Technical references : Administration : Single Sign-On Planon Web Client : Tomcat Keycloack adapter : Configuring the web server
Configuring the web server
To make the Planon ProCenter Web application available for SSO, adapt the following files located in:
…\Server\tomcat-*\conf\Catalina\localhost
1. Open Webclient.xml and remove:
a. the PnMessageFormAuthenticator valve.
2. Add the following valve above the trustedServiceKeystore parameter:
<Valve className="nl.planon.tomcat.keycloak.KeycloakAuthenticatorValve"/> <Parameter name="keycloak.config.file" value="AbsolutePath/Server/tomcat-*/keycloak.json" />
3. Open Root.xml and remove:
a. the ForgotPasswordLoginValve valve.
b. the PnMessageFormAuthenticator valve.
4. Add the following valve above the ExcludingRoleValve valve:
<Valve className="nl.planon.tomcat.keycloak.KeycloakAuthenticatorValve"/> <Parameter name="keycloak.config.file" value="AbsolutePath/Server/tomcat-*/keycloak.json" />
5. Open sc.xml and remove:
a. the PnMessageFormAuthenticator valve or the BasicAuthenticator.
6. Add the following valve above the ExcludingRoleValve valve:
<Valve className="nl.planon.tomcat.keycloak.KeycloakAuthenticatorValve"/> <Parameter name="keycloak.config.file" value="AbsolutePath/Server/tomcat-*/conf/keycloak.json" />