I'm working on SSO using jboss keycloak.

I m developing a user federation provider working with my custom user database and ldap authentication.

i m able to do the authentication process but now i need to retrieve to my webapplications a Principal extending the keycloak one.

I mean that my rest service could have to access a principal object holding other information besides those covered by keycloakPrincipal (i.e. company group, company and others).

i was planning to write my own MyProjectPrincipal extending keycloakPrincipal but then... 

is it the right way?

how can i retrieve this principal to my custom webapplication? (i.e. REST service)?

Best regards and thanks a lot for your attention.