it seems to be fixed in version 4.2.0
For those working on older versions:
Instantiate KeycloakAuthenticationProcessingFilter with an additional
RequestMatcher that matches requests having an access_token query parameter.
Adapt KeycloakAuthenticationProcessingFilter.successfulAuthentication()
to handle queryParamToken-request like bearerToken- and basicAuth-requests.
Cheers Simon
Am 17.07.2018 um 11:11 schrieb Simon Faust:
Hi,
I've a REST Server secured using bearer-only. Now I'm stuck with the
file download usecase (no token in http header).
According to KEYCLOAK-2650
<
https://issues.jboss.org/browse/KEYCLOAK-2650> it's possible to pass
Access Token as a Query Parameter (guess its name is "access_token",
right?). On testing that every request I make gets redirected to
/sso/login.
Am I missing some configuration? It seems that the Keycloak adapter does
not try at all to get a token from query param... I'm using
keycloak-spring-security-adapter 3.2.1
Thanks in advance, Simon
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user