inteligr8/alfresco-keycloak
1
0
Fork 0
mirror of https://github.com/bmlong137/alfresco-keycloak.git synced 2025-09-10 14:11:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Rework project's Docker test setup

Browse Source 
- use Docker Compose instead of fabric8io
- don't use local paths to support running with remote Docker contexts
- use latest Keycloak Docker image and make sure test realm works out-of-the-box
- add flag to avoid failing on missing properties during JSON deserialisation
  (newer Keycloak versions offer more properties in IDM API response payloads)
This commit is contained in:
AFaust
2025-02-14 17:28:12 +01:00
committed by Axel Faust
parent 6f7910aa93
commit d6a6b3c2bd
32 changed files with 769 additions and 2034 deletions
Download Patch File Download Diff File Expand all files Collapse all files

367
docker-test/pom.xml Normal file
View File

@@ -0,0 +1,367 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
Copyright 2019 - 2021 Acosix GmbH
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>de.acosix.alfresco.keycloak</groupId>
<artifactId>de.acosix.alfresco.keycloak.parent</artifactId>
<version>1.2.0-rc1</version>
</parent>
<artifactId>de.acosix.alfresco.keycloak.docker.test</artifactId>
<name>Acosix Alfresco Keycloak - Docker Test Module</name>
<properties>
<maven.install.skip>true</maven.install.skip>
<maven.deploy.skip>true</maven.deploy.skip>
</properties>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>de.acosix.alfresco.utility</groupId>
<artifactId>de.acosix.alfresco.utility.repo</artifactId>
<version>${acosix.utility.version}</version>
<type>amp</type>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>de.acosix.alfresco.utility</groupId>
<artifactId>de.acosix.alfresco.utility.share</artifactId>
<version>${acosix.utility.version}</version>
<type>amp</type>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>${project.groupId}</groupId>
<artifactId>de.acosix.alfresco.keycloak.repo</artifactId>
<version>${project.version}</version>
<type>amp</type>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>${project.groupId}</groupId>
<artifactId>de.acosix.alfresco.keycloak.share</artifactId>
<version>${project.version}</version>
<type>amp</type>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.orderofthebee.support-tools</groupId>
<artifactId>support-tools-repo</artifactId>
<classifier>amp</classifier>
<version>${ootbee.support-tools.version}</version>
<type>amp</type>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.orderofthebee.support-tools</groupId>
<artifactId>support-tools-share</artifactId>
<classifier>amp</classifier>
<version>${ootbee.support-tools.version}</version>
<type>amp</type>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
<dependency>
<groupId>de.acosix.alfresco.utility</groupId>
<artifactId>de.acosix.alfresco.utility.repo</artifactId>
<type>amp</type>
</dependency>
<dependency>
<groupId>de.acosix.alfresco.utility</groupId>
<artifactId>de.acosix.alfresco.utility.share</artifactId>
<type>amp</type>
</dependency>
<dependency>
<groupId>${project.groupId}</groupId>
<artifactId>de.acosix.alfresco.keycloak.repo</artifactId>
<type>amp</type>
</dependency>
<dependency>
<groupId>${project.groupId}</groupId>
<artifactId>de.acosix.alfresco.keycloak.share</artifactId>
<type>amp</type>
</dependency>
<dependency>
<groupId>org.orderofthebee.support-tools</groupId>
<artifactId>support-tools-repo</artifactId>
<classifier>amp</classifier>
<type>amp</type>
</dependency>
<dependency>
<groupId>org.orderofthebee.support-tools</groupId>
<artifactId>support-tools-share</artifactId>
<classifier>amp</classifier>
<type>amp</type>
</dependency>
</dependencies>
<build>
<resources>
<resource>
<directory>src/main/resources</directory>
<targetPath>${project.build.directory}/classes</targetPath>
<filtering>true</filtering>
</resource>
</resources>
<pluginManagement>
<plugins>
<plugin>
