Re: Keycloak-fineract integration

Tue, 31 Oct 2023 06:26:19 -0700 

Hello Peter,

Thanks for the prompt response! Now all is working well.

Any idea if there is a docker image or how to adjust existing one to take into 
the consideration -Psecurity=oauth flag mentioned in the ./gradlew bootRun 
-Psecurity=oauth command into the docker image, I using fineract:latest docker 
image.

Thanks,
Abdullah

________________________________
From: Peter Bagrij <peter.bag...@dpc.hu>
Sent: Tuesday, October 31, 2023 08:23
To: dev@fineract.apache.org <dev@fineract.apache.org>
Cc: mifos-develo...@lists.sourceforge.net 
<mifos-develo...@lists.sourceforge.net>; mifos-us...@lists.sourceforge.net 
<mifos-us...@lists.sourceforge.net>
Subject: Re: Keycloak-fineract integration

Hi  Abdullah,

You may need to disable basic auth and enable oauth, please leave 2fa disabled 
as well. Here are the relevant props that need to be changed:

fineract.security.basicauth.enabled=${FINERACT_SECURITY_BASICAUTH_ENABLED:true}
fineract.security.oauth.enabled=${FINERACT_SECURITY_OAUTH_ENABLED:false}
fineract.security.2fa.enabled=${FINERACT_SECURITY_2FA_ENABLED:false}

Please also make sure that the issuer-uri is pointing to your keycloak.

spring.security.oauth2.resourceserver.jwt.issuer-uri=${FINERACT_SERVER_OAUTH_RESOURCE_URL:http://localhost:9000/auth/realms/fineract}

You can find an example on our CI/CD pipeline where we have integration tests 
which are using a mock oauth server. The mock oauth2 server is initialized 
here:  
https://github.com/apache/fineract/blob/71d2e51051397b23140c7b22f54f0db9f98287e2/.github/workflows/build-mysql.yml#L20-L26
And here you can see that the above application.properties are configured for 
the oauth integr tests: 
https://github.com/apache/fineract/blob/71d2e51051397b23140c7b22f54f0db9f98287e2/oauth2-tests/build.gradle#L60

Regards, Peter

On Mon, Oct 30, 2023 at 3:57 PM Abdullah Homsi 
<abdullah.ho...@gotocme.com<mailto:abdullah.ho...@gotocme.com>> wrote:
Hello Community,

Hope my email finds you well!

Can anyone please advise on the fineract application.properties values that are 
needed to be adjusted in order to complete the integration of key cloak with 
fineract, knowing that I have created the realm and client with mifos user and 
followed the listed steps in the following link :
https://github.com/apache/fineract/blob/develop/fineract-doc/src/docs/en/chapters/security/oauth.adoc

Thanks in advance,
Abdullah H

Reply via email to