Re: [keycloak-user] How to get user details
Passing password is *not *recommended. What about other option?
In my use case I need user password to decrypt keys (either do it on KC or
in Java app). Keys are available in Keycloak through LDAP federation.
So can we customize & return decrypted keys from Keyclock in IDToken?
I have reached upto returning encrypted keys as user attribute which
Keyclock supports out of the box.
In addition to this, I need a decryption of keys using the password entered
by user & then return in token (a little bit custom code required).
I am looking how to customize for this.
You can see similar scenario here as well:
https://stackoverflow.com/questions/36512154/keycloak-how-to-get-current-...
.
On Thu, May 17, 2018 at 6:25 PM, Subodh Joshi <subodhcjoshi82(a)gmail.com>
wrote:
Is this not true you are making things more complicated if your
successfully login,why again user password required ? Same user session
should enable
access the contents of the project.Getting password and then again passing
it to authenticate no one will recommend you and doing this also not
feasible.
Rather than you can use
> tgtToken = securityContext.getTokenString();
>
Some token to access the contents . Same way we are achieving things in
our production server
We have 2 web application one in JSF another in React and deployed in
different virtual machine and our own REST API deployed into another
machine even
different Jboss instance But all share same keycloak .So if we are doing
any rest call we will pass *TGTTOKEN *which will be verify by rest-api
through keycloak.
There are too many other things evolved but this is basic concept.
--
Life is like this: "Just when we get all the answers of life.... God
changes the question paper....
Valsaraj Viswanathan