors filter.
- AnimeRs, which is an interface annotated with @Path, that tells us this is a REST endpoint. In here, we have a GET method that returns a list of string.
- AnimeRsImpl, the implementation class.
COMMENTS