[keycloak-user] WebSockets
Juraci Paixão Kröhling
juraci at kroehling.de
Wed Aug 5 10:20:32 EDT 2015
On 08/05/2015 03:39 PM, Marek Posolda wrote:
> Maybe it's
> possible the server will poll the client socket and ask for updated
> token from the client periodically. I am not sure about the possible and
> best option TBH (not have deep websocket knowledge)
It is possible, but that goes into the "invasive" approach, as it can be
done only with a message going from the server to the client. Doing this
at the Keycloak level means that the application has to know how to
handle (or discard) Keycloak-specific messages.
Honestly, the more I think about it, the more I realize that the best
solution would be to get an API from Keycloak that would allow me to
validate tokens and extract a principal from it, like what the Request
Authenticators do. Even better if this API could call me back from time
to time, so that my server part could ask the client part for a renewed
token. My client could then send this token in the next payload (not
necessarily a payload *only* with the token).
- Juca.
More information about the keycloak-user
mailing list