[keycloak-user] How touser Servlet OAuth Client

Thu Apr 23 09:35:14 EDT 2015

Hi,
I wonder that the Servlet OAuth Client won't propagate authentication to
wildfy EJB layer... Am I wrong ?
Jérôme.

Le mar. 21 avr. 2015 à 18:13, Marek Posolda <mposolda at redhat.com> a écrit :

>  You can take a look at our examples for how to use ServletOAuthClient.
> Hopefully it could help with your usecase:
>
> https://github.com/keycloak/keycloak/tree/master/examples/demo-template/third-party
>
> https://github.com/keycloak/keycloak/tree/master/examples/demo-template/third-party-cdi
>
> Marek
>
>
> On 21.4.2015 12:14, Jérôme Blanchard wrote:
>
>    Hi all,
>
>  I'm trying to protect a servlet application which can be accessed either
> as anonymous user and as authenticated user. Some resources are protected
> and my application takes in charge the access control (not role based) so I
> can't use the war protection using role user constraint.
>  In this case I've removed the role constraint in the web.xml and the
> keycloak wildfly (undertow) adapter let me access the application as
> unauthentified user (anonymous) which is perfect.
>  What I want to handle on some AccessDeniedException is to redirect the
> user to the authentication server manually. In this case, user authentified
> an come back to the protected URL but is no more anonymous but a
> authentified user.
>  Is ther is a way to handle this redirection to the authentication server
> manually (I don't know where to store the state variable allowing keycloak
> wildfly adapter to handle properly the auth redirect that include the code).
>
>  Best regards, Jérôme.
>
>
> _______________________________________________
> keycloak-user mailing listkeycloak-user at lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150423/9828edb8/attachment.html 