[keycloak-user] Authentication throw a proxy on Undertow

Davide Ungari ungarida at gmail.com
Tue Jan 27 15:46:33 EST 2015


Hi everybody,
I saw release 1.0.5.Final.

There is somenthing usefull for my usecase?

Il giorno Fri Nov 21 2014 at 8:47:21 AM Davide Ungari <ungarida at gmail.com>
ha scritto:

> Hi Bill,
> I see you have pushed some changes.
> Tell me as soon as you need me to test it.
>
> Thank you,
> Davide.
>
>
>> Weird... I'm actually screwing around with writing a security proxy
>> right now.  I just started like an hour or so ago so I'm not exactly
>> sure...but I don't think you can implement this with the current
>> codebase.  You need a Undertow only (no servlet) authentication
>> mechanism and to set up the security handler chain correctly.  (See the
>> BasicAuthServer example in Undertow).
>> I should have something working in master by the end of the week.
>> On 11/19/2014 6:33 PM, Davide Ungari wrote:
>
>
>> >* Hi everybody,
>> *>* this is the big picture:
>> *>* a. frontend application with Undertow
>> *>* b. backend application with Undertow and Resteasy for REST API
>> *>
>> >* Both are using Keycloak as SSO.
>> *>
>> >* I'm trying to configure a proxy from A to B in order to expose backend
>> *>* API without CORS problems to the frontend.
>> *>
>> >* I asked support also to Undertow guys but the issue seems around the
>> *>* integration of Keycloack in Undertow. My proxy is implemented like:
>> *>
>> >*                  final ProxyClient proxyClient = new
>> *>* SimpleProxyClientProvider(new URI("http://localhost:8181 <http://localhost:8181/>
>> *
>
> >* <http://localhost:8181/ <http://localhost:8181/>>"));
>> *
>
> >*                  final ProxyHandler proxyHandler = new
>> *>* ProxyHandler(proxyClient, servletHandler);
>> *>*                  proxyHandler.addRequestHeader(new
>> *>* HttpString("Authorization"), new ExchangeAttribute() {
>> *>*                      @Override
>> *>*                      public String readAttribute(HttpServerExchange
>> *>* exchange) {
>> *>*                          exchange.
>> *>*                          RefreshableKeycloakSecurityContext context =
>> *>* (RefreshableKeycloakSecurityContext) exchange.getSecurityContext();
>> *>*                          return "Bearer " + context.getTokenString();
>> *>*                      }
>> *>
>> >*                      @Override
>> *>*                      public void writeAttribute(HttpServerExchange
>> *>* exchange, String newValue) throws ReadOnlyAttributeException {
>> *>*                          // TODO Auto-generated method stub
>> *>*                      }
>> *>*                  });
>> *>
>> >* The problem is that the exchange.getSecurityContext() is always null.
>> *>* Any ideas?
>> *>
>> >* Thanks
>> *>
>> >
>> >
>> >* --
>> *>* Davide
>> *>
>> >
>>
> >* _______________________________________________
>> *>* keycloak-user mailing list
>> *>* keycloak-user at lists.jboss.org <https://lists.jboss.org/mailman/listinfo/keycloak-user>
>> *>* https://lists.jboss.org/mailman/listinfo/keycloak-user <https://lists.jboss.org/mailman/listinfo/keycloak-user>
>> *>
>> --
>
>
>> Bill Burke
>> JBoss, a division of Red Hat
>> http://bill.burkecentral.com
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150127/358b5ea2/attachment.html 


More information about the keycloak-user mailing list