<artifactId>maven-toolchains-plugin</artifactId>
<configuration>
<paths>
<id>docker</id>
</paths>
</configuration>
</plugin>
<plugin>
<artifactId>maven-dependency-plugin</artifactId>
<executions>
<execution>
<id>copy-repo-dependencies</id>
<phase>process-resources</phase>
<goals>
<goal>copy-dependencies</goal>
</goals>
<configuration>
<outputDirectory>${project.build.directory}/classes/repository</outputDirectory>
<includeTypes>amp</includeTypes>
<includeArtifactIds>activemq-broker,support-tools-repo,de.acosix.alfresco.utility.repo,de.acosix.alfresco.keycloak.repo</includeArtifactIds>
</configuration>
</execution>
<execution>
<id>copy-share-dependencies</id>
<phase>process-resources</phase>
<goals>
<goal>copy-dependencies</goal>
</goals>
<configuration>
<outputDirectory>${project.build.directory}/classes/share</outputDirectory>
<includeTypes>amp</includeTypes>
<includeArtifactIds>support-tools-share,de.acosix.alfresco.utility.share,de.acosix.alfresco.keycloak.share</includeArtifactIds>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>exec-maven-plugin</artifactId>
<version>3.5.0</version>
<configuration>
<toolchain>docker</toolchain>
<executable>docker</executable>
</configuration>
<executions>
<execution>
<id>buildDocker</id>
<phase>compile</phase>
<goals>
<goal>exec</goal>
</goals>
<configuration>
<arguments>
<argument>compose</argument>
<argument>-f</argument>
<argument>${project.build.directory}/classes/docker-compose.yaml</argument>
<argument>build</argument>
</arguments>
</configuration>
</execution>
<execution>
<id>startDocker</id>
<phase>pre-integration-test</phase>
<goals>
<goal>exec</goal>
</goals>
<configuration>
<arguments>
<argument>compose</argument>
<argument>-f</argument>
<argument>${project.build.directory}/classes/docker-compose.yaml</argument>
<argument>up</argument>
<argument>-d</argument>
</arguments>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</pluginManagement>
<plugins>
<plugin>
<artifactId>maven-toolchains-plugin</artifactId>
</plugin>
<plugin>
<artifactId>maven-resources-plugin</artifactId>
</plugin>
<plugin>
<artifactId>maven-dependency-plugin</artifactId>
</plugin>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>exec-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
<profiles>
<profile>
<id>clean-if-compose-present</id>
<activation>
<file>
<exists>target/classes/docker-compose.yaml</exists>
</file>
</activation>
<build>
<pluginManagement>
<plugins>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>exec-maven-plugin</artifactId>
<configuration>
<toolchain>docker</toolchain>
<executable>docker</executable>
</configuration>
<executions>
<execution>
<id>cleanDocker</id>
<phase>pre-clean</phase>
<goals>
<goal>exec</goal>
</goals>
<configuration>
<arguments>
<argument>compose</argument>
<argument>-f</argument>
<argument>${project.build.directory}/classes/docker-compose.yaml</argument>
<argument>down</argument>
</arguments>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</pluginManagement>
</build>
</profile>
<profile>
<id>purge</id>
<activation>
<file>
<exists>target/classes/docker-compose.yaml</exists>
</file>
<property>
<name>purge</name>
<value>true</value>
</property>
</activation>
<build>
<pluginManagement>
<plugins>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>exec-maven-plugin</artifactId>
<configuration>
<toolchain>docker</toolchain>
<executable>docker</executable>
</configuration>
<executions>
<execution>
<id>purgeDocker</id>
<phase>pre-clean</phase>
<goals>
<goal>exec</goal>
</goals>
<configuration>
<arguments>
<argument>compose</argument>
<argument>-f</argument>
<argument>${project.build.directory}/classes/docker-compose.yaml</argument>
<argument>down</argument>
<argument>-v</argument>
<argument>--rmi</argument>
<argument>local</argument>
</arguments>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</pluginManagement>
</build>
</profile>
</profiles>
</project>

