10:45 p.m.
Good day,
I was hoping to follow the recently published steps
<http://www.apiman.io/blog/gateway/security/oauth2/keycloak/authentication...
for using Keycloak to OAuth protect an API with APIMan. I already have the
backend API (war file) protected by Keycloak directly.
When I click on the 'Manage Plugins' link:
[image: Inline image 1]
I receive the error shown (full trace attached):
[image: Inline image 2]
Any tips on which Postgres table/column is the problem?
At a higher level, I'm not sure I understand the blog post however. I've
already protecting the various apiman *war files and their endpoints with
Keycloak's authentication behavior (default is OpenID Connect). So if the
APIMan endpoints are protected already, what does the OAuth policy provide
further? Any clarification on the integration points between Keycloak and
APIMan would be appreciated.
Thanks much,
Guy
7:14 a.m.
Thanks for the full stack trace - I'll have a look at this asap.
What version of postgres are you using?
Regarding security, we use KeyCloak in two different ways. The first is
to secure apiman itself (e.g. so you can log into the UI). The second
as the OAuth provider when protecting managed APIs. In order to enable
OAuth for an API managed by apiman, you need to add the Keycloak OAuth
policy to it.
Note that we could, for example, switch to using something *else* for
securing apiman, such as JAAS or CAS. Even if we did that, we would
still support using KeyCloak to secure managed endpoints via OAuth.
I hope that makes sense.
-Eric
On 1/28/2016 11:45 PM, Guy Davis wrote:
Good day,
I was hoping to follow the recently published steps
<http://www.apiman.io/blog/gateway/security/oauth2/keycloak/authentication...
for using Keycloak to OAuth protect an API with APIMan. I already have
the backend API (war file) protected by Keycloak directly.
When I click on the 'Manage Plugins' link:
Inline image 1
I receive the error shown (full trace attached):
Inline image 2
Any tips on which Postgres table/column is the problem?
At a higher level, I'm not sure I understand the blog post however.
I've already protecting the various apiman *war files and their
endpoints with Keycloak's authentication behavior (default is OpenID
Connect). So if the APIMan endpoints are protected already, what does
the OAuth policy provide further? Any clarification on the integration
points between Keycloak and APIMan would be appreciated.
Thanks much,
Guy
_______________________________________________
Apiman-user mailing list
Apiman-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/apiman-user
3256
days inactive
3256
days old
1 comments
2 participants
participants (2)
-
Eric Wittmann -
Guy Davis