I’m trying to secure a Vaadin 8 application with Keycloak by adding the following code to web.xml:
<security-constraint>
<web-resource-collection>
<web-resource-name>Patients</web-resource-name>
<url-pattern>/patientportal-login-vaadin/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>user</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>KEYCLOAK</auth-method>
<realm-name>uzb</realm-name>
</login-config>
<security-role>
<role-name>admin</role-name>
</security-role>
<security-role>
<role-name>user</role-name>
</security-role>
I also added a keycloak.json-file in the WEB-INF folder
{
"realm": "my-realm",
"auth-server-url": "http://localhost:8080/auth/",
"resource": "my-resource",
"public-client": true,
"enable-basic-auth": true,
"credentials" : {
"secret" : "my-secret"
}
}
Context.xml in the META-INF
<?xml version="1.0" encoding="UTF-8"?>
<Context path="/your-context-path">
<Valve className="org.keycloak.adapters.tomcat.KeycloakAuthenticatorValve"/>
</Context>
-> not sure what to fill in ‘path=’ though.
After that I put all the jars found in keycloak-tomcat-adapter-dist-10.0.1 in the apache-tomcat-8.5.55\lib directory. This should be enough to trigger a redirect to Keycloak, right? Problem is, when I deploy my application on Tomcat I get the error Cannot configure an authenticator for method [KEYCLOAK] which seems to indicate that I haven’t put the jars-files in the lib-directory of Tomcat, but I did. Am I missing something?