Identity Management, One-Time-Passwords and Two-Factor-Auth with Spring Boot and Keycloak

Communicating with identity and access management systems is a common task for many web-applications exposing secured resources. Keycloak is an open source software that provides not also such authorization services but also offers a lot of features from Single-Sign-On, Identity-Brokering, Social-Login, User-Federation, multiple client-adapters up to the administration console or support for protocols like OpenID, SAML, OAuth2, Kerberos and more. I will demonstrate how to integrate a Spring Boot web application with Keycloak and configure an authentication flow that requires a two-factor-authentication with user credentials and also one-time-passwords. ...

November 26, 2017 · 10 min · 1918 words · Micha Kops

Maven Tomcat Plugin: Adding Authentication to an Embedded Tomcat

The Tomcat Maven Plugin not only allows us to deploy our mavenized application to an existing Tomcat server but also to run our web application with an embedded instance from our project’s directory. Recently I needed to add basic authentication to such an instance and wanted to share the steps necessary here Prerequisites We just need Maven and a JDK … Java Development Kit >= 6 Maven 3 Project Setup I am using the webapp archetype here We’re adding the following configuration for the Tomcat plugin to your pom.xml – my final descriptor is this one pom.xml...

October 12, 2011 · 3 min · 616 words · Micha Kops