[keycloak-user] Securing war project with webservice (JAX-WS) using keycloak.
Pedro Igor Silva
psilva at redhat.com
Mon Feb 23 08:44:58 EST 2015
It is possible, but you would need to write some code in order to protect your soap endpoints based on KC tokens.
Basically, what you need is a JAX-WS handler on the server that knows how to extract a token from a WS-Security header. Once you have the token you may use KC's API to validate it or even invoke a specific REST endpoint in a KC instance.
What PicketLink STS provides is a WS-Trust compliant Security Token Service. Which is basically a JAX-WS endpoint that uses WS-Trust to issue/renew/validate/revoke SAML assertions. Although it is flexible enough to support other types of tokens as well. It also provides some OOTB client and server side components that you can use to protect SOAP endpoints.
I think we can consider this as a RFE in order to support OOTB protection for soap endpoints based on JAX-WS.
----- Original Message -----
From: "Emil Posmyk" <emil.posmyk at gmail.com>
To: keycloak-user at lists.jboss.org
Sent: Friday, February 20, 2015 4:40:15 AM
Subject: [keycloak-user] Securing war project with webservice (JAX-WS) using keycloak.
It is possible to secure project with webservice using keycloak ? I saw Picketlink STS but I'm not sure it's the best solution becouse this is SAML.
keycloak-user mailing list
keycloak-user at lists.jboss.org
More information about the keycloak-user