If your application (eg.: client consuming your SOAP layer) is using our adapters, you can
obtain the
token from either typecasting the user Principal to KeycloakPrincipal
and navigating to the KeycloakSecurityContext interface. The
KeycloakSecurityContext interface is also available within the
HttpServletRequest attribute
KeycloakSecurityContext session = (KeycloakSecurityContext)
request.getAttribute(KeycloakSecurityContext.class.getName());
----- Original Message -----
From: "Andrey Ryvlin" <aryvlin(a)morphotrust.com>
To: "Bill Burke" <bburke(a)redhat.com>, "Pedro Igor Silva"
<psilva(a)redhat.com>
Cc: keycloak-dev(a)lists.jboss.org
Sent: Wednesday, February 18, 2015 1:06:23 PM
Subject: RE: SOAP security with Keycloak
That'll work,
and what's endpoint to obtain token?
Thanks!!
-----Original Message-----
From: Bill Burke [mailto:bburke@redhat.com]
Sent: Wednesday, February 18, 2015 9:03 AM
To: Pedro Igor Silva; Ryvlin, Andrey
Cc: keycloak-dev(a)lists.jboss.org
Subject: Re: SOAP security with Keycloak
For plain Java org.keycloak.RSATokenVerifier.verifyToken API works too.
On 2/18/2015 9:41 AM, Pedro Igor Silva wrote:
There is a
/auth/realms/{realm}/protocol/openid-connect/validate?access_token={yo
ur_token}
endpoint. You can try it out.
However, I can not see it in Admin Client. I think we should add this endpoint there.
----- Original Message -----
From: "Andrey Ryvlin" <aryvlin(a)morphotrust.com>
To: "Pedro Igor Silva" <psilva(a)redhat.com>, "Bill Burke"
<bburke(a)redhat.com>
Cc: keycloak-dev(a)lists.jboss.org
Sent: Wednesday, February 18, 2015 12:24:32 PM
Subject: RE: SOAP security with Keycloak
What Keycloak API can use to do login programmatically and validate token? Do you have
any examples?
Thanks‼
-----------------
-----Original Message-----
From: keycloak-dev-bounces(a)lists.jboss.org
[mailto:keycloak-dev-bounces@lists.jboss.org] On Behalf Of Pedro Igor
Silva
Sent: Wednesday, February 18, 2015 6:09 AM
To: Bill Burke
Cc: keycloak-dev(a)lists.jboss.org
Subject: Re: [keycloak-dev] SOAP security with Keycloak
As Bill said, there is no OOTB support for SOAP security.
However, I think you can use WS-Security to communicate tokens to your services and have
some JAX-WS handler or something that knows how to validate this token and create a
security context for the user before actually invoking your services.
----- Original Message -----
From: "Bill Burke" <bburke(a)redhat.com>
To: keycloak-dev(a)lists.jboss.org
Sent: Monday, February 16, 2015 2:24:01 PM
Subject: Re: [keycloak-dev] SOAP security with Keycloak
We don't have anything yet. It will probably be awhile unless the community helps
out. You might be able to use it like you would any other REST service. SOAP still is
sent over HTTP...I guess it depends on your SOAP stack.
On 2/16/2015 11:13 AM, Ryvlin, Andrey wrote:
> Hi,
>
> I am evaluating Keycloak server for my project and securing REST APIs
> and Web applications was very easy.
>
> Now I have a task to secure some SOAP endpoints
>
> Is it possible to do it with Keycloak? If so, what’s the best practice?
>
> Thanks‼
>
> -----------------
>
> Andrey Ryvlin
>
> Principal Software Engineer
>
> Phone: 952-979-8492
>
> 5705 W Old Shakopee Road, Suite 100
>
> Bloomington, MN 55437 USA
>
> ARyvlin(a)MorphoTrust.com <mailto:ARyvlin@MorphoTrust.com>
>
>
www.MorphoTrust.com <
http://www.morphotrust.com/>
>
> cid:image003.jpg@01CFF75A.60542BC0
>
>
> ---------------------------------------------------------------------
> -
> --
>
> This message is only for the use of the intended recipient and may
> contain information that is CONFIDENTIAL and PROPRIETARY to
> MorphoTrust USA, Inc. If you are not the intended recipient, please
> erase all copies of the message and its attachments and notify the sender
immediately.
>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev
________________________________
This message is only for the use of the intended recipient and may contain information
that is CONFIDENTIAL and PROPRIETARY to MorphoTrust USA, Inc. If you are not the intended
recipient, please erase all copies of the message and its attachments and notify the
sender immediately.