[keycloak-user] Accessing authenticated user's details
Tim Dudgeon
tdudgeon.ml at gmail.com
Mon Oct 26 04:52:10 EDT 2015
Wondered if anyone had any thoughts on this?
On 21/10/2015 12:04, Tim Dudgeon wrote:
> In the case of a web application (e.g. Tomcat app secured by the
> keycloak adapter) the web app might need to access details of the
> authenticated user (e.g. full name or email).
> I've found that this information is available from the session like this:
>
> KeycloakSecurityContext session =
> (KeycloakSecurityContext)request.getAttribute(KeycloakSecurityContext.class.getName());
> IDToken idToken = session.getIdToken();
> String email = idToken.getEmail();
>
> One issue with this is that all your web apps are tied to keycloak.
>
> Is this the right way to handle this?
> Are there alternatives?
>
> Tim
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20151026/be776869/attachment.html
More information about the keycloak-user
mailing list