131
docker-test/src/main/resources/docker-compose.yaml Normal file
View File

@@ -0,0 +1,131 @@
version: '3.8'
services:
kc-pg:
image: postgres:${postgres.docker.version}
hostname: kc-pg
restart: unless-stopped
command: postgres -c max_connections=50
volumes:
- kc_psql:/srv/postgresql
environment:
PGDATA: /srv/postgresql/data
POSTGRES_DB: keycloak
POSTGRES_USER: keycloak
POSTGRES_PASSWORD: keycloak
alf-pg:
image: postgres:${postgres.docker.version}
hostname: alf-pg
restart: unless-stopped
command: postgres -c max_connections=300
volumes:
- alf_psql:/srv/postgresql
environment:
PGDATA: /srv/postgresql/data
POSTGRES_DB: alfresco
POSTGRES_USER: alfresco
POSTGRES_PASSWORD: alfresco
keycloak:
build:
context: ./keycloak
dockerfile: Dockerfile
hostname: keycloak
restart: unless-stopped
depends_on:
- kc-pg
command: start-dev --import-realm
ports:
- ${keycloak.docker.port}:8080
environment:
KC_BOOTSTRAP_ADMIN_USERNAME: admin
KC_BOOTSTRAP_ADMIN_PASSWORD: admin
KC_DB: postgres
KC_DB_URL: "jdbc:postgresql://kc-pg:5432/keycloak"
KC_DB_USERNAME: keycloak
KC_DB_PASSWORD: "keycloak"
KC_DB_POOL_INITIAL_SIZE: 5
KC_DB_POOL_MAX_SIZE: 50
KC_HOSTNAME: http://localhost:${keycloak.docker.port}
KC_HOSTNAME_BACKCHANNEL_DYNAMIC: true
# in newer Keycloak versions, token-exchange does not work without admin-fine-grained-authz
# (even with properly set up resources, scopes, permissions, policies in realm-management)
KC_FEATURES: "token-exchange,admin-fine-grained-authz"
KC_FEATURES_DISABLED: "ciba,impersonation,kerberos,par,step-up-authentication,web-authn"
repository:
build:
context: ./repository
dockerfile: Dockerfile
hostname: repository
restart: unless-stopped
depends_on:
- alf-pg
volumes:
- contentstore:${alfresco.repo.docker.data.path}
- repo_logs:${alfresco.repo.docker.tomcat.path}/logs
ports:
- ${alfresco.repo.docker.port}:8080
- ${alfresco.repo.docker.debugPort}:8888
environment:
JAVA_OPTS: >-
-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=0.0.0.0:8888
-Xms2g -Xmx2g -XX:+UseG1GC -XX:+ParallelRefProcEnabled
-XX:+UseStringDeduplication -XX:+ScavengeBeforeFullGC
-XX:+DisableExplicitGC -XX:+AlwaysPreTouch
-Dencryption.keystore.type=JCEKS
-Dencryption.cipherAlgorithm=DESede/CBC/PKCS5Padding
-Dencryption.keyAlgorithm=DESede
-Dencryption.keystore.location=${alfresco.repo.docker.tomcat.path}/shared/classes/alfresco/extension/keystore/keystore
-Dmetadata-keystore.password=mp6yc0UD9e
-Dmetadata-keystore.aliases=metadata
-Dmetadata-keystore.metadata.password=oKIWzVdEdA
-Dmetadata-keystore.metadata.algorithm=DESede
-Dsolr.secureComms=secret
-Dsolr.sharedSecret=secret
share:
build:
context: ./share
dockerfile: Dockerfile
environment:
REPO_HOST: repository
REPO_PORT: 8080
JAVA_OPTS: >-
-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=0.0.0.0:8888
-Xms500m -Xmx500m
-XX:+UseG1GC -XX:+ParallelRefProcEnabled -XX:+UseStringDeduplication
-XX:+ScavengeBeforeFullGC -XX:+DisableExplicitGC -XX:+AlwaysPreTouch
ports:
- ${alfresco.share.docker.port}:8080
- ${alfresco.share.docker.debugPort}:8888
solr6:
image: alfresco/alfresco-search-services:${alfresco.solr6.docker.version}
environment:
SOLR_ALFRESCO_HOST: repository
SOLR_ALFRESCO_PORT: 8080
SOLR_SOLR_HOST: solr6
SOLR_SOLR_PORT: 8983
SOLR_CREATE_ALFRESCO_DEFAULTS: alfresco
ALFRESCO_SECURE_COMMS: secret
JAVA_TOOL_OPTIONS: -Dalfresco.secureComms.secret=secret
SOLR_JAVA_MEM: -Xms2g -Xmx2g
activemq:
image: alfresco/alfresco-activemq:${alfresco.activemq.docker.version}
transform-core-aio:
image: alfresco/alfresco-transform-core-aio:${alfresco.aio.docker.version}
environment:
JAVA_OPTS: " -Xms256m -Xmx1536m"
ACTIVEMQ_URL: nio://activemq:61616
volumes:
kc_psql:
alf_psql:
contentstore:
repo_logs:
share_logs:

