<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title></title><style type="text/css">.expressomail-body-blockquote {margin: 5px 10px 0 3px;padding-left: 10px;border-left: 2px solid #000088;} </style></head><body>Hi,<br><br><span id="result_box" class="" lang="en"><span class="hps">I created</span> <span class="hps">my</span> <span class="hps">custom</span> <span class="hps">valve to set</span> <span class="hps">my user principal</span> <span class="hps">in the security context</span><span>.</span> <span class="hps"><br>It would be</span> <span class="hps">possible to change the</span> <span class="hps">org.keycloak.subsystem.as7.KeycloakAdapterConfigDeploymentProcessor</span> <span class="hps">class so that</span> <span class="hps">the</span> custom valve<span class="hps">?</span><br><br> <span class="hps">I would like to</span> <span class="hps">be able</span> <span class="hps">to set</span> <span class="hps">my custom</span> <span class="hps">valve</span><span> and extends the keycloakValve.</span><br><br><span class="hps">Line</span> <span class="hps">93:</span> <span class="hps">valve.setValveClass</span> <span class="hps atn">(</span><span>KeycloakAuthenticatorValve.class.getName</span> <span class="hps atn">(</span><span>)</span><span>)</span><span>;</span><br>maybe change to config the valve in module.xml or other config file.<br><br> <span class="hps">Thanks.</span></span><br><br>Em 11/07/2015 05:59:55, Marek Posolda escreveu:<br><blockquote class="expressomail-body-blockquote">
<div class="moz-cite-prefix">Not sure why you need this. But maybe
easiest is to create just Http Servlet filter (this can be
configured in web.xml and doesn't use any tomcat/jboss-web
specific stuff) . In this filter, you will create
HttpServletRequestWrapper wrapping the original
HttpServletRequest, but you will override just the method
"getUserPrincipal" in your wrapper class. Here you can do any
hacking you want and return any principal instance you want. All
the data from Keycloak (KeycloakSecurityContext, AccessToken,
IDToken, original KeycloakPrincipal...) are already available in
the filter, so you can use them for create your own principal.<br>
<br>
Marek<br>
<br>
On 10.7.2015 21:02, Marcelo Arthur Sampaio wrote:<br>
</div>
<blockquote cite="mid:639500c89e16e56726f24084401e2a8720a41028@serpro.gov.br" type="cite">
<title></title>
<!--style type="text/css">.expressomail-body-blockquote {margin: 5px 10px 0 3px;padding-left: 10px;border-left: 2px solid #000088;} </style-->Hi,<br>
<br>
I need to implement my custom security Principal.<br>
What is the best way to do it in adapter for jboss eap.<br>
<br>
Create new adapter for my business extends
RefreshableKeycloakSecurityContext, KeycloakAuthenticatorValve and
set the new valve class in
KeycloakAdapterConfigDeploymentProcessor?<br>
<br>
I need to set new attributes in principal and get principal in the
SecurityContext.<br>
<br>
There is an other way?<br>
<br>
Thanks.<br>
<div>
-<br>
<br>
<br>
"Esta mensagem do SERVIÇO FEDERAL DE PROCESSAMENTO DE DADOS
(SERPRO), empresa pública federal regida pelo disposto na Lei
Federal nº 5.615, é enviada exclusivamente a seu destinatário e
pode conter informações confidenciais, protegidas por sigilo
profissional. Sua utilização desautorizada é ilegal e sujeita o
infrator às penas da lei. Se você a recebeu indevidamente,
queira, por gentileza, reenviá-la ao emitente, esclarecendo o
equívoco."<br>
<br>
"This message from SERVIÇO FEDERAL DE PROCESSAMENTO DE DADOS
(SERPRO) -- a government company established under Brazilian law
(5.615/70) -- is directed exclusively to its addressee and may
contain confidential data, protected under professional secrecy
rules. Its unauthorized use is illegal and may subject the
transgressor to the law's penalties. If you're not the
addressee, please send it back, elucidating the failure."<br>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
keycloak-dev mailing list
<a href="#" id="123:keycloak-dev@lists.jboss.org" class="tinebase-email-link">keycloak-dev@lists.jboss.org</a>
<a target="_blank" class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/keycloak-dev">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a></pre>
</blockquote>
<br>
</blockquote><br>
<DIV>
-<BR>
<BR>
<BR>
"Esta mensagem do SERVIÇO FEDERAL DE PROCESSAMENTO DE DADOS (SERPRO), empresa pública federal regida pelo disposto na Lei Federal nº 5.615, é enviada exclusivamente a seu destinatário e pode conter informações confidenciais, protegidas por sigilo profissional. Sua utilização desautorizada é ilegal e sujeita o infrator às penas da lei. Se você a recebeu indevidamente, queira, por gentileza, reenviá-la ao emitente, esclarecendo o equívoco."<BR>
<BR>
"This message from SERVIÇO FEDERAL DE PROCESSAMENTO DE DADOS (SERPRO) -- a government company established under Brazilian law (5.615/70) -- is directed exclusively to its addressee and may contain confidential data, protected under professional secrecy rules. Its unauthorized use is illegal and may subject the transgressor to the law's penalties. If you're not the addressee, please send it back, elucidating the failure."<BR>
</DIV></body></html>