This example demonstrates how you can use Apache CXF JAXRS with is secured by Keycloak with Spring Boot.
The quickstart uses Spring Boot to configure a little application that includes a CXF JAXRS endpoint with Swagger enabled, which is secured by Keycloak. Test client will fetch JWT access token from Keycloak using "Resource Owner Password Credentials" OAuth2 mode and using this token to access the REST endpoint.
|
Important
|
This quickstart can run in 1 modes: standalone on your machine. |
To run this quickstart as a standalone project on your local machine:
-
Download the project and extract the archive on your local filesystem.
-
Build the project:
$ cd PROJECT_DIR $ mvn clean package -
Run the service:
$ mvn spring-boot:run
This will start keycloak auth server with pre-defined configuration(./src/main/resources/keycloak-config/realm-export-new.json) along with CXF JAXRS SB2 endpoint.
-
Run the test:
$ mvn test -Dtest=IntegrationTest -
Insight of the test This test contains 2 test cases, demonstrates 2 different scenarios
-
testRestClientWithKeyCloakToken: this testcase sends a request with correct JWT(JSON WEB Token) to CXF JAXRS endpoint and expects a response.
-
testRestClientWithInvalidKeyCloakToken: this testcase intentionally sends a request with an incorrect JWT to CXF JAXRS endpoint and expects a "HTTP 401 Unauthorized" exception; this can prove CXF JAXRS endpoint is really secured by Keycloak.
-
You can then access the CXF JAXRS endpoint directly from your Web browser, e.g.:
Since the CXF JAXRS endpoint is secured by Keycloak, this will redirect request to Keycloak auth server
Input admin/passw0rd as username/password will fetch OAuth2 JWT token and redirect to the CXF JAXRS endpoint and the browser will display "Hello FIS, Welcome to CXF RS Spring Boot World!!!"