1:47 a.m.
It's been years since I last looked at Spring, so I'm not the person to ask ;)
It sounds like the pure Spring Security Adapter is the better option. You should at try to
use code from integration/adapter-core module as that's used as the core for all our
current Java based adapters. Also, it should be configurable by supplying a keycloak.json
file.
----- Original Message -----
From: "Scott Rossillo" <srossillo(a)smartling.com>
To: "Stian Thorgersen" <stian(a)redhat.com>
Cc: "keycloak-dev" <keycloak-dev(a)lists.jboss.org>
Sent: Tuesday, 21 April, 2015 1:02:28 AM
Subject: Re: [keycloak-dev] Spring Security for Keycloak Contribution
Hi,
There are two different approaches here. The project I mentioned still relies
on a Keycloak adapter being present in the servlet container. It’s not quite
the final product I need but it would be useful to people who can declare
their protected resources in web.xml.
What I’m working on now is a Keycloak adapter-less Spring Security
integration. Basically, it’s a Keycloak Spring Security Adapter that can
stand on it’s own and protect resources based on the Spring Security
configuration. It’s this latter implementation that I believe has the most
value.
Question for you: Do you want to see both approaches covered or is one
approach more in line with the Keycloak project’s goals?
In my option, the latter, Keycloak Spring Security Adapter, is of more value,
but please let me know your thoughts.
Thanks in advance,
Scott
> On Apr 16, 2015, at 9:24 AM, Stian Thorgersen <stian(a)redhat.com> wrote:
>
> If you can prepare a PR for it that'd be great. Please add a
> 'spring-security' module within the integration module where all the other
> adapters live. Also, to create a distribution archive for the adapter
> please add a module inside distribution that packages it up (look at
> existing modules there for a reference).
>
> ----- Original Message -----
>> From: "Scott Rossillo" <srossillo(a)smartling.com>
>> To: "keycloak-dev" <keycloak-dev(a)lists.jboss.org>
>> Sent: Thursday, April 16, 2015 3:08:13 PM
>> Subject: [keycloak-dev] Spring Security for Keycloak Contribution
>>
>> Good morning,
>>
>> As I mentioned a few days ago on the users mailing list, we developed an
>> integration between the Keycloak Adapter and Spring Security. The
>> announcement can be found here:
>>
>> http://lists.jboss.org/pipermail/keycloak-user/2015-April/001992.html
>>
>> The code is here:
>> http://smartling.github.io/spring-security-keycloak/
>> Would you be interested in either:
>> 1. Us contributing the code to the Keycloak project or
>> 2. You integrating the code into the Keycloak project
>>
>> We released the code under the Apache 2.0 license to be compatible with
>> the
>> Keycloak project. Let me know your thoughts.
>> Best,
>> Scott
>>
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev(a)lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev