Hello Juraci,
maybe other Keycloak core devs might have having other recommendations,
never-less I've put up an example for our project
https://github.com/pslegr/pnc/commit/873e875d657215890b9b9aafe93b2138ae946ec5
which uses Keycloak to secure the WS endpoint.
The point is to intercept the initial HttpRequest and add an AuthorizationHeader
into this one.
...
List<String> authHeader = new ArrayList<String>(); authHeader.add("Bearer " + authenticate()); headers.put("Authorization", authHeader); ...This is done before protocol upgrade into WS/WSS.
I don't see any other way doing this so far....
regards
Pavel
On 4.8.2015 16:44, Juraci Paixão Kröhling wrote:
I'm currently looking into the best way to perform authentication for WebSockets, and it seems that the best (only?) option so far is to handle this on the socket's endpoint itself. But before I start with some library for the other Hawkular components to consume, I'd like to ask if there's a best practices/recommendations for doing WebSocket authentication with Keycloak. My plan right now is to require the endpoints to inject a service that would accept a message and session, closing the session on this service if the login data is not provided (login data == token, send on the first message, at least at first). Ideas/thoughts? - Juca. _______________________________________________ keycloak-user mailing list keycloak-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user
_______________________________________________ keycloak-user mailing list keycloak-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user