<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</head>
<body bgcolor="#FFFFFF" text="#000000">
In the case of a web application (e.g. Tomcat app secured by the
keycloak adapter) the web app might need to access details of the
authenticated user (e.g. full name or email).<br>
I've found that this information is available from the session like
this: <br>
<br>
<small><tt>KeycloakSecurityContext session =
(KeycloakSecurityContext)request.getAttribute(KeycloakSecurityContext.class.getName());</tt><tt><br>
</tt><tt>IDToken idToken = session.getIdToken();</tt><tt><br>
</tt><tt>String email = idToken.getEmail();</tt></small><br>
<br>
One issue with this is that all your web apps are tied to keycloak.<br>
<br>
Is this the right way to handle this?<br>
Are there alternatives?<br>
<br>
Tim<br>
<br>
</body>
</html>