如何使用jboss-cli添加keycloak子系统来保护WAR

时间:2017-07-20 14:54:25

标签: jboss wildfly-10 keycloak jboss-cli

我正在关注keycloak documentation以使用wildfly适配器子系统保护我的WAR。

我正在尝试使用jboss-cli.sh -

添加以下内容
#!/usr/bin/env python
# -*- coding: utf_8 -*-
"""
 Modbus TestKit: Implementation of Modbus protocol in python
 (C)2009 - Luc Jean - luc.jean@gmail.com
 (C)2009 - Apidev - http://www.apidev.fr
 This is distributed under GNU LGPL license, see license.txt
"""

import sys

import modbus_tk
import modbus_tk.defines as cst
from modbus_tk import modbus_rtu
import serial

#PORT = 0
PORT = '/dev/ttyUSB2'

def main():
    """main"""
    logger = modbus_tk.utils.create_logger(name="console", record_format="%(message)s")

    #Create the server
    server = modbus_rtu.RtuServer(serial.Serial(port=PORT, baudrate=9600, bytesize=8, parity='N', stopbits=1, xonxoff=0))

    try:
        logger.info("running...")
        logger.info("enter 'quit' for closing the server")

        server.start()

        slave_1 = server.add_slave(1)
        slave_1.add_block('0', cst.HOLDING_REGISTERS, 0, 100)
        while True:
            cmd = sys.stdin.readline()
            args = cmd.split(' ')

            if cmd.find('quit') == 0:
                sys.stdout.write('bye-bye\r\n')
                break

            elif args[0] == 'add_slave':
                slave_id = int(args[1])
                server.add_slave(slave_id)
                sys.stdout.write('done: slave %d added\r\n' % (slave_id))

            elif args[0] == 'add_block':
                slave_id = int(args[1])
                name = args[2]
                block_type = int(args[3])
                starting_address = int(args[4])
                length = int(args[5])
                slave = server.get_slave(slave_id)
                slave.add_block(name, block_type, starting_address, length)
                sys.stdout.write('done: block %s added\r\n' % (name))

            elif args[0] == 'set_values':
                slave_id = int(args[1])
                name = args[2]
                address = int(args[3])
                values = []
                for val in args[4:]:
                    values.append(int(val))
                slave = server.get_slave(slave_id)
                slave.set_values(name, address, values)
                values = slave.get_values(name, address, len(values))
                sys.stdout.write('done: values written: %s\r\n' % (str(values)))

            elif args[0] == 'get_values':
                slave_id = int(args[1])
                name = args[2]
                address = int(args[3])
                length = int(args[4])
                slave = server.get_slave(slave_id)
                values = slave.get_values(name, address, length)
                sys.stdout.write('done: values read: %s\r\n' % (str(values)))

            else:
                sys.stdout.write("unknown command %s\r\n" % (args[0]))
    finally:
        server.stop()

if __name__ == "__main__":
    main()

然而,"凭证"属性无法识别:

<secure-deployment name="WAR MODULE NAME.war">
  <realm>bkofc</realm>
  <auth-server-url>http://192.168.99.100:30001/auth</auth-server-url>
  <bearer-only>true</bearer-only>
  <ssl-required>EXTERNAL</ssl-required>
  <resource>bkofc-svc</resource>
  <credential name="secret">9bcc6d9f-9c72-4b58-b297-79f0f207d9e1</credential>
  <use-resource-role-mappings>true</use-resource-role-mappings>
</secure-deployment>

如果没有凭据属性,则会正确添加其余内容。

我该如何解决这个问题?

1 个答案:

答案 0 :(得分:0)

您必须稍后添加凭据,您应该尝试类似:

/subsystem=keycloak/securedeployment=my.war/:add(realm=bkofc,auth-server-url=http://192.168.99.100/30001/auth, bearer-only=true, ssl-required=EXTERNAL, resource=bkofc-svc, use-resource-role-mappings=true)

/subsystem=keycloak/secure-deployment=my.war/credential=secret:add(value="9bcc6d9f-9c72-4b58-b297-79f0f207d9e1")