Currently Keycloak adapters are only a way of integrating existing frameworks with
Keycloak so adding a event handler etc wouldn't make much sense.
We have plans on the road-map for a CDI based adapter that gives more capabilities like
what you're asