nheron/kie-platform
nheron/kie-platform
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Start using Keycloak for SSO authentification for business central

Browse source 
TODO : using keyclaok in other features like rest services in business central
This commit is contained in:
Nicolas Héron 2019-04-13 10:36:17 +02:00
commit b2c98ffe14
14 changed files with 3883 additions and 572 deletions
Download patch file Download diff file Expand all files Collapse all files

518
drools-framework-base-tools-parent/drools-framework-kie-wb-parent/kie-wb/pom.xml
View file

@ -1,287 +1,295 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>drools-framework-kie-wb-parent</artifactId>
<groupId>com.pymmasoftware.jbpm</groupId>
<version>1.1-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>drools-framework-kie-wb-parent</artifactId>
<groupId>com.pymmasoftware.jbpm</groupId>
<version>1.1-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>kie-wb</artifactId>
<artifactId>kie-wb</artifactId>
<packaging>war</packaging>
<packaging>war</packaging>
<name>Pymma platform workbench</name>
<description>Pymma Plarform Kie-wb</description>
<dependencies>
<dependency>
<groupId>com.pymmasoftware.jbpm</groupId>
<artifactId>kie-drools-framework-rest-backend</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.kie</groupId>
<artifactId>business-central</artifactId>
<classifier>wildfly14</classifier>
<version>${jbpm.version}</version>
<type>war</type>
<exclusions>
<exclusion>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependencies>
</dependencies>
<dependency>
<groupId>com.pymmasoftware.jbpm</groupId>
<artifactId>kie-drools-framework-rest-backend</artifactId>
<version>${project.version}</version>
</dependency>
<build>
<finalName>kie-wb</finalName>
<plugins>
<!-- unpack step -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<version>2.10</version>
<executions>
<execution>
<id>unpack</id>
<phase>prepare-package</phase>
<goals>
<goal>unpack</goal>
</goals>
<configuration>
<artifactItems>
<artifactItem>
<groupId>org.kie</groupId>
<artifactId>business-central</artifactId>
<classifier>wildfly14</classifier>
<version>${jbpm.version}</version>
<type>war</type>
<outputDirectory>${project.build.directory}/unpack-tmp</outputDirectory>
<!--includes>**/*.class,**/*.xml</includes-->
</artifactItem>
<dependency>
<groupId>org.training.Leisure</groupId>
<artifactId>swimmingpool</artifactId>
<version>1.0.1-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.kie</groupId>
<artifactId>business-central</artifactId>
<classifier>wildfly14</classifier>
<version>${jbpm.version}</version>
<type>war</type>
<exclusions>
<exclusion>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
</exclusion>
</exclusions>
</dependency>
</artifactItems>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<version>2.10</version>
<executions>
<execution>
<id>copy-dependencies</id>
<phase>package</phase>
<goals>
<goal>copy-dependencies</goal>
</goals>
<configuration>
<outputDirectory>${project.build.directory}/unpack-tmp/WEB-INF/lib</outputDirectory>
<overWriteReleases>false</overWriteReleases>
<overWriteSnapshots>false</overWriteSnapshots>
<overWriteIfNewer>true</overWriteIfNewer>
</configuration>
</execution>
</executions>
</plugin>
</dependencies>
<plugin>
<artifactId>maven-resources-plugin</artifactId>
<version>3.0.2</version>
<executions>
<execution>
<id>copy-resources</id>
<!-- here the phase you need -->
<phase>package</phase>
<goals>
<goal>copy-resources</goal>
</goals>
<configuration>
<outputDirectory>${basedir}/target//unpack-tmp/WEB-INF/classes/META-INF</outputDirectory>
<resources>
<resource>
<directory>src/main/resources</directory>
<filtering>false</filtering>
</resource>
