[Apiman-user] Plugins page stack trace - APIMan 1.2.1 on PostgreSQL 9.5
Eric Wittmann
eric.wittmann at redhat.com
Fri Jan 29 08:14:57 EST 2016
Thanks for the full stack trace - I'll have a look at this asap.
What version of postgres are you using?
Regarding security, we use KeyCloak in two different ways. The first is
to secure apiman itself (e.g. so you can log into the UI). The second
as the OAuth provider when protecting managed APIs. In order to enable
OAuth for an API managed by apiman, you need to add the Keycloak OAuth
policy to it.
Note that we could, for example, switch to using something *else* for
securing apiman, such as JAAS or CAS. Even if we did that, we would
still support using KeyCloak to secure managed endpoints via OAuth.
I hope that makes sense.
-Eric
On 1/28/2016 11:45 PM, Guy Davis wrote:
> Good day,
>
> I was hoping to follow the recently published steps
> <http://www.apiman.io/blog/gateway/security/oauth2/keycloak/authentication/authorization/1.2.x/2016/01/22/keycloak-oauth2-redux.html>
> for using Keycloak to OAuth protect an API with APIMan. I already have
> the backend API (war file) protected by Keycloak directly.
>
> When I click on the 'Manage Plugins' link:
> Inline image 1
>
> I receive the error shown (full trace attached):
> Inline image 2
>
> Any tips on which Postgres table/column is the problem?
>
> At a higher level, I'm not sure I understand the blog post however.
> I've already protecting the various apiman *war files and their
> endpoints with Keycloak's authentication behavior (default is OpenID
> Connect). So if the APIMan endpoints are protected already, what does
> the OAuth policy provide further? Any clarification on the integration
> points between Keycloak and APIMan would be appreciated.
>
> Thanks much,
> Guy
>
>
> _______________________________________________
> Apiman-user mailing list
> Apiman-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/apiman-user
>
More information about the Apiman-user
mailing list