Keycloak server embedded in a Spring Boot application with custom User Storage SPI

pola · May 7, 2020, 5:20pm

Hello,

I have managed to set up a Keycloak server embedded in a Spring Boot Application successfully, following this tutorial: Keycloak Embedded in a Spring Boot Application in order to avoid setting it up manually.

Since I am dealing with an old implementation that already has it’s own DB, I decided to use Keycloak’s User Storage SPI to connect to an external postgresql DB and use this for authentication instead of Keycloak DB.

To do this, I followed the tutorial on Keycloak documentation, but it envolves a standalone Keycloak server, creating a .jar with the custom provider and injecting it to <pathToKeycloak>/standalone/deployments/ .

I have created an implementation that works with a standalone Keycloak server, but now I want to include it to the embedded one. Is it possible to use a Keycloak server Embedded in a Spring Boot Application and also have an embedded custom User Storage Provider, to avoid setting up manually?

Sakethramvs · September 10, 2020, 11:57am

I’m looking for the same… Please do let me know if there is anything you found regarding this…

Also, I guess the spring data source configuration might do the job… Have you tried that?

schepuri-bisc · January 24, 2022, 8:04pm

Hello, I’m looking for a similar implementation. Could really use some feedback from your experience. Thanks

Shryne · June 24, 2022, 7:41am

A little late, but since I got to the same topic and found a solution:
Yes, it is possible. You just have to “merge” the spi code with the embedded Keycloak code. For example,
following the tutorial, you will have the following files:

--> src
  --> main
    --> java
      --> com...
        --> AuthorizationServerApp.java
        --> config
          --> EmbeddedKeycloakApplication.java
          --> EmbeddedKeycloakConfig.java
          --> EmbeddedKeycloakRequestFilter.java
          --> KeycloakServerProperties.java
          --> RegularJsonConfigProviderFactory.java
          --> Resteasy3Provider.java
          --> SimplePlatformProvider.java
    --> resources
      --> application.yml
      --> bealdung-realm.json
        --> META-INF
          --> keycloak-server.json
          --> services
            --> org.keycloak.common.util.ResteasyProvider
            --> org.keycloak.platform.PlatformProvider

(See spring-security-oauth/oauth-rest/oauth-authorization-server/src/main/java/com/baeldung/auth/config at master · Baeldung/spring-security-oauth · GitHub)

And following this tutorial: https://www.baeldung.com/java-keycloak-custom-user-providers you would have these files for your spi:

--> src
  --> main
    --> java
      --> com...
        --> CustomUser.java
        --> CustomUserStorageProvider.java
        --> CustomUserStorageProviderConstants.java
        --> CustomUserStorageProviderFactory.java
        --> DbUtil.java
    --> resources
     --> META-INF
       --> services
         --> org.keycloak.storage.UserStorageProviderFactory

The result merging them would be:

--> src
  --> main
    --> java
      --> com...
        --> AuthorizationServerApp.java
        --> spi
          --> CustomUser.java
          --> CustomUserStorageProvider.java
          --> CustomUserStorageProviderConstants.java
          --> CustomUserStorageProviderFactory.java
          --> DbUtil.java
        --> config
          --> EmbeddedKeycloakApplication.java
          --> EmbeddedKeycloakConfig.java
          --> EmbeddedKeycloakRequestFilter.java
          --> KeycloakServerProperties.java
          --> RegularJsonConfigProviderFactory.java
          --> Resteasy3Provider.java
          --> SimplePlatformProvider.java
    --> resources
      --> application.yml
      --> bealdung-realm.json
        --> META-INF
          --> keycloak-server.json
          --> services
            --> org.keycloak.common.util.ResteasyProvider
            --> org.keycloak.platform.PlatformProvider
            --> org.keycloak.storage.UserStorageProviderFactory

That’s all. Just add the spi files to the embedded keycloak code and you are done.

suchorski · February 20, 2023, 5:20pm

You can use this GitHub - suchorski/springboot-keycloak-server: Embeded Keycloak on Spring Boot Server and configure your jpa connection on properties file and keycloak-server.json

Topic		Replies	Views
Is it possible to implement Custom User Storage SPI and/or User-Federation with Docker? Getting advice identity-brokering , user-federation , ldap	0	816	February 21, 2022
Keycloak embedded in spring boot official docs Getting advice	3	2750	January 27, 2025
Custom Storage SPI with Hibernate Getting advice user-federation	3	2477	September 27, 2022
Will embedded KeyCloak Server do the job? Getting advice oidc	0	782	February 11, 2021
How to integrate the existing local db user tables into keycloak UI ( 23.0.0 )	12	952	October 15, 2024

Keycloak server embedded in a Spring Boot application with custom User Storage SPI

Related topics