<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=windows-1252">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p>Hi all,<br>
</p>
<p>We're building a microservice based architecture in which all the
services share the SSO point which is a keycloak server. Services
are Spring Boot based and we're using the Spring Security keycloak
adapter in order to manage our security configuration. We've got
some backend services and the one dealing with the frontend, which
is based in JSF. <br>
</p>
<p>-------------------------
---------------------------------<br>
- JSF UI service - ------> - Equipment service -<br>
-------------------------
---------------------------------<br>
</p>
<p>We can access all the Equipment Service endpoints properly using
the KeycloakRestTemplate. Problem comes when JSF renders a direct
link to a back end endpoint like that: `<img
src=<a class="moz-txt-link-rfc2396E" href="http://localhost:8085/equipment/1/files/main">"http://localhost:8085/equipment/1/files/main"</a> />`. As our
JSF service is being executed in other port, the browser seems not
to have access to the image and 401 UNAUTHORIZED code is returned.
However, copying the link in the browser bar we can display the
image (that's correct because both services are in the same realm
and no further security is involved).</p>
<p>I've already implemented a solution which implies pointing the
src attribute to the JSF UI service and from there, loading the
resource using the KeycloakRestTemplate (kind of proxy). But it
seems strange for a user not being able to load the resource of
the equipment service directly (that could be because no
authorization header is sent when the browser requests the extra
resources). Is there any other workaround for this?<br>
</p>
<p><br>
</p>
<div class="moz-signature">-- <br>
<meta http-equiv="content-type" content="text/html;
charset=windows-1252">
<div class="moz-signature">
<table style="cellspadding: 0; width: 600; align: left;
border-collapse: collapse;">
<tbody>
<tr>
<td style="border-bottom-width: 1px; border-bottom-style:
solid; border-bottom-color: #989898;"> <span
style="font-weight:bold">Aritz Maeztu Otaņo</span><br>
<span style="font-size: 12px;">Departamento Desarrollo
de Software</span> </td>
<td style="border-bottom-width: 1px; border-bottom-style:
solid; border-bottom-color: #989898; padding-left:
20px;"> <a target="_blank"
href="https://www.linkedin.com/profile/preview?vpa=pub&locale=es_ES">
<img src="cid:part1.787EFB87.B4A32E28@tesicnor.com"
border="0">
<!--<img src="linkdin.gif" border="0" />--> </a> </td>
</tr>
<tr>
<td> <a target="_blank" href="http://www.tesicnor.com"> <img
shrinktofit="true"
src="cid:part3.D777B061.8AAB0995@tesicnor.com"
border="0" width="143">
<!--<img shrinktofit="true" src="logo.png" width="143" border="0" />-->
</a> </td>
<td style="font-size: 12px;">
<p style="padding-left: 20px;"> <span>Pol. Ind.
Mocholi.</span> <span>C/Rio Elorz, Nave 13E </span><span
style="font-weight:bold">31110 Noain (Navarra)</span><br>
<span>Telf.: 948 21 40 40</span> <br>
<span>Fax.: 948 21 40 41</span> <br>
</p>
</td>
</tr>
<tr>
<td colspan="2"> <span style="color: #009900;font-size:
12px;">Antes de imprimir este e-mail piense bien si es
necesario hacerlo: El medioambiente es cosa de todos.</span>
</td>
</tr>
</tbody>
</table>
</div>
</div>
</body>
</html>