<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 14.4.2014 09:18, Davide Ungari
wrote:<br>
</div>
<blockquote
cite="mid:CA+TL3n3XJdW6t6SuD_KnnL7xVZqDyhDsG7xdXSDmTgBJcG+hkw@mail.gmail.com"
type="cite">
<div dir="ltr">Hi Marek,
<div>I worked on it during the weekend.</div>
<div><br>
</div>
<div>Now my problem is <span
style="font-family:arial,sans-serif;font-size:13px">the
header like: Authorization: Bearer <your_access_token>
.</span></div>
<div><span style="font-family:arial,sans-serif;font-size:13px"><br>
</span></div>
<div><font face="arial, sans-serif">I'm running the frontend on
Tomcat, I made an adapter for it <a moz-do-not-send="true"
href="https://github.com/ungarida/keycloak/">https://github.com/ungarida/keycloak/</a>,
I adapted AS7.</font></div>
<div><font face="arial, sans-serif"><br>
</font></div>
<div><font face="arial, sans-serif">Now I can not figure out how
to retrieve the access token to include it in the JS that
call the JAX-RS service.</font></div>
</div>
</blockquote>
<font face="arial, sans-serif">If your frontend is JEE application,
then you can use something like this example is doing
<a class="moz-txt-link-freetext" href="https://github.com/keycloak/keycloak/blob/master/examples/demo-template/customer-app/src/main/java/org/keycloak/example/CustomerDatabaseClient.java#L46">https://github.com/keycloak/keycloak/blob/master/examples/demo-template/customer-app/src/main/java/org/keycloak/example/CustomerDatabaseClient.java#L46</a>
. Note that </font><span class="n">KeycloakSecurityContext is
added automatically to request by the adapter of your frontend
application (In this case customer-portal application, which is
just simple servlet JEE application). So you need to make sure
that your Tomcat adapter is adding it as well.<br>
<br>
You can take a deeper look at existing examples and try them on
AS7 for inspiration. I think that your Tomcat adapter should be
quite similar to the already existing AS7 adapter as AS7 is using
jboss-web, which is defacto Tomcat stuff<span
class="moz-smiley-s1"><span> :-) </span></span><br>
<br>
Marek<br>
</span>
<blockquote
cite="mid:CA+TL3n3XJdW6t6SuD_KnnL7xVZqDyhDsG7xdXSDmTgBJcG+hkw@mail.gmail.com"
type="cite">
<div dir="ltr">
<div><br>
</div>
<div><br>
</div>
</div>
<div class="gmail_extra"><br clear="all">
<div>
<div>--</div>
Davide</div>
<br>
<br>
<div class="gmail_quote">On Mon, Apr 14, 2014 at 8:44 AM, Marek
Posolda <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:mposolda@redhat.com" target="_blank">mposolda@redhat.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>Hi Davide,<br>
<br>
I think that this exactly is already addressed by our
examples. You can take a look especially at this example
<a moz-do-not-send="true"
href="https://github.com/keycloak/keycloak/tree/master/examples/demo-template/database-service"
target="_blank">https://github.com/keycloak/keycloak/tree/master/examples/demo-template/database-service</a>
which is JAX-RS service service based on resteasy, which
requires Bearer token authentication, so all requests
sent to it from "frontend" applications like
"customer-portal" or "product-portal" need to contain
header like: Authorization: Bearer
<your_access_token> .<br>
<br>
You can try existing set of examples to see how it all
works together. See instructions in README files under <a
moz-do-not-send="true"
href="https://github.com/keycloak/keycloak/tree/master/examples/demo-template"
target="_blank">https://github.com/keycloak/keycloak/tree/master/examples/demo-template</a><br>
<br>
Marek
<div>
<div class="h5"><br>
<br>
On 12.4.2014 10:58, Davide Ungari wrote:<br>
</div>
</div>
</div>
<blockquote type="cite">
<div>
<div class="h5">
<div dir="ltr">Hi everybody,
<div>I configured keycloak with mongodb,<br>
<div>then I secured frontend on Tomcat making an
adapter.</div>
<div><br>
</div>
<div>I need to secure backend, it is an JAX-RS
service based on resteasy and running on
undertow.</div>
<div><br>
</div>
<div>I do not use EJB so I need some help to
figure out the best way to implement security
with keycloak in my scenario.</div>
<div><br>
</div>
<div>Suggestions?</div>
<div><br clear="all">
<div>
<div>--</div>
Davide</div>
</div>
</div>
</div>
<br>
<fieldset></fieldset>
<br>
</div>
</div>
<pre>_______________________________________________
keycloak-user mailing list
<a moz-do-not-send="true" href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a>
<a moz-do-not-send="true" href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>
</blockquote>
<br>
</div>
</blockquote>
</div>
<br>
</div>
</blockquote>
<br>
</body>
</html>