On 19 November 2015 at 15:48, Ataraxus <atx@binaryninja.de> wrote:
Hey,

having 2 issues using the keycloak.js correct.

As for now i deployed my keycloak.json in the WEB-INF folder, but keycloak.js needs it accessible so i have to put it outside of WEB-INF. This forces me to have it two times, is this correct?

As you're saying you need it twice I assume you have your rest services and html5 pages in the same WAR? If so you need to have two different keycloak.json files. Outside WEB-INF should be for the HTML5 app, which should be a public client. Inside WEB-INF should be for your REST services and should be a bearer-only client. Also, make sure your HTML pages and js-scripts are public (aka doesn't have a security constraint in web.xml).

IMO though it would be cleaner to split the two into separate WARs.
 

If I login to my test site which is essentially the view.html of the demo-template/customer-app-js example I'm forced to relogin.
This is as far as I can tell due to the keycloak.init({ onLoad: 'login-required' }) "login-required" if i just call keycloak.init(), keycloak doesnt retrieve a token at all.
How do i use this api correctly?

onLoad: login-required doesn't force you to re-login. It forces you to login if you're not already logged-in. If you don't want to force login use keycloak.login() and wire it up to a button or something. Please read the docs at http://keycloak.github.io/docs/userguide/keycloak-server/html/ch08.html#javascript-adapter
 

Bonus Question: the "myapp/k_query_bearer_token " return an HTTP 200 but no token. i thought this one could have been an alternative to keycloak.js

If you are doing a HTML5/js app, you want to use keycloak.js that gives you a much better experience. You could set a security-constraint in web.xml for your index.html. Then use server-side login, but you end up with an http session, etc.. Not very elegant.
 

Thanks

_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user