Currently its for backward compatibility, maintaining the same simple authentication
approach for existing clients using the REST services.
However basic auth is a standard (and simple) approach, so I could see some cases where it
would be preferred by app developers rather than accessing a keycloak specific service to
obtain a token. One relevant case would be API management - if a backend service was
protected by keycloak, I believe it would require a specific authentication module to
obtain a token per request (unless the token could be cached somewhere).
So I think having the basic auth support will provide flexibility.
Regards
Gary
----- Original Message -----
If you are using Keycloak, I don't understand why you would want
to do
basic auth.
Eventually I'm going to write a JAAS plugin for simple username/password
with Keycloak, but I have other stuff in my queue at the moment. For
your application, you'd have to write something that obtained a admin
token and verified username password and downloaded role mappings.
On 11/7/2014 9:16 AM, Gary Brown wrote:
> Hi
>
> I've just started looking at KeyCloak to use with the Overlord governance
> projects.
>
> I have tried the examples, and see how we could leverage KeyCloak to
> protect the UI apps and the backend REST services they use. However we
> also need to provide the REST services as independent services using basic
> auth - but would like the basic auth to be performed against the users
> managed by KeyCloak.
>
> Is there any recommendations on how this can be achieved?
>
> Do we need to provide our own filter - is there any example code to do
> this?
>
> Is it possible to do something via the KeyCloak subsystem configuration
> approach, in case we wanted to secure the REST service without modifying
> the war?
>
> Thanks in advance.
>
> Regards
> Gary
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user