- Docker with docker-compose
- Node.js for Testing
- Start containers:
docker-compose up -d- Open Admin-Console
User: admin, Password: admin (same as in docker-compose.yml, should be changed)
- Configure Keycloak
-
Create a realm -
hse -
Create a client -
node(Client Protocol: saml) -
Configure client
nodesettings:- Valid Redirect URIs: http://localhost:8100/*
- Master SAML Processing URL: http://localhost:8100/login/callback
- Save settings
-
Get/Save XML-File from http://localhost:8080/auth/realms/hse/protocol/saml/descriptor
- Save Content of
<ds:X509Certificate>to<projectdir>/certs/idp_cert.pem
- Save Content of
-
Goto SAML Keys, Export, Archive Format: PKCS12, example password "1234",
- Downloaded result:
keystore.p12
- Downloaded result:
- Extract Key and Cert from
keystore.p12
These keys/certs are stored in <projectdir>/certs
mkdir certs
openssl pkcs12 -in keystore.p12 -nocerts -out certs/privateKey.pem -passin pass:"1234"Remove Password from Private Key
openssl rsa -in certs/privateKey.pem -out certs/key.pem -passin pass:"1234"Extract server public key
openssl pkcs12 -in keystore.p12 -clcerts -nokeys -out certs/server.crt
-
Add users (see Manage Users)
-
Login to Keycloak as User
-
User Login: http://localhost:8080/auth/realms/hse/account/
-
Save user name, password
-
Sign out
- Open WebApp: http://localhost:8100/
-
Install Node.js with npm (https://nodejs.org/en/)
-
In project directory:
# install node dependancies
npm i
# start node web server
node app.js
-
Click Login - Keycloak Login-Page should open
-
Login as User - Redirect to http://localhost:8100/saml
SUCCESS!
Node/Express-App from https://codeburst.io/keycloak-and-express-7c71693d507a
https://www.keycloak.org/docs/latest/getting_started/index.html