5
docker-test/src/main/resources/keycloak/Dockerfile Normal file
View File

@@ -0,0 +1,5 @@
FROM ${keycloak.docker.image}:${keycloak.docker.version}
COPY test-realm.json /opt/keycloak/data/import/
ENTRYPOINT ["/opt/keycloak/bin/kc.sh"]

1269
docker-test/src/main/resources/keycloak/test-realm.json Normal file
View File

File diff suppressed because it is too large Load Diff

36
docker-test/src/main/resources/repository/Dockerfile Normal file
View File

@@ -0,0 +1,36 @@
FROM ${alfresco.repo.docker.image}:${alfresco.repo.docker.version}
${alfresco.repo.docker.build.preRun}
COPY support-tools-repo*.amp ${alfresco.repo.docker.amp.path}/
COPY de.acosix.alfresco.utility.repo*.amp ${alfresco.repo.docker.amp.path}/
COPY de.acosix.alfresco.keycloak.repo*.amp ${alfresco.repo.docker.amp.path}/
RUN java -jar ${alfresco.repo.docker.mmt.path}/alfresco-mmt*.jar install \
${alfresco.repo.docker.amp.path}/support-tools-repo*.amp \
${alfresco.repo.docker.tomcat.path}/webapps/alfresco -nobackup
RUN java -jar ${alfresco.repo.docker.mmt.path}/alfresco-mmt*.jar install \
${alfresco.repo.docker.amp.path}/de.acosix.alfresco.utility.repo*.amp \
${alfresco.repo.docker.tomcat.path}/webapps/alfresco -nobackup
RUN java -jar ${alfresco.repo.docker.mmt.path}/alfresco-mmt*.jar install \
${alfresco.repo.docker.amp.path}/de.acosix.alfresco.keycloak.repo*.amp \
${alfresco.repo.docker.tomcat.path}/webapps/alfresco -nobackup
COPY alfresco.xml ${alfresco.repo.docker.tomcat.path}/conf/Catalina/localhost/
COPY alfresco-global.addition.properties ${alfresco.repo.docker.tomcat.path}/shared/classes/alfresco/
COPY dev-log4j.properties dev-log4j2.properties ${alfresco.repo.docker.tomcat.path}/shared/classes/alfresco/extension/
# merge additions to alfresco-global.properties
RUN echo "" >> ${alfresco.repo.docker.tomcat.path}/shared/classes/alfresco-global.properties \
&& cat ${alfresco.repo.docker.tomcat.path}/shared/classes/alfresco/alfresco-global.addition.properties >> ${alfresco.repo.docker.tomcat.path}/shared/classes/alfresco-global.properties \
&& sed -i 's/<secure>true<\/secure>/<secure>false<\/secure>/' ${alfresco.repo.docker.tomcat.path}/conf/web.xml
RUN chown -R ${alfresco.repo.docker.chown.mask} \
${alfresco.repo.docker.tomcat.path}/webapps/alfresco \
${alfresco.repo.docker.tomcat.path}/shared/classes/*
${alfresco.repo.docker.build.postRun}

33
docker-test/src/main/resources/repository/alfresco-global.addition.properties Normal file
View File