</resources>
<overwrite>true</overwrite>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-assembly-plugin</artifactId>
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>single</goal>
</goals>
</execution>
</executions>
<configuration>
<finalName>kie-wb</finalName>
<appendAssemblyId>false</appendAssemblyId>
<descriptors>
<descriptor>src/main/assembly/assembly-kie-wb-wildfly-11.xml</descriptor>
</descriptors>
<archive>
<addMavenDescriptor>false</addMavenDescriptor>
</archive>
</configuration>
</plugin>
</plugins>
</build>
<profiles>
<profile>
<id>docker-build</id>
<build>
<build>
<finalName>kie-wb</finalName>
<plugins>
<plugin>
<groupId>io.fabric8</groupId>
<artifactId>docker-maven-plugin</artifactId>
<version>0.21.0</version>
<!-- unpack step -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<version>2.10</version>
<executions>
<execution>
<id>unpack</id>
<phase>prepare-package</phase>
<goals>
<goal>unpack</goal>
</goals>
<configuration>
<artifactItems>
<artifactItem>
<groupId>org.kie</groupId>
<artifactId>business-central</artifactId>
<classifier>wildfly14</classifier>
<version>${jbpm.version}</version>
<type>war</type>
<outputDirectory>${project.build.directory}/unpack-tmp</outputDirectory>
<!--includes>**/*.class,**/*.xml</includes-->
</artifactItem>
<configuration>
<!--registry>192.168.1.184:12500</registry-->
<dockerHost>${docker.Host}</dockerHost>
</artifactItems>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<version>2.10</version>
<executions>
<execution>
<id>copy-dependencies</id>
<phase>package</phase>
<goals>
<goal>copy-dependencies</goal>
</goals>
<configuration>
<outputDirectory>${project.build.directory}/unpack-tmp/WEB-INF/lib</outputDirectory>
<overWriteReleases>false</overWriteReleases>
<overWriteSnapshots>false</overWriteSnapshots>
<overWriteIfNewer>true</overWriteIfNewer>
</configuration>
</execution>
</executions>
</plugin>
<!-- this is for Mac and Amazon Linux -->
<!--dockerHost>unix:///var/run/docker.sock</dockerHost-->
<plugin>
<artifactId>maven-resources-plugin</artifactId>
<version>3.0.2</version>
<executions>
<execution>
<id>copy-resources</id>
<!-- here the phase you need -->
<phase>package</phase>
<goals>
<goal>copy-resources</goal>
</goals>
<configuration>
<outputDirectory>${basedir}/target//unpack-tmp/WEB-INF/classes/META-INF</outputDirectory>
<resources>
<resource>
<directory>src/main/resources</directory>
<filtering>false</filtering>
</resource>
</resources>
<overwrite>true</overwrite>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-assembly-plugin</artifactId>
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>single</goal>
</goals>
</execution>
</executions>
<configuration>
<finalName>kie-wb</finalName>
<appendAssemblyId>false</appendAssemblyId>
<descriptors>
<descriptor>src/main/assembly/assembly-kie-wb-wildfly-11.xml</descriptor>
</descriptors>
<archive>
<addMavenDescriptor>false</addMavenDescriptor>
<verbose>true</verbose>
<images>
<image>
<name>kie-wb</name>
<build>
<dockerFileDir>${project.basedir}/src/main/docker</dockerFileDir>
</archive>
</configuration>
</plugin>
<!--copies Jar to the maven directory (uses Assembly system)-->
<assembly>
<descriptorRef>artifact</descriptorRef>
</assembly>
<tags>
<tag>latest</tag>
</tags>
</build>
<run>
<extraHosts>
<host>mongodb:172.17.0.1</host>
<host>kie-wb:172.17.0.1</host>
</extraHosts>
<ports>
<port>10080:8080</port>
<port>10001:8001</port>
<port>50505:50505</port>
</ports>
</run>
</image>
</images>
</configuration>
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>build</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
<profile>
<id>docker-deploy</id>
<build>
<plugins>
<plugin>
<groupId>io.fabric8</groupId>
<artifactId>docker-maven-plugin</artifactId>
