[keycloak-user] Authentication throw a proxy on Undertow

Stian Thorgersen stian at redhat.com
Wed Jan 28 02:25:05 EST 2015 

No, 1.0.5.Final is only a fix for EAP 6.4 Beta.

----- Original Message -----
> From: "Davide Ungari" <ungarida at gmail.com>
> To: keycloak-user at lists.jboss.org
> Sent: Tuesday, January 27, 2015 9:46:33 PM
> Subject: Re: [keycloak-user] Authentication throw a proxy on Undertow
> 
> Hi everybody,
> I saw release 1.0.5.Final.
> 
> There is somenthing usefull for my usecase?
> 
> Il giorno Fri Nov 21 2014 at 8:47:21 AM Davide Ungari < ungarida at gmail.com >
> ha scritto:
> 
> 
> 
> Hi Bill,
> I see you have pushed some changes.
> Tell me as soon as you need me to test it.
> 
> Thank you,
> Davide.
> 
> 
> Weird... I'm actually screwing around with writing a security proxy
> right now.  I just started like an hour or so ago so I'm not exactly
> sure...but I don't think you can implement this with the current
> codebase.  You need a Undertow only (no servlet) authentication
> mechanism and to set up the security handler chain correctly.  (See the
> BasicAuthServer example in Undertow).
> I should have something working in master by the end of the week.
> On 11/19/2014 6:33 PM, Davide Ungari wrote:
> 
> 
> 
> > Hi everybody, > this is the big picture: > a. frontend application with
> > Undertow > b. backend application with Undertow and Resteasy for REST API
> > >
> > Both are using Keycloak as SSO. >
> > I'm trying to configure a proxy from A to B in order to expose backend >
> > API without CORS problems to the frontend. >
> > I asked support also to Undertow guys but the issue seems around the >
> > integration of Keycloack in Undertow. My proxy is implemented like: >
> > final ProxyClient proxyClient = new > SimpleProxyClientProvider(new URI("
> > http://localhost:8181
> 
> 
> > < http://localhost:8181/ >"));
> 
> 
> > final ProxyHandler proxyHandler = new > ProxyHandler(proxyClient,
> > servletHandler); > proxyHandler.addRequestHeader(new >
> > HttpString("Authorization"), new ExchangeAttribute() { > @Override >
> > public String readAttribute(HttpServerExchange > exchange) { > exchange. >
> > RefreshableKeycloakSecurityContext context = >
> > (RefreshableKeycloakSecurityContext) exchange.getSecurityContext(); >
> > return "Bearer " + context.getTokenString(); > } >
> > @Override > public void writeAttribute(HttpServerExchange > exchange,
> > String newValue) throws ReadOnlyAttributeException { > // TODO
> > Auto-generated method stub > } > }); >
> > The problem is that the exchange.getSecurityContext() is always null. > Any
> > ideas? >
> > Thanks >
> > 
> > 
> > -- > Davide >
> > 
> 
> 
> > _______________________________________________ > keycloak-user mailing
> > list > keycloak-user at lists.jboss.org >
> > https://lists.jboss.org/mailman/listinfo/keycloak-user >
> --
> 
> 
> 
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
> 
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

More information about the keycloak-user mailing list