Integration of Keycloak and Dropwizard
This project shows how JBoss Keycloak and Dropwizard can be used together.
To read this tutorial fully rendered, please visit: https://ahus1.github.io/keycloak-dropwizard-integration/tutorial.html.
JBoss Keycloak provides a standalone OAuth 2.0 and Open ID Connect server. It handles user credentials for your application, so you can focus on business requirements.
Dropwizard is a Java framework for developing ops-friendly, high-performance, RESTful web services.
TL;DR: The module
shows how to use Dropwizard’s
@Auth annotation with Keycloak using a full OAuth flow.
At the time I write this there is no open source integration of the two, so I set up this project. See https://github.com/ahus1/keycloak-dropwizard-integration for the latest version.
How to use
keycloak-dropwizard-jaxrs is a ready-to-use Dropwizard module.
The releases are available from Maven central.
The releases depend on a version of Dropwizard and Keycloak that was current at release time. To use a more recent release, please add them as an explicit dependency to your project, as this project will not release new versions on every minor or patch release of its dependencies.
Version 0.7.x is tested with Keycloak 1.9.x and Dropwizard 0.9.x
Version 0.8.x is tested with Keycloak 2.x.x and Dropwizard 0.9.x
Version 0.9.x is tested with Keycloak 2.x.x/3.x.x and Dropwizard 1.0.x
Version 1.0.x is tested with Keycloak 3.x.x and Dropwizard 1.1.x/1.2.x/1.3.x
Version 1.1.x/1.2.x is tested with Keycloak 4.x-18.x and Dropwizard 1.3.x/2.0.x/2.1.x
Starting with Dropwizard 2.0 and the included version of Jersey, a login performed during a POST for a form will not recover the contents of the POST. This is wired into Keycloak’s JettyAdapterSessionStore (that restores the content type and the parameters to the request), but Jersey’s InboundMessageContext that wants to read the information the request’s header and the body. See the shouldLoginFromPost() test case for an example.
<dependencies> <dependency> <groupId>de.ahus1.keycloak.dropwizard</groupId> <artifactId>keycloak-dropwizard</artifactId> <version>x.x.x</version> </dependency> </dependencies>
The most recent development version (based on the master branch on GitHub) is available from the Sonatype OSS Snapshot Repository. To use it, include the following repository in your pom.xml.
<repositories> <repository> <id>snapshots-repo</id> <url>https://oss.sonatype.org/content/repositories/snapshots</url> <releases><enabled>false</enabled></releases> <snapshots><enabled>true</enabled></snapshots> </repository> </repositories>
These examples need a local JBoss Keycloak instance with Realm
test and user
demo with password
Please download the Keycloak distribution matching your keycloak-dropwizard-integration version from http://keycloak.org and extract it to a subfolder
keycloak-server of this directory.
keycloak-server.bat to import an already configured realm. Using this startup file the configuration will be reset every time you start Keycloak.
This example will guide you through setting up JBoss Keycloak in several configurations:
For completeness and as a very simple getting started a standard Servlet configuration is also included (without and with Keycloak):
Copyright 2015-2021 Alexander Schwartz and the individual contributors.
Licensed under the Apache License, Version 2.0 (the “License”); you may not use this file except in compliance with the License. You may obtain a copy of the License at
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.