<version>0.21.0</version>
</build>
<profiles>
<profile>
<id>docker-build</id>
<build>
<plugins>
<plugin>
<groupId>io.fabric8</groupId>
<artifactId>docker-maven-plugin</artifactId>
<version>0.21.0</version>
<configuration>
<registry>registry.hub.docker.com/pymmasoftware</registry>
<dockerHost>${docker.Host}</dockerHost>
<verbose>true</verbose>
<images>
<image>
<name>kie-wb</name>
<build>
<dockerFileDir>${project.basedir}/src/main/docker</dockerFileDir>
<configuration>
<!--registry>192.168.1.184:12500</registry-->
<dockerHost>${docker.Host}</dockerHost>
<!--copies Jar to the maven directory (uses Assembly system)-->
<assembly>
<mode>dir</mode>
<name>maven/</name>
<inline xmlns="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.2 http://maven.apache.org/xsd/assembly-1.1.2.xsd">
<id>middleware-rest</id>
<files>
<file>
<source>${project.build.directory}/kie-wb.war</source>
<outputDirectory>./</outputDirectory>
<destName>kie-wb.war</destName>
</file>
</files>
</inline>
</assembly>
<!-- this is for Mac and Amazon Linux -->
<!--dockerHost>unix:///var/run/docker.sock</dockerHost-->
<verbose>true</verbose>
<images>
<image>
<name>kie-wb</name>
<build>
<dockerFileDir>${project.basedir}/src/main/docker</dockerFileDir>
<!--copies Jar to the maven directory (uses Assembly system)-->
<assembly>
<descriptorRef>artifact</descriptorRef>
</assembly>
<tags>
<tag>latest</tag>
</tags>
</build>
<run>
<extraHosts>
<host>mongodb:172.17.0.1</host>
<host>kie-wb:172.17.0.1</host>
</extraHosts>
<ports>
<port>10080:8080</port>
<port>10001:8001</port>
<port>50505:50505</port>
</ports>
</run>
</image>
</images>
</configuration>
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>build</goal>
</goals>
</execution>
</build>
</executions>
<run>
<extraHosts>
<host>mongodb:192.168.1.102</host>
<host>declasin:192.168.1.184</host>
</extraHosts>
<ports>
<port>8080:8080</port>
</ports>
</run>
</image>
</images>
<authConfig>
<username>pymmasoftwaredeploy</username>
<password>pymmalomme</password>
</authConfig>
<retries>5</retries>
</configuration>
</plugin>
</plugins>
</build>
</profile>
<profile>
<id>docker-deploy</id>
<build>
<plugins>
<plugin>
<groupId>io.fabric8</groupId>
<artifactId>docker-maven-plugin</artifactId>
<version>0.21.0</version>
<executions>
<configuration>
<registry>registry.hub.docker.com/pymmasoftware</registry>
<dockerHost>${docker.Host}</dockerHost>
<verbose>true</verbose>
<images>
<image>
<name>kie-wb</name>
<build>
<dockerFileDir>${project.basedir}/src/main/docker</dockerFileDir>
<!--copies Jar to the maven directory (uses Assembly system)-->
<assembly>
<mode>dir</mode>
<name>maven/</name>
<inline xmlns="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.2"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.2 http://maven.apache.org/xsd/assembly-1.1.2.xsd">
<id>middleware-rest</id>
<files>
<file>
<source>${project.build.directory}/kie-wb.war</source>
<outputDirectory>./</outputDirectory>
<destName>kie-wb.war</destName>
</file>
</files>
</inline>
</assembly>
<execution>
<id>mydeploy</id>
<phase>deploy</phase>
<goals>
<goal>build</goal>
<goal>push</goal>
</goals>
</execution>
</build>
</executions>
<run>
<extraHosts>
<host>mongodb:192.168.1.102</host>
<host>declasin:192.168.1.184</host>
</extraHosts>
<ports>
<port>8080:8080</port>
</ports>
</run>
</image>
</images>
<authConfig>
<username>pymmasoftwaredeploy</username>
<password>pymmalomme</password>
</authConfig>
<retries>5</retries>
</configuration>
</plugin>
</plugins>
</build>
</profile>
</profiles>
<executions>
<execution>
<id>mydeploy</id>
<phase>deploy</phase>
<goals>
<goal>build</goal>
<goal>push</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
</profiles>
</project>

