On Wed, Jan 25, 2017 at 3:35 PM, Dekel Aslan <dekela(a)perfectomobile.com>
wrote:
We have an app which up until now receives the credentials. We want
to
keep it that way (for backward compatability), but instead of
authenticating with our db, authenticate with Keycloak.
In the solution you’re proposing (not sure it suits us but let’s assume),
will the user have to call another service to receive the token, and then
send it to us in the header?
Yes, for instance it could be a web app using the keycloak.js library that
handles the login and then it sends the token in the header, look at our
examples.
How will he know when to refresh it?
That is the responsability of the app that requested the token (in this
case, the web app, again if you look at our angular example you can see how
it handles the token refresh)
Dekel.
*From:* Sebastien Blanc [mailto:sblanc@redhat.com]
*Sent:* Wednesday, January 25, 2017 4:24 PM
*To:* Dekel Aslan <dekela(a)perfectomobile.com>
*Cc:* keycloak-user(a)lists.jboss.org
*Subject:* Re: [keycloak-user] Authentication from spring security
without redirection
Hi,
Not sure I understand, have you set bearer-only for your Spring REST
service ? With this you should not have a redirection and it should just
check for a token on the header of the request.
On Wed, Jan 25, 2017 at 2:39 PM, Dekel Aslan <dekela(a)perfectomobile.com>
wrote:
Hi,
I'm looking for a way of exposing REST services with Keycloak
authentication.
Does Keycloak have a bean that handles authentication for spring security
without filter / redirection?
Further details: I use spring security adapter, but I can't use it for
http calls because it redirects to Keycloak login page.
I want to get the user credentials and invoke Keycloak service in the
server (with REST "/token"), but then I won't have an authentication
object
as the processing filter creates.
Thanks,
Dekel.
The information contained in this message is proprietary to the sender,
protected from disclosure, and may be privileged. The information is
intended to be conveyed only to the designated recipient(s) of the message.
If the reader of this message is not the intended recipient, you are hereby
notified that any dissemination, use, distribution or copying of this
communication is strictly prohibited and may be unlawful. If you have
received this communication in error, please notify us immediately by
replying to the message and deleting it from your computer. Thank you.
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
<
https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists....
The information contained in this message is proprietary to the sender,
protected from disclosure, and may be privileged. The information is
intended to be conveyed only to the designated recipient(s) of the message.
If the reader of this message is not the intended recipient, you are hereby
notified that any dissemination, use, distribution or copying of this
communication is strictly prohibited and may be unlawful. If you have
received this communication in error, please notify us immediately by
replying to the message and deleting it from your computer. Thank you.