[keycloak-user] security question
Benjamin garcia
benjamin.garcia at protonmail.com
Mon Jan 8 08:21:13 EST 2018
Hello,
I would like to use keycloack on my architechture, but I have (maybe) an issue in my design :
I have 3 applications :
- angularjs apps for the frontend
- a scalatra API to reponse to frontend throw http and which ask springboot app some datas,
- a springboot app for crud request on databases.
I would like to transfert bearer authentication from the front to springboot app throw scalatra API to ensure that request send on DB is from the right user. I don't really sure that's the right use case. Because, in my mind, If I use keycloack, it's to not modify some part of my code base with security knowledge. But in this use case, I'm mandatory to give jwt token on all my stak (which is not really cool).
Does somebody kown if I can do that or if it exist a better way?
Regards
Benjamin Garcia
More information about the keycloak-user
mailing list