7:27 a.m.
Still needs some work, testing, and also to make it a distribution.
On 11/21/2014 2:47 AM, Davide Ungari wrote:
Hi Bill,
I see you have pushed some changes.
Tell me as soon as you need me to test it.
Thank you,
Davide.
Weird... I'm actually screwing around with writing a security proxy
right now. I just started like an hour or so ago so I'm not exactly
sure...but I don't think you can implement this with the current
codebase. You need a Undertow only (no servlet) authentication
mechanism and to set up the security handler chain correctly. (See the
BasicAuthServer example in Undertow). I should have something
working in master by the end of the week. On 11/19/2014 6:33 PM,
Davide Ungari wrote:
>/Hi everybody, />/this is the big picture: />/a. frontend
application with Undertow />/b. backend application with Undertow
and Resteasy for REST API />
>/Both are using Keycloak as SSO. />
>/I'm trying to configure a proxy from A to B in order to expose
backend />/API without CORS problems to the frontend. />
>/I asked support also to Undertow guys but the issue seems around
the />/integration of Keycloack in Undertow. My proxy is implemented
like: />
>/final ProxyClient proxyClient = new
/>/SimpleProxyClientProvider(new URI("http://localhost:8181
<http://localhost:8181/> />/<http://localhost:8181/>"));
/>/final
ProxyHandler proxyHandler = new />/ProxyHandler(proxyClient,
servletHandler); />/proxyHandler.addRequestHeader(new
/>/HttpString("Authorization"), new ExchangeAttribute() {
/>/@Override />/public String readAttribute(HttpServerExchange
/>/exchange) { />/exchange. />/RefreshableKeycloakSecurityContext
context = />/(RefreshableKeycloakSecurityContext)
exchange.getSecurityContext(); />/return "Bearer " +
context.getTokenString(); />/} />
>/@Override />/public void writeAttribute(HttpServerExchange
/>/exchange, String newValue) throws ReadOnlyAttributeException {
/>/// TODO Auto-generated method stub />/} />/}); />
>/The problem is that the exchange.getSecurityContext() is always
null. />/Any ideas? />
>/Thanks />
>
>
>/-- />/Davide />
>
>/_______________________________________________ />/keycloak-user
mailing list />/keycloak-user at lists.jboss.org
<https://lists.jboss.org/mailman/listinfo/keycloak-user>
/>/https://lists.jboss.org/mailman/listinfo/keycloak-user /> --
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com <http://bill.burkecentral.com/>
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com