Re: [keycloak-user] REST services supporting basic auth and bearer tokens

Hi, I am not 100% sure if having basic auth with direct grant directly in our adapters is way to go. Probably yes as for your use-case it makes sense, so I am slightly for push your change as PR. But maybe others from team have different opinion. Earlier this week I've added DirectAccessGrantsLoginModule to KC codebase, which is quite similar and is intended to be used for non-web applications (like SSH), which rely on JAAS. But I guess that using this one is not good option for you as you want support for Basic and Bearer authentication in same web application, right? Few more minor points to your changes: - Is it possible to use net.iharder.Base64 instead of org.apache.commons.codec.binary.Base64? Whole KC code has dependency on net.iharder, so would be likely better to use this one to avoid possible dependency issues in adapters. - Wonder if it's possible to simplify a bit, like have single "completeAuthentication" method for both bearer and basic authenticator (afaik only difference among them is different authMethod right?). But this is really minor. Marek On 26.11.2014 14:54, Gary Brown wrote: