Magnolia Keycloak Security

Magnolia Keycloak JAAS Authentication module

License

License

Categories

Categories

Security KeY Data Data Formats Formal Verification Keycloak
GroupId

GroupId

org.sevensource.magnolia
ArtifactId

ArtifactId

magnolia-module-keycloak-security
Last Version

Last Version

1.1.0
Release Date

Release Date

Type

Type

jar
Description

Description

Magnolia Keycloak Security
Magnolia Keycloak JAAS Authentication module
Project URL

Project URL

http://www.github.com/sevensource/magnolia-module-keycloak-security
Project Organization

Project Organization

SevenSource, pgaschuetz
Source Code Management

Source Code Management

http://github.com/sevensource/magnolia-module-keycloak-security/tree/master

Download magnolia-module-keycloak-security

How to add to project

<!-- https://jarcasting.com/artifacts/org.sevensource.magnolia/magnolia-module-keycloak-security/ -->
<dependency>
    <groupId>org.sevensource.magnolia</groupId>
    <artifactId>magnolia-module-keycloak-security</artifactId>
    <version>1.1.0</version>
</dependency>
// https://jarcasting.com/artifacts/org.sevensource.magnolia/magnolia-module-keycloak-security/
implementation 'org.sevensource.magnolia:magnolia-module-keycloak-security:1.1.0'
// https://jarcasting.com/artifacts/org.sevensource.magnolia/magnolia-module-keycloak-security/
implementation ("org.sevensource.magnolia:magnolia-module-keycloak-security:1.1.0")
'org.sevensource.magnolia:magnolia-module-keycloak-security:jar:1.1.0'
<dependency org="org.sevensource.magnolia" name="magnolia-module-keycloak-security" rev="1.1.0">
  <artifact name="magnolia-module-keycloak-security" type="jar" />
</dependency>
@Grapes(
@Grab(group='org.sevensource.magnolia', module='magnolia-module-keycloak-security', version='1.1.0')
)
libraryDependencies += "org.sevensource.magnolia" % "magnolia-module-keycloak-security" % "1.1.0"
[org.sevensource.magnolia/magnolia-module-keycloak-security "1.1.0"]

Dependencies

compile (3)

Group / Artifact Type Version
org.keycloak : keycloak-adapter-core jar 3.2.0.Final
org.keycloak : keycloak-core jar 3.2.0.Final
org.jboss.logging : jboss-logging jar 3.3.1.Final

provided (1)

Group / Artifact Type Version
info.magnolia » magnolia-jaas jar

Project Modules

There are no modules declared in this project.

GitHub Tag Maven Central License

magnolia-module-keycloak-security

Keycloak SSO/IAM integration for Magnolia 5.5, 5.6

This module delegates authentication - in addition to Magnolias builtin authentication mechanisms - to Keycloak.

This module delegates authentication - in addition to Magnolias builtin authentication mechanisms - to Keycloak.

Contributions welcome!

Installation

  • create a client in Keycloak with Direct Access Grants enabled
  • export the configuration in Keycloak OIDC JSON format from the Installation tab
  • save the configuration file into your projects classpath, i.e. src/main/resources/keycloak.json
  • configure src/main/webapp/WEB-INF/config/jaas.config to include the KeycloakAuthenticationModule:
magnolia {
  info.magnolia.jaas.sp.jcr.JCRAuthenticationModule optional realm=system;

  org.sevensource.magnolia.keycloak.security.KeycloakLoginModuleAdapter requisite realm=external skip_on_previous_success=true;
  info.magnolia.jaas.sp.jcr.JCRAuthorizationModule required;
};

Configuration

All additional configuration is stored in Magnolias JCR.

  • login into magnolia using the superuser account
  • go into Configurations App and navigate to /modules/keycloak-security/config and add your keycloakConfigFile, i.e. classpath:keycloak.json
  • the module features a RoleMapper, which maps Keycloak roles to Magnolia roles. It is configured in /modules/keycloak-security/config/roleMapper.
  • the module installs a UserManager into /server/security/userManagers/external which can be used as an extension point for customisation
org.sevensource.magnolia

SevenSource

Versions

Version
1.1.0
1.0.0