Re: [keycloak-user] How to get user details

Passing password is *not *recommended. What about other option? In my use case I need user password to decrypt keys (either do it on KC or in Java app). Keys are available in Keycloak through LDAP federation. So can we customize & return decrypted keys from Keyclock in IDToken? I have reached upto returning encrypted keys as user attribute which Keyclock supports out of the box. In addition to this, I need a decryption of keys using the password entered by user & then return in token (a little bit custom code required). I am looking how to customize for this. You can see similar scenario here as well: https://stackoverflow.com/questions/36512154/keycloak-how-to-get-current-... . On Thu, May 17, 2018 at 6:25 PM, Subodh Joshi <subodhcjoshi82(a)gmail.com&gt; wrote: > Is this not true you are making things more complicated if your > successfully login,why again user password required ? Same user session > should enable > access the contents of the project.Getting password and then again > passing it to authenticate no one will recommend you and doing this also > not feasible. > Rather than you can use > >> tgtToken = securityContext.getTokenString(); >> > > Some token to access the contents . Same way we are achieving things in > our production server > We have 2 web application one in JSF another in React and deployed in > different virtual machine and our own REST API deployed into another > machine even > different Jboss instance But all share same keycloak .So if we are doing > any rest call we will pass *TGTTOKEN *which will be verify by rest-api > through keycloak. > There are too many other things evolved but this is basic concept. > -- Life is like this: "Just when we get all the answers of life.... God changes the question paper.... Valsaraj Viswanathan