10
drools-framework-base-tools-parent/drools-framework-kie-wb-parent/kie-wb/src/main/docker/Dockerfile
View file

@ -3,7 +3,7 @@
###########################################################################
####### BASE ############
FROM jboss/wildfly:14.0.1.Final
FROM jboss/keycloak-adapter-wildfly:latest
####### MAINTAINER ############
MAINTAINER "Nicolas Héron" "nicolas.heron@pymma-software.com"
@ -51,8 +51,8 @@ EXPOSE 8001
####### Drools Workbench CUSTOM CONFIGURATION ############
ADD etc/standalone-full-drools.xml $JBOSS_HOME/standalone/configuration/standalone-full-drools.xml
ADD etc/application-users.properties $JBOSS_HOME/standalone/configuration/application-users.properties
ADD etc/application-roles.properties $JBOSS_HOME/standalone/configuration/application-roles.properties
#ADD etc/application-users.properties $JBOSS_HOME/standalone/configuration/application-users.properties
#ADD etc/application-roles.properties $JBOSS_HOME/standalone/configuration/application-roles.properties
# Added files are chowned to root user, change it to the jboss one.
USER root
@ -71,8 +71,8 @@ ADD settings.xml /m2_kiewb/settings.xml
RUN mkdir /m2_kiewb/repository
####### MVN REPO ############
# https://bugzilla.redhat.com/show_bug.cgi?id=1263738
RUN mkdir -p /m2_kiewb/repository/org/guvnor/guvnor-asset-mgmt-project/$KIE_VERSION && \
curl -o /m2_kiewb/repository/org/guvnor/guvnor-asset-mgmt-project/$KIE_VERSION/guvnor-asset-mgmt-project-$KIE_VERSION.jar $KIE_REPOSITORY/org/guvnor/guvnor-asset-mgmt-project/$KIE_VERSION/guvnor-asset-mgmt-project-$KIE_VERSION.jar
#RUN mkdir -p /m2_kiewb/repository/org/guvnor/guvnor-asset-mgmt-project/$KIE_VERSION && \
#curl -o /m2_kiewb/repository/org/guvnor/guvnor-asset-mgmt-project/$KIE_VERSION/guvnor-asset-mgmt-project-$KIE_VERSION.jar $KIE_REPOSITORY/org/guvnor/guvnor-asset-mgmt-project/$KIE_VERSION/guvnor-asset-mgmt-project-$KIE_VERSION.jar
RUN chown jboss:jboss /home/lucene

42
drools-framework-base-tools-parent/drools-framework-kie-wb-parent/kie-wb/src/main/docker/etc/application-roles.properties
View file

@ -1,42 +0,0 @@
admin=admin,analyst,kiemgmt,admingroup,rest-all
kieserver=kie-server,,rest-all
workbench=admin,kie-server
#pymma
nheron=admin,analyst,kiemgmt,admingroup,rest-all
guillaume=analyst,kiemgmt,pymma,pymma,rest-all
maxime=analyst,kiemgmt,pymma,rest-all
donatienne=analyst,kiemgmt,pymma,rest-all
#auchan
igor=analyst,auchan,rest-all
florian=analyst,auchan,rest-all
#oney
thomas=analyst,oney,rest-all
christopheev=analyst,oney,rest-all
#probtp
pascal=analyst,probtp,rest-all
#training
student01=analyst,training,rest-all
student02=analyst,training,rest-all
student03=analyst,training,rest-all
student04=analyst,training,rest-all
student05=analyst,training,rest-all
student06=analyst,training,rest-all
student07=analyst,training,rest-all
student08=analyst,training,rest-all
student09=analyst,training,rest-all
student10=analyst,training,rest-all
student11=analyst,training,rest-all
student12=analyst,training,rest-all
nicolas=admin,analyst,kiemgmt,admingroup,rest-all

33
drools-framework-base-tools-parent/drools-framework-kie-wb-parent/kie-wb/src/main/docker/etc/application-users.properties
View file

