Hi.
I have done a workaround.
First of all, I install keycloak on the customer server. After that, I import realm and clients and I recreate the keys.
The keycloak.json inserted in my project has some variables:
{
"realm": "MyRealm",
"auth-server-url": "${auth.server.url}",
"ssl-required": "external",
"disable-trust-manager" : true,
"resource": "myclient",
"verify-token-audience": true,
"credentials": {
"secret": "${secret}"
},
"use-resource-role-mappings": true,
"confidential-port": 0,
"enable-cors" : true,
"cors-max-age" : 1,
"cors-allowed-headers" : "accept, authorization, content-type, x-requested-with, type",
"cors-allowed-methods" : "POST, PUT, DELETE, GET, HEAD",
"cors-exposed-headers" : "ETag,Location",
"policy-enforcer": {
"enforcement-mode" : "ENFORCING"
}
}
In maven i change the variables with some properties, so in the parent project i defined a profile for each customer and during compilation i’ll select the profile and Maven change the variable with values:
<profile>
<id>develop</id>
<properties>
<env>pluto</env>
<auth.server.url>https://localhost:38443/auth/</auth.server.url>
<secret>aad34b88-0aa8-4c23-b8bc-de5f3072c3c4</secret>
</properties>
</profile>
In pom.xml of my war:
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
<version>2.3</version>
<configuration>
<failOnMissingWebXml>false</failOnMissingWebXml>
<warName>${project.artifactId}</warName>
<archive>
<manifestEntries>
<Built-Time>${maven.build.timestamp}</Built-Time>
</manifestEntries>
</archive>
<webResources>
<resource>
<directory>src/main/webapp/WEB-INF</directory>
<targetPath>WEB-INF</targetPath>
<filtering>true</filtering>
</resource>
</webResources>
</configuration>
</plugin>
So:
- in WAR only add a “generic” keycloak.json and add the filter in pom.xml;
- in the EAR i did nothing
- in the maven parent project create a profile for each installation
- before the compilation, select the correct profile