jboss/jbpm-server-full:latest and keycloak-adapter

[Bjoern Meier]

Hi,

I try to integrate keycloak with the adapter subsystem in wildfly 23.0.2 with the latest dockerimage.

so my secure-deployment ist for business-central.war

the installation with the jboss-cli works just fine

but when I restart I get 

ERROR [org.jboss.msc.service.fail] (ServerService Thread Pool -- 91) MSC000001: Failed to start service jboss.deployment.unit."business-central.war".undertow-deployment: org.jboss.msc.service.StartException in service jboss.deployment.unit."business-central.war".undertow-deployment: java.lang.RuntimeException: java.lang.IllegalStateException: The required mechanism 'KEYCLOAK' is not available in mechanisms [BASIC, CLIENT_CERT, DIGEST, FORM] from the HttpAuthenticationFactory.

the mechanism is described in the standalone.xml

How can I provide the mechanism for business-central?

Greetings,

Björn

 

[Bjoern Meier]

Ok, I got it by myself.

For everyone coming from google, there is something you must understand. The documentation assumes you have a new application and want to deploy it with keycloak SSO. the jBPM included business-central.war does not have the login methods to use OIDC - which will be included in wildfly 25 (current wildfly is 23.02). The trick is to have an application that gets a login-session for you with keycloak. This application can you get here.

BUT: the combination of wildfly23, KIE-SERVER: 7.61.0 (jboss/jbpm-server-full) with the latest keycloak adapter (16.1.0) DOESN'T work. I think the quickstart-application isn't up to date.

My solution was the combination of wildfly19, KIE-SERVER 7.56.0 and keycloak-adapter 14.0.0

Problem here: you have to manually update maven, which ist just a tar.gz DL and setting the right environment variables.

If anyone can explain how I can implement the keycloak mechanism in wildfly23 with keycloak-adapter 16.1.0 I can fix the quickstart-application and append a patch (here and a PR).

Hope someone can help.

Greetings,

Björn