----- Original Message -----
From: "Juraci Paixão Kröhling" <juraci(a)kroehling.de>
To: keycloak-user(a)lists.jboss.org
Sent: Tuesday, November 18, 2014 4:36:11 PM
Subject: Re: [keycloak-user] Recommendations for protecting REST service with bearer
token and basic auth
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 11/18/2014 04:21 PM, Bill Burke wrote:
> How is that any different than our access tokens?
To obtain an access token, I'd still need to talk with the Auth server
and then, based on the response (ie, synchronously), send a request
with a bearer token to the service. This is not viable when the client
sends several (thousands of) requests to the service.
Why does the shell script have to talk to the auth server for every request? It should
cache the token, not the users credentials.
That without mentioning the difficulties in parsing tokens via a shell
script.
Why does the shell script have to parse the token? Does it not just pass it on to the rest
services it invokes.
- - Juca.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBCgAGBQJUa2drAAoJEDnJtskdmzLMBcQH/ivngsWkJRYFDEKkhWRFnLbq
QS/cm4qx6t9YeQt0fWX0hHbRKtMO9wZNDKcPotd5Schx2Rry86g2FbulBg+6Pb2p
V8G4s0sTSh8jTcZZLlg8756IKwBIpX3xm05nx2TpxWg1d1MwrZb4d533vRevJkmP
nZpugEIB6btE5LrnnW5XbU1GdtkowTMuXAVCCUIa8PvtpOY8UfWQCPAakPx+er7l
7Ejjv3hEyaSs2pl8kjVJ41c4skWNOymPmUfgK5CzTthltElNzi675wmHMWjuaUbd
2jnyns6savc9uOslTfugg3cs7gP0BZV5NRd7wN/LTMxxUzbp9cCuTNfKD5T3ceE=
=pYMG
-----END PGP SIGNATURE-----
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user