<div dir="ltr">Hi Bill,<div><br></div><div>Thanks a lot for the quick response. Just one more query on the webservice side.</div><div><br></div><div>As per the instruction , I made the webservice access type as bearer.</div><div><br></div><div>Lets say. I have a service called <a href="http://localhost:8082/candidates/">http://localhost:8082/candidates/</a>.</div><div><br></div><div>This in turn has many webservice operation such as</div><div>post: <a href="http://localhost:8082/candidates/{candidate}">http://localhost:8082/candidates/{candidate}</a></div><div>put: <a href="http://localhost:8082/candidates/candidate/{id}">http://localhost:8082/candidates/candidate/{id}</a> </div><div>get:<a href="http://localhost:8082/candidates/candidate/{id}">http://localhost:8082/candidates/candidate/{id}</a>.</div><div><br></div><div>after a successful token verification:</div><div><div> HttpGet get = new HttpGet(AdapterUtils.getOriginForRestCalls(req.getRequestURL().toString(), session) + "/candidate/{some id}");</div><div> get.addHeader("Authorization", "Bearer " + session.getTokenString());</div><div> try {</div><div> HttpResponse response = client.execute(get);</div><div> if (response.getStatusLine().getStatusCode() != 200) {</div><div> throw new Failure(response.getStatusLine().getStatusCode());</div><div> }</div><div> HttpEntity entity = response.getEntity();</div><div> InputStream is = entity.getContent();</div><div> try {</div><div> // return JsonSerialization.readValue(is, String.class);</div><div> <span class="Apple-tab-span" style="white-space:pre">        </span>return "hello";</div><div> } finally {</div><div> is.close();</div><div> }</div></div><div><br></div><div>do i need to further authenticate each call via the same method for other restful call.</div><div><br></div><div>Do we have any option where in we can say authenticate once and go ahead with multiple webservice call without further token verification.</div><div><br></div><div>Regards,</div><div>Satya.</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Aug 4, 2015 at 7:25 PM, Bill Burke <span dir="ltr"><<a href="mailto:bburke@redhat.com" target="_blank">bburke@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class=""><br>
<br>
On 8/4/2015 9:48 AM, Satyajit Das wrote:<br>
> Hi Team,<br>
><br>
> Kindly respond to the below queries.<br>
><br>
> 1)What is the limit to the number of realms, roles per realm, and users<br>
> per realm or users per role in key cloak.<br>
><br>
<br>
</span>We haven't really tested the limits. Should be pretty large. I know<br>
one keycloak user has a database of around 1 million users.<br>
<span class=""><br>
> 2)what is the expire time of a token id generated in key<br>
> cloak.(session.getTokenString()).<br>
><br>
<br>
</span>Its configurable in admin console<br>
<span class=""><br>
> 3) is there any authentication done after successfull login ,if I visit<br>
> subsequent pages.<br>
><br>
<br>
</span>Do you mean is there any authentication with the Keycloak server?<br>
Once a user is logged in, they do not see any more authentication<br>
screens. Once you visit one application, you are authenticated for that<br>
application. If you visit another application, you are redirected to<br>
keycloak auth server, auth server will validate the SSO cookie, then<br>
generate a token for the aplication and send you back there.<br>
<span class="HOEnZb"><font color="#888888"><br>
<br>
<br>
<br>
--<br>
Bill Burke<br>
JBoss, a division of Red Hat<br>
<a href="http://bill.burkecentral.com" rel="noreferrer" target="_blank">http://bill.burkecentral.com</a><br>
_______________________________________________<br>
keycloak-dev mailing list<br>
<a href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a><br>
</font></span></blockquote></div><br></div>