@ -1,33 +0,0 @@
admin=207b6e0cc556d7084b5e2db7d822555c
kieserver=kieserver1!
#pymma
nheron=e4b5d284416d5c804c3a3243e91f7bcb
guillaume=hochart
maxime=picault
donatienne=yovo
# auchan
igor=auchan
florian=auchan
# oney
thomas=oney
christopheev=oney
# probtp
pascal=probtp
#training
student01=mybrmspymma01a
student02=mybrmspymma02b
student03=mybrmspymma03c
student04=mybrmspymma04d
student05=mybrmspymma05e
student06=mybrmspymma06f
student07=mybrmspymma07g
student08=mybrmspymma08h
student09=mybrmspymma09i
student10=mybrmspymma10j
student11=mybrmspymma11k
student12=mybrmspymma12l
nicolas=200368d75a475c5adfec0b4615329a68
#
#$REALM_NAME=ApplicationRealm$ This line is used by the add-user utility to identify the realm name already used in this file.
#

19
drools-framework-base-tools-parent/drools-framework-kie-wb-parent/kie-wb/src/main/docker/etc/standalone-full-drools.xml
View file

@ -20,6 +20,7 @@
<extension module="org.jboss.as.security" />
<extension module="org.jboss.as.transactions" />
<extension module="org.jboss.as.webservices" />
<extension module="org.keycloak.keycloak-adapter-subsystem" />
<extension module="org.jboss.as.weld" />
<extension module="org.wildfly.extension.batch.jberet" />
<extension module="org.wildfly.extension.bean-validation" />
@ -279,6 +280,7 @@
<realm name="ManagementRealm" role-decoder="groups-to-roles" />
<realm name="local" role-mapper="super-user-mapper" />
</security-domain>
</security-domains>
<security-realms>
<identity-realm name="local" identity="$local" />
@ -430,6 +432,18 @@
<jpa default-datasource="" default-extended-persistence-inheritance="DEEP" />
</subsystem>
<subsystem xmlns="urn:jboss:domain:jsf:1.1" />
<subsystem xmlns="urn:jboss:domain:keycloak:1.1">
<secure-deployment name="kie-wb.war">
<realm>demo</realm>
<resource>kie</resource>
<enable-basic-auth>true</enable-basic-auth>
<realm-public-key>MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQBLWufOyICqNgRYzZZU/RsoosuKCH7gCsP/dOnfb8t3EUcZrt6rKvn9uSyVfCjJ0EhZBsaQQXNuyildY3Nbbs4uVlRUtHGZoqbnMZfdP1kZTrSnVLS+ckP19UoIVMZUykXEih8jmtmvXKCqeuB81GUW0zrUDHR3QCGihp5XyuLKvprXl+m3zUL7HYWlT6gXgWLx4C8P2XOcuj+G7/FHZjEvNWCUMp4EslVxMcmLoYjMs1y8sisXrpFbeE6blvoSNXL1RGanMJt9oVW/sWVw94wILavmiCxtd1VsZbzXTdBM8kX0Ro2So7OJKWBmBdq0M7v5U4A8yhkJt+2QYA3VtwIDAQAB</realm-public-key>
<auth-server-url>http://host.docker:10080/auth</auth-server-url>
<ssl-required>external</ssl-required>
<principal-attribute>preferred_username</principal-attribute>
<credential name="secret">dd7fc22d-ba01-4387-b68a-316b12a741e8</credential>
</secure-deployment>
</subsystem>
<subsystem xmlns="urn:jboss:domain:jsr77:1.0" />
<subsystem xmlns="urn:jboss:domain:mail:3.0">
<mail-session name="default" jndi-name="java:jboss/mail/Default">
@ -507,6 +521,11 @@
<policy-module code="Delegating" flag="required" />
</authorization>
</security-domain>
<security-domain name="keycloak">
<authentication>
<login-module code="org.keycloak.adapters.jboss.KeycloakLoginModule" flag="required" />
</authentication>
</security-domain>
</security-domains>
</subsystem>
<subsystem xmlns="urn:jboss:domain:security-manager:1.0">