[keycloak-user] (no subject)

Davide Ungari ungarida at gmail.com
Fri Nov 21 02:38:29 EST 2014 

Hi Bill,
I see you have pushed some changes.
Tell me as soon as you need me to test it.

Thank you,
Davide.


> Weird... I'm actually screwing around with writing a security proxy
> right now.  I just started like an hour or so ago so I'm not exactly
> sure...but I don't think you can implement this with the current
> codebase.  You need a Undertow only (no servlet) authentication
> mechanism and to set up the security handler chain correctly.  (See the
> BasicAuthServer example in Undertow).
> I should have something working in master by the end of the week.
> On 11/19/2014 6:33 PM, Davide Ungari wrote:
> >* Hi everybody,
> *>* this is the big picture:
> *>* a. frontend application with Undertow
> *>* b. backend application with Undertow and Resteasy for REST API
> *>
> >* Both are using Keycloak as SSO.
> *>
> >* I'm trying to configure a proxy from A to B in order to expose backend
> *>* API without CORS problems to the frontend.
> *>
> >* I asked support also to Undertow guys but the issue seems around the
> *>* integration of Keycloack in Undertow. My proxy is implemented like:
> *>
> >*                  final ProxyClient proxyClient = new
> *>* SimpleProxyClientProvider(new URI("http://localhost:8181 <http://localhost:8181/>
> *>* <http://localhost:8181/ <http://localhost:8181/>>"));
> *>*                  final ProxyHandler proxyHandler = new
> *>* ProxyHandler(proxyClient, servletHandler);
> *>*                  proxyHandler.addRequestHeader(new
> *>* HttpString("Authorization"), new ExchangeAttribute() {
> *>*                      @Override
> *>*                      public String readAttribute(HttpServerExchange
> *>* exchange) {
> *>*                          exchange.
> *>*                          RefreshableKeycloakSecurityContext context =
> *>* (RefreshableKeycloakSecurityContext) exchange.getSecurityContext();
> *>*                          return "Bearer " + context.getTokenString();
> *>*                      }
> *>
> >*                      @Override
> *>*                      public void writeAttribute(HttpServerExchange
> *>* exchange, String newValue) throws ReadOnlyAttributeException {
> *>*                          // TODO Auto-generated method stub
> *>*                      }
> *>*                  });
> *>
> >* The problem is that the exchange.getSecurityContext() is always null.
> *>* Any ideas?
> *>
> >* Thanks
> *>
> >
> >
> >* --
> *>* Davide
> *>
> >
> >* _______________________________________________
> *>* keycloak-user mailing list
> *>* keycloak-user at lists.jboss.org <https://lists.jboss.org/mailman/listinfo/keycloak-user>
> *>* https://lists.jboss.org/mailman/listinfo/keycloak-user <https://lists.jboss.org/mailman/listinfo/keycloak-user>
> *>
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20141121/695f7c7f/attachment.html

More information about the keycloak-user mailing list