Install Keycloak event listener¶
The CEDAR system needs to be notified every time when a login request is performed against the Keycloak authentication module.
In order to accomplish this, we have an event listener in place.
This even lister part of the CEDAR code base, and can be found in the cedar-keycloak-event-listener
repo.
You will need to install this event listener under Keycloak
Ideally this event listener should be updated all the times when a CEDAR build is performed. However, if there are no changes in the CEDAR codebase which will have an effect on the event listener, it is ok not to update the event listener.
Configure Keycloak¶
You will need to do this only once:
vi ${CEDAR_KEYCLOAK_HOME}/standalone/configuration/standalone.xml
Around Line #597
add the following <spi>
element to the enclosing <subsystem>
element (which begins with <subsystem xmlns="urn:jboss:domain:keycloak-server:1.1">
):
<spi name="eventsListener">
<provider name="CEDAR-event-listener" enabled="true">
<properties>
<property name="userEventList" value="["LOGIN"]"/>
<property name="userEventCallbackURL" value="http://${env.CEDAR_NET_GATEWAY}:${env.CEDAR_RESOURCE_HTTP_PORT}/command/auth-user-callback"/>
<property name="adminResourceList" value="["USER"]"/>
<property name="adminResourceCallbackURL" value="http://${env.CEDAR_NET_GATEWAY}:${env.CEDAR_RESOURCE_HTTP_PORT}/command/auth-admin-callback"/>
<property name="linkedDataUserBase" value="https://metadatacenter.org/users/"/>
<property name="apiKey" value="${env.CEDAR_ADMIN_USER_API_KEY}"/>
<property name="clientId" value="cedar-angular-app"/>
</properties>
</provider>
</spi>
User base domain
You might notice that our user base domain is set to metadatacenter.org
instead of metadatacenter.orgx
.
This is actually correct: our team decided that we allow changing the base domain for all the artifacts, but we keep our users under the same base domain.
Deploy the event listener JAR¶
The following command will copy the event listener into it's proper location:
copylistener
You can execute this command from any location. This command copies the event listener JAR cedar-keycloak-event-listener.jar
from $CEDAR_HOME/cedar-keycloak-event-listener/target/
to ${CEDAR_KEYCLOAK_HOME}/standalone/deployments/
.
Deploy event listener
Please deploy the event listener every time a change in its code is performed..
Also please deploy it after each CEDAR release.