keycloak-aplcache

KEYCLOAK-1023 Improve osgi packaging for hawtio. Fix typos …

1/29/2015 3:27:31 PM

in fuse example docs.

mposolda

Commit: 1d8ebd4

Tree: d189e90

Parents: 31f399e

Changes

distribution/osgi/jaas/src/main/resources/OSGI-INF/blueprint/blueprint.xml 2(+1 -1)

examples/fuse/README.md 8(+4 -4)

integration/adapter-core/pom.xml 2(+2 -0)

Details

distribution/osgi/jaas/src/main/resources/OSGI-INF/blueprint/blueprint.xml 2(+1 -1)

diff --git a/distribution/osgi/jaas/src/main/resources/OSGI-INF/blueprint/blueprint.xml b/distribution/osgi/jaas/src/main/resources/OSGI-INF/blueprint/blueprint.xml
index 562fcff..89a6e51 100644
--- a/distribution/osgi/jaas/src/main/resources/OSGI-INF/blueprint/blueprint.xml
+++ b/distribution/osgi/jaas/src/main/resources/OSGI-INF/blueprint/blueprint.xml
@@ -10,7 +10,7 @@
     <cm:property-placeholder persistent-id="org.keycloak" update-strategy="reload">
         <cm:default-properties>
             <cm:property name="jaasBearerKeycloakConfigFile" value="$[karaf.base]/etc/keycloak-hawtio.json"/>
-            <cm:property name="jaasBearerRolePrincipalClass" value=""/>
+            <cm:property name="jaasBearerRolePrincipalClass" value="org.apache.karaf.jaas.boot.principal.RolePrincipal"/>
 
             <cm:property name="jaasDirectAccessKeycloakConfigFile" value="$[karaf.base]/etc/keycloak-direct-access.json"/>
             <cm:property name="jaasDirectAccessRolePrincipalClass" value="org.apache.karaf.jaas.boot.principal.RolePrincipal"/>

examples/fuse/README.md 8(+4 -4)

diff --git a/examples/fuse/README.md b/examples/fuse/README.md
index 00d89dd..8b1508c 100644
--- a/examples/fuse/README.md
+++ b/examples/fuse/README.md
@@ -56,11 +56,11 @@ feature:repo-add mvn:org.keycloak.example.demo/keycloak-fuse-example-features/1.
 feature:install keycloak-fuse-example
 ```
 
-After that you can test running on [http://localhost:8080/customer-portal](http://localhost:8080/customer-portal) and login as "bburke@redhat.com" with password "password". Customer-portal is able to
+After that you can test running on [http://localhost:8181/customer-portal](http://localhost:8181/customer-portal) and login as "bburke@redhat.com" with password "password". Customer-portal is able to
 receive the response from the endpoints provided by `cxf-jaxrs` and `camel` applications. Note that camel endpoint is available just for users with role `admin`
 in this demo, so "bburke@redhat.com" can't access it. You may login as "admin" with password "password" in order to invoke camel endpoint.
 
-From [http://localhost:8080/product-portal](http://localhost:8080/product-portal) you will see servlet endpoint, which invokes JAX-WS provided by `cxf-jaxws` application.
+From [http://localhost:8181/product-portal](http://localhost:8181/product-portal) you will see servlet endpoint, which invokes JAX-WS provided by `cxf-jaxws` application.
 
 Note that this demo also secures whole default CXF endpoint on [http://localhost:8181/cxf](http://localhost:8181/cxf) hence every application running under it is secured too.  
 
@@ -129,7 +129,7 @@ recommended to use maven-bundle-plugin similarly like Fuse examples are doing, b
 as it's not used by application or Blueprint or Spring descriptor, but it's used just in jetty-web.xml file.
  
 **Servlet web application deployed by pax-whiteboard-extender** - Take a look at `product-portal-app` for inspiration. The needed steps are:
-* Keycloak provides PaxWebIntegrationService, which allows to inject jetty-authenticator.xml and configure security constraints for your application. 
+* Keycloak provides PaxWebIntegrationService, which allows to inject jetty-web.xml and configure security constraints for your application. 
 Example `product-portal-app` declares this in `OSGI-INF/blueprint/blueprint.xml` . Note that your servlet needs to depend on it. 
 * Steps 2,3 are same like for classic WAR
  
@@ -141,7 +141,7 @@ proper security constraints injected. Take a look at `OSGI-INF/blueprint/bluepri
      
 **Builtin web applications** - Some services automatically come with deployed servlets on startup. One of such examples is CXF servlet running on 
 [http://localhost:8181/cxf](http://localhost:8181/cxf) context. Securing such endpoints is quite tricky. The approach, which Keycloak is currently using, 
-is providing ServletUnregistrationService, which undeploys builtin servlet at startup, so you are able to re-deploy it again on context secured by Keycloak. 
+is providing ServletReregistrationService, which undeploys builtin servlet at startup, so you are able to re-deploy it again on context secured by Keycloak. 
 You can see the `OSGI-INF/blueprint/blueprint.xml` inside `cxf-jaxrs` project, which adds JAX-RS "customerservice" endpoint and more importantly, it secures whole `/cxf` context. 
 
 As a side effect, all other CXF services running on default CXF HTTP destination will be secured too. Once you uninstall feature "keycloak-fuse-example" the

integration/adapter-core/pom.xml 2(+2 -0)

diff --git a/integration/adapter-core/pom.xml b/integration/adapter-core/pom.xml
index 80fa568..bbcd626 100755
--- a/integration/adapter-core/pom.xml
+++ b/integration/adapter-core/pom.xml
@@ -20,6 +20,8 @@
         <keycloak.osgi.import>
             org.keycloak.*;version="${project.version}",
             org.apache.http.*;version=${keycloak.apache.httpcomponents.version},
+            org.apache.karaf.jaas.boot.principal;resolution:=optional,
+            org.apache.karaf.jaas.modules;resolution:=optional,
             *;resolution:=optional
         </keycloak.osgi.import>
     </properties>