<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">We’re casting as well. I think the only time a KeycloakSecurityContext is not a RefreshableKeycloakSecurityContext is when you make a request from one client to another. I agree the codebase could really be improved here to avoid the constant casts. I’m thinking of sending a PR to improve this.<div class=""><br class=""><div class=""><br class=""><div class="">
<div class="">Scott Rossillo</div><div class="">Smartling | Senior Software Engineer</div><div class=""><a href="mailto:srossillo@smartling.com" class="">srossillo@smartling.com</a></div><div class=""><br class=""></div><div class=""><a href="https://app.sigstr.com/uc/55e5d41c6533390d03580000" id="campaignblock" target="_blank" style="box-sizing: border-box; color: rgb(0, 75, 118); outline-offset: -2px; font-family: gesta, Arial, Helvetica, sans-serif; font-size: 14px; line-height: 20px; widows: 1; background-color: rgb(255, 255, 255); outline: 0px !important;" class=""><img alt="Latest News + Events" border="0" src="https://app.sigstr.com/uc/55e5d41c6533390d03580000/img" style="box-sizing: border-box; border: 0px; vertical-align: top; max-width: 100%; height: auto; width: inherit; color: blue; font-family: Helvetica; font-size: 12px;" class=""></a><span style="color: rgb(169, 169, 169); font-family: gesta, Arial, Helvetica, sans-serif; font-size: 14px; line-height: 20px; widows: 1; background-color: rgb(255, 255, 255);" class=""></span><div id="watermark" style="box-sizing: border-box; color: rgb(169, 169, 169); font-family: gesta, Arial, Helvetica, sans-serif; font-size: 14px; line-height: 20px; widows: 1; background-color: rgb(255, 255, 255);" class=""><a href="http://www.sigstr.com/" style="box-sizing: border-box; color: rgb(0, 124, 194); text-decoration: none; background-color: transparent; outline: 0px !important;" class=""><img alt="Powered by Sigstr" border="0" src="https://app.sigstr.com/uc/55e5d41c6533390d03580000/watermark" style="box-sizing: border-box; border: 0px; vertical-align: top; max-width: 100%; height: auto; width: inherit; color: rgb(99, 99, 99); font-family: Helvetica; font-size: 11px;" class=""></a></div></div>
</div>
<br class=""><div><blockquote type="cite" class=""><div class="">On Jan 6, 2016, at 4:51 AM, Thomas Raehalme <<a href="mailto:thomas.raehalme@aitiofinland.com" class="">thomas.raehalme@aitiofinland.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div dir="ltr" class=""><div class="gmail_extra"><div class="gmail_quote">On Wed, Jan 6, 2016 at 11:11 AM, Marek Posolda <span dir="ltr" class=""><<a href="mailto:mposolda@redhat.com" target="_blank" class="">mposolda@redhat.com</a>></span> wrote:<br class=""><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000" class="">
<div class="">Not sure, I am like 50/50 . I agree it
can simplify some scenarios when KeycloakDeployment is accessible
from KeycloakSecurityContext. On the other hand,
KeycloakDeployment exposes some info, which is not necessary to be
exposed in client apps. <br class=""></div></div></blockquote><div class=""><br class=""></div><div class="">I haven't really studied the details of KeycloakDeployment, but was under the impression that it just holds the data from keycloak.json with the addition of some client related info obtained from Keycloak. Is there anything that needs to be hidden from the client especially if the client can still obtain the object through RefreshableKeycloakSecurityContext?</div><div class=""><br class=""></div><div class="">What I was interested in was the accountUrl and resourceName so that I can provide a link to users to change their password. </div><div class=""> <br class=""></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div bgcolor="#FFFFFF" text="#000000" class=""><div class="">I think you can just cast KeycloakSecurityContext to
RefreshableKeycloakSecurityContext and get KeycloakDeployment from
there?<br class=""></div></div></blockquote><div class=""><br class=""></div><div class="">That's what I'm doing now, but I think it's more of a hack than a real solution.</div><div class=""><br class=""></div></div>
</div><div class="gmail_extra">Best regards,</div><div class="gmail_extra">Thomas</div></div>
_______________________________________________<br class="">keycloak-dev mailing list<br class=""><a href="mailto:keycloak-dev@lists.jboss.org" class="">keycloak-dev@lists.jboss.org</a><br class="">https://lists.jboss.org/mailman/listinfo/keycloak-dev</div></blockquote></div><br class=""></div></div></body></html>