<div dir="ltr"><div><div class="gmail_quote"><div dir="ltr"><pre style="color:rgb(0,0,0)"><div>Hi Bill,</div><div>I see you have pushed some changes.</div><div>Tell me as soon as you need me to test it.</div><div><br></div><div>Thank you,</div><div>Davide.</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">Weird... I'm actually screwing around with writing a security proxy <br>right now. I just started like an hour or so ago so I'm not exactly <br>sure...but I don't think you can implement this with the current <br>codebase. You need a Undertow only (no servlet) authentication <br>mechanism and to set up the security handler chain correctly. (See the <br>BasicAuthServer example in Undertow).
I should have something working in master by the end of the week.
On 11/19/2014 6:33 PM, Davide Ungari wrote:<br>><i> Hi everybody,
</i>><i> this is the big picture:
</i>><i> a. frontend application with Undertow
</i>><i> b. backend application with Undertow and Resteasy for REST API
</i>><br>><i> Both are using Keycloak as SSO.
</i>><br>><i> I'm trying to configure a proxy from A to B in order to expose backend
</i>><i> API without CORS problems to the frontend.
</i>><br>><i> I asked support also to Undertow guys but the issue seems around the
</i>><i> integration of Keycloack in Undertow. My proxy is implemented like:
</i>><br>><i> final ProxyClient proxyClient = new
</i>><i> SimpleProxyClientProvider(new URI("<a href="http://localhost:8181/" target="_blank">http://localhost:8181</a>
</i>><i> <<a href="http://localhost:8181/" target="_blank">http://localhost:8181/</a>>"));
</i>><i> final ProxyHandler proxyHandler = new
</i>><i> ProxyHandler(proxyClient, servletHandler);
</i>><i> proxyHandler.addRequestHeader(new
</i>><i> HttpString("Authorization"), new ExchangeAttribute() {
</i>><i> @Override
</i>><i> public String readAttribute(HttpServerExchange
</i>><i> exchange) {
</i>><i> exchange.
</i>><i> RefreshableKeycloakSecurityContext context =
</i>><i> (RefreshableKeycloakSecurityContext) exchange.getSecurityContext();
</i>><i> return "Bearer " + context.getTokenString();
</i>><i> }
</i>><br>><i> @Override
</i>><i> public void writeAttribute(HttpServerExchange
</i>><i> exchange, String newValue) throws ReadOnlyAttributeException {
</i>><i> // TODO Auto-generated method stub
</i>><i> }
</i>><i> });
</i>><br>><i> The problem is that the exchange.getSecurityContext() is always null.
</i>><i> Any ideas?
</i>><br>><i> Thanks
</i>><br>><br>><br>><i> --
</i>><i> Davide
</i>><br>><br>><i> _______________________________________________
</i>><i> keycloak-user mailing list
</i>><i> <a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">keycloak-user at lists.jboss.org</a>
</i>><i> <a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a>
</i>>
-- <span class=""><font color="#888888"><br>Bill Burke<br>JBoss, a division of Red Hat<br><a href="http://bill.burkecentral.com/" target="_blank">http://bill.burkecentral.com</a></font></span></blockquote></pre></div></div></div></div>