Re: [keycloak-user] Authentication from spring security without redirection

We have an app which up until now receives the credentials. We want to keep it that way (for backward compatability), but instead of authenticating with our db, authenticate with Keycloak. In the solution you’re proposing (not sure it suits us but let’s assume), will the user have to call another service to receive the token, and then send it to us in the header?

How will he know when to refresh it?

Dekel. *From:* Sebastien Blanc [mailto:sblanc@redhat.com] *Sent:* Wednesday, January 25, 2017 4:24 PM *To:* Dekel Aslan <dekela(a)perfectomobile.com&gt; *Cc:* keycloak-user(a)lists.jboss.org *Subject:* Re: [keycloak-user] Authentication from spring security without redirection Hi, Not sure I understand, have you set bearer-only for your Spring REST service ? With this you should not have a redirection and it should just check for a token on the header of the request. On Wed, Jan 25, 2017 at 2:39 PM, Dekel Aslan <dekela(a)perfectomobile.com&gt; wrote: Hi, I'm looking for a way of exposing REST services with Keycloak authentication. Does Keycloak have a bean that handles authentication for spring security without filter / redirection? Further details: I use spring security adapter, but I can't use it for http calls because it redirects to Keycloak login page. I want to get the user credentials and invoke Keycloak service in the server (with REST "/token"), but then I won't have an authentication object as the processing filter creates. Thanks, Dekel. The information contained in this message is proprietary to the sender, protected from disclosure, and may be privileged. The information is intended to be conveyed only to the designated recipient(s) of the message. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, use, distribution or copying of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank you. _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user <https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.... The information contained in this message is proprietary to the sender, protected from disclosure, and may be privileged. The information is intended to be conveyed only to the designated recipient(s) of the message. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, use, distribution or copying of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank you.