Serialization works fine with BearerRequestAuthentication or Bearer/DirectLoginModule. The only problem is BasicAuthRequestAuthentication.

In RequestAuthentication.java, RefreshableKeycloakSecurityContext is created with Bearer.getTokenString(), but token string has Basic Auth credentials instead of access token.

I'll create a JIRA for this.

On Tue, Apr 21, 2015 at 4:17 AM Marek Posolda <mposolda@redhat.com> wrote:

That's strange, serialization and deserialization of KeycloakSecurityContext should work fine. KeycloakSecurityContext actually uses java custom serialization (it implements writeObject and readObject methods). So during deserialization it calls readObject and creates AccessToken and IDToken from the base64 encoded token. This works fine in cluster and we also have the test for it: https://github.com/keycloak/keycloak/blob/master/core/src/test/java/org/keycloak/SkeletonKeyTokenTest.java#L58 .

If you still seeing issues and you think that it's bug, feel free to create JIRA. But please add the exact steps to reproduce to the JIRA.

Thanks,
Marek

On 21.4.2015 00:50, Leonardo Loch Zanivan wrote:

Hi,

I'm facing a problem while deserializing KeycloakSecurityContext of a Basic Auth KeycloakAccount.

KeycloakSecurityContext stores Basic Auth base64 token instead of Access Token, so deserialization code fail!

String[] parts = encoded.split("\\."); if (parts.length < 2 || parts.length > 3) throw new IllegalArgumentException("Parsing error");
https://github.com/keycloak/keycloak/blob/master/core/src/main/java/org/keycloak/KeycloakSecurityContext.java

_______________________________________________
keycloak-dev mailing list
keycloak-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev