<dependency>
<groupId>de.faktorzehn.commons</groupId>
<artifactId>f10-commons-auth-oauth2-client</artifactId>
</dependency>
<dependency>
<groupId>de.faktorzehn.commons</groupId>
<artifactId>f10-commons-auth-oauth2-resourceserver</artifactId>
</dependency>
<dependency>
<groupId>de.faktorzehn.commons</groupId>
<artifactId>f10-commons-spring-autoconfiguration</artifactId>
</dependency>
English Documentation
Single-Sign-On (SSO)
The Product Designer can also be operated with single-sign-on. The archetype can be used to generate the application with or without SSO. To set up SSO manually (or add it later), the following additional steps must be carried out.
In the configuration file src/main/resources/application.yml
the used Keycloak server must be configured, for example:
keycloak-client:
issuer-uri: <YOUR KEYCLOAK ISSUER-URI HERE>
spring:
security:
oauth2:
client:
registration:
oauth2:
client-id: <YOUR CLIENT ID HERE>
client-secret: <YOUR CLIENT SECRET HERE>
client-name: Product-Designer
scope: openid
redirect-uri: "{baseUrl}/login/oauth2/code/{registrationId}"
authorization-grant-type: authorization_code
f10-service-account:
client-id: <YOUR CLIENT ID HERE>
client-secret: <YOUR CLIENT SECRET HERE>
scope: openid
authorization-grant-type: client_credentials
provider: oauth2
provider:
oauth2:
issuer-uri: ${keycloak-client.issuer-uri}
user-name-attribute: preferred_username
resourceserver:
jwt:
issuer-uri: ${keycloak-client.issuer-uri}
For details, see the f10-commons documentation.
Additional beans must be added to SampleProductDesignerConfig.java
. Beans for a RoleMapper
and TenantMapper
are required. See also here the documentation of f10-commons. For the F10 environment, there is a special productdesigner-f10 module with ready-made implementations of the RoleMapper
and TenantMapper
.
These settings can be combined in a configuration class that could look like this:
@Primary
@Component
public class SampleProductDesignerConfig {
@Bean
RoleMapper roleMapper() {
return new F10ProductDesignerRoleMapper();
}
@Bean
TenantMapper tenantMapper() {
return new F10ProductDesignerTenantMapper();
}
@SessionScope
@Bean
public ProductDesignerPermissionService permissionService(Optional<User> user,
IModifiableRuntimeRepository repository,
ProductDesignerConfigurationProperties properties) {
return new DefaultProductDesignerPermissionService(user.orElse(new LocalUser()), repository,
properties.readOnlyMode() ? ProductDesignerMode.READ_ONLY_MODE : ProductDesignerMode.EDIT_MODE);
}
}
If the configuration class is new, do not forget to enter the corresponding package in scanBasePackages in the @SpringBootApplication annotation.
|