[keycloak-user] How to get user details
Subodh Joshi
subodhcjoshi82 at gmail.com
Thu May 17 21:50:56 EDT 2018
Again your issue is you need password I think it's not possible to get
password . You have to change the logic in your application so those file
you want to access should be available by accesstoken.
On Thu, 17 May 2018, 18:50 valsaraj pv, <valsarajpv at gmail.com> wrote:
> Passing password is *not *recommended. What about other option?
> In my use case I need user password to decrypt keys (either do it on KC or
> in Java app). Keys are available in Keycloak through LDAP federation.
> So can we customize & return decrypted keys from Keyclock in IDToken?
> I have reached upto returning encrypted keys as user attribute which
> Keyclock supports out of the box.
> In addition to this, I need a decryption of keys using the password
> entered by user & then return in token (a little bit custom code required).
> I am looking how to customize for this.
>
> You can see similar scenario here as well:
> https://stackoverflow.com/questions/36512154/keycloak-how-to-get-current-user-password-or-store-encrypted-data
> .
>
>
> On Thu, May 17, 2018 at 6:25 PM, Subodh Joshi <subodhcjoshi82 at gmail.com>
> wrote:
>
>> Is this not true you are making things more complicated if your
>> successfully login,why again user password required ? Same user session
>> should enable
>> access the contents of the project.Getting password and then again
>> passing it to authenticate no one will recommend you and doing this also
>> not feasible.
>> Rather than you can use
>>
>>> tgtToken = securityContext.getTokenString();
>>>
>>
>> Some token to access the contents . Same way we are achieving things in
>> our production server
>> We have 2 web application one in JSF another in React and deployed in
>> different virtual machine and our own REST API deployed into another
>> machine even
>> different Jboss instance But all share same keycloak .So if we are doing
>> any rest call we will pass *TGTTOKEN *which will be verify by rest-api
>> through keycloak.
>> There are too many other things evolved but this is basic concept.
>>
>
>
>
> --
> Life is like this: "Just when we get all the answers of life.... God
> changes the question paper....
>
> Valsaraj Viswanathan
>
More information about the keycloak-user
mailing list