@@ -0,0 +1,33 @@
db.driver=org.postgresql.Driver
db.url=jdbc:postgresql://alf-pg:5432/alfresco
db.username=alfresco
db.password=alfresco
solr.host=solr6
solr.port=8983
csrf.filter.enabled=false
messaging.broker.url=failover:(nio://activemq:61616)?timeout=3000&jms.useCompression=true
transform.service.enabled=false
local.transform.service.enabled=true
localTransform.core-aio.url=http://transform-core-aio:8090/
authentication.chain=alfrescoNtlm1:alfrescoNtlm,keycloak1:keycloak
keycloak.adapter.auth-server-url=http://localhost:${keycloak.docker.port}
keycloak.adapter.realm=test
keycloak.adapter.resource=alfresco
keycloak.adapter.credentials.provider=secret
keycloak.adapter.credentials.secret=6f70a28f-98cd-41ca-8f2f-368a8797d708
# localhost in auth-server-url won't work for direct access in a Docker deployment
keycloak.adapter.proxy-url=http://keycloak:8080
keycloak.roles.requiredClientScopes=alfresco-role-service
keycloak.synchronization.userFilter.containedInGroup.property.groupPaths=/Test A
keycloak.synchronization.groupFilter.containedInGroup.property.groupPaths=/Test A
keycloak.synchronization.requiredClientScopes=alfresco-authority-sync

4
docker-test/src/main/resources/repository/alfresco.xml Normal file
View File

@@ -0,0 +1,4 @@
<?xml version='1.0' encoding='utf-8'?>
<Context crossContext="true" useHttpOnly="true">
<Resources cacheMaxSize="51200" cacheObjectMaxSize="1024" />
</Context>

25
docker-test/src/main/resources/repository/dev-log4j.properties Normal file
View File

@@ -0,0 +1,25 @@
#
# Copyright 2019 - 2021 Acosix GmbH
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
log4j.rootLogger=error, File
log4j.appender.File=org.apache.log4j.DailyRollingFileAppender
log4j.appender.File.File=\${catalina.base}/logs/alfresco.log
log4j.appender.File.Append=true
log4j.appender.File.DatePattern='.'yyyy-MM-dd
log4j.appender.File.layout=org.apache.log4j.PatternLayout
log4j.appender.File.layout.ConversionPattern=%d{ISO8601} %-5p [%c] [%t] %m%n
log4j.logger.${project.artifactId}=DEBUG

25
docker-test/src/main/resources/repository/dev-log4j2.properties Normal file
View File

@@ -0,0 +1,25 @@
#
# Copyright 2019 - 2021 Acosix GmbH
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
log4j.rootLogger=error, File
log4j.appender.File=org.apache.log4j.DailyRollingFileAppender
log4j.appender.File.File=\${catalina.base}/logs/alfresco.log
log4j.appender.File.Append=true
log4j.appender.File.DatePattern='.'yyyy-MM-dd
log4j.appender.File.layout=org.apache.log4j.PatternLayout
log4j.appender.File.layout.ConversionPattern=%d{ISO8601} %-5p [%c] [%t] %m%n
log4j.logger.${project.artifactId}=DEBUG

22
docker-test/src/main/resources/share/Dockerfile Normal file
View File

@@ -0,0 +1,22 @@
FROM ${alfresco.share.docker.image}:${alfresco.share.docker.version}
COPY support-tools-share*.amp ${alfresco.share.docker.amp.path}/
COPY de.acosix.alfresco.utility.share*.amp ${alfresco.share.docker.amp.path}/
COPY de.acosix.alfresco.keycloak.share*.amp ${alfresco.share.docker.amp.path}/
RUN java -jar ${alfresco.share.docker.mmt.path}/alfresco-mmt*.jar install \
${alfresco.share.docker.amp.path}/support-tools-share*.amp \
${alfresco.share.docker.tomcat.path}/webapps/share -nobackup
RUN java -jar ${alfresco.share.docker.mmt.path}/alfresco-mmt*.jar install \
${alfresco.share.docker.amp.path}/de.acosix.alfresco.utility.share*.amp \
${alfresco.share.docker.tomcat.path}/webapps/share -nobackup
RUN java -jar ${alfresco.share.docker.mmt.path}/alfresco-mmt*.jar install \
${alfresco.share.docker.amp.path}/de.acosix.alfresco.keycloak.share*.amp \
${alfresco.share.docker.tomcat.path}/webapps/share -nobackup
RUN sed -i 's/<secure>true<\/secure>/<secure>false<\/secure>/' ${alfresco.share.docker.tomcat.path}/conf/web.xml
COPY share.xml ${alfresco.repo.docker.tomcat.path}/conf/Catalina/localhost/share.xml
COPY share-config-custom.xml ${alfresco.repo.docker.tomcat.path}/shared/classes/alfresco/web-extension/share-config-custom.xml

91
docker-test/src/main/resources/share/share-config-custom.xml Normal file
View File

@@ -0,0 +1,91 @@
<?xml version='1.0' encoding='UTF-8' ?>
<!--
Copyright 2019 - 2021 Acosix GmbH
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<alfresco-config>
<config evaluator="string-compare" condition="Remote">
<remote>
<connector>
<id>alfrescoCookie</id>
<name>Alfresco Connector</name>
<description>Connects to an Alfresco instance using cookie-based authentication and awareness of Keycloak access tokens</description>
<class>de.acosix.alfresco.keycloak.share.remote.AccessTokenAwareSlingshotAlfrescoConnector</class>
<authenticator-id>acosix-kc-authenticator</authenticator-id>
</connector>
<authenticator>
<id>acosix-kc-authenticator</id>
<name>Acosix Keycloak Authenticator</name>
<description>Authenticator with flexible support for ticket, cookie, remote user, and access token</description>
<class>de.acosix.alfresco.keycloak.share.remote.AccessTokenAwareAlfrescoAuthenticator</class>
</authenticator>
<endpoint>
<id>alfresco</id>
<name>Alfresco - user access</name>
<description>Access to Alfresco Repository WebScripts that require user authentication</description>
<connector-id>alfrescoCookie</connector-id>
<endpoint-url>http://repository:8080/alfresco/wcs</endpoint-url>
<identity>user</identity>
<external-auth>true</external-auth>
</endpoint>
<endpoint>
<id>alfresco-feed</id>
<name>Alfresco Feed</name>
<description>Alfresco Feed - supports basic HTTP authentication via the EndPointProxyServlet</description>
<connector-id>alfrescoCookie</connector-id>
<endpoint-url>http://repository:8080/alfresco/wcs</endpoint-url>
<basic-auth>true</basic-auth>
<identity>user</identity>
<external-auth>true</external-auth>
</endpoint>
<endpoint>
<id>alfresco-api</id>
<parent-id>alfresco</parent-id>
<name>Alfresco Public API - user access</name>
<description>Access to Alfresco Repository Public API that require user authentication. This makes use of the authentication that is provided by parent 'alfresco' endpoint. </description>
<connector-id>alfrescoCookie</connector-id>
<endpoint-url>http://repository:8080/alfresco/api</endpoint-url>
<identity>user</identity>
<external-auth>true</external-auth>
</endpoint>
</remote>
</config>
<config evaluator="string-compare" condition="Keycloak">
<keycloak-auth-config>
<enhance-login-form>true</enhance-login-form>
<enable-sso-filter>true</enable-sso-filter>
<force-keycloak-sso>false</force-keycloak-sso>
<perform-token-exchange>true</perform-token-exchange>
</keycloak-auth-config>
<keycloak-adapter-config>
<forced-route-url>http://keycloak:8080</forced-route-url>
<auth-server-url>http://localhost:${keycloak.docker.port}</auth-server-url>
<realm>test</realm>
<resource>alfresco-share</resource>
<ssl-required>none</ssl-required>
<public-client>false</public-client>
<credentials>
<provider>secret</provider>
<secret>a5b3e8bc-39cc-4ddd-8c8f-1c34e7a35975</secret>
</credentials>
</keycloak-adapter-config>
</config>
</alfresco-config>

4
docker-test/src/main/resources/share/share.xml Normal file
View File

@@ -0,0 +1,4 @@
<?xml version='1.0' encoding='utf-8'?>
<Context crossContext="true" useHttpOnly="true">
<Resources cacheMaxSize="51200" cacheObjectMaxSize="1024" />
</Context>