The project and code for the application you are going to secure is available in Keycloak Quickstarts Repository. You will need the following installed on your machine and available in your PATH before you can continue:

You can obtain the code by cloning the repository at https://github.com/keycloak/keycloak-quickstarts. Use the branch matching the version of Red Hat Single Sign-On in use. Follow these steps to download the code, build it, and deploy it. Make sure your Wildfly application server is started before you run these steps.

You should see some text scroll down in the application server console window. After the application is successfully deployed go to:

http://localhost:8080/vanilla

If you open up the application’s web.xml file you would see that the application is secured via BASIC authentication. If you click on the login button on the login page, the browser will pop up a BASIC auth login dialog.

The application is not secured by any identity provider, so anything you enter in the dialog box will result in a Forbidden message being sent back by the server. The next section describes how you can take this deployed application and secure it.