[keycloak-user] Keycloak Adapter without web.xml security-constraint
Scott Rossillo
srossillo at smartling.com
Fri Apr 17 17:14:57 EDT 2015
I could work around that for interactive logins, but it wouldn’t work for
application to application requests. Do you have any pointers on where I
could start to manually trigger the adapter?
Do you think it’s a reasonable requirement to have the application
determine if the adapter should be triggered? I feel it’s necessary for
integration with applications that have to support more than one
authentication mechanism.
Let me know.
Thanks in advance,
Scott
On Fri, Apr 17, 2015 at 4:46 PM, Bill Burke <bburke at redhat.com> wrote:
> Our adapters need a security constraint or they won't be triggered.
>
> On 4/17/2015 4:34 PM, Scott Rossillo wrote:
> > When using a security mechanism, such as Spring Security, it’s possible
> > that multiple security mechanisms are in place or that only parts of an
> > application are secured via Keycloak, not a blanket path (e.g. /api/*).
> >
> > What I’m trying to do is use the Spring’s authentication entrypoint to
> > direct to Keycloak (this part work somewhat) and have the Keycloak
> > adapter pick up from there (not working).
> >
> > What’s the best way to handle this?
> >
> > Thanks,
> > Scott
> >
> >
> >
> >
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
>
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150417/8c63b41f/attachment.html
More information about the keycloak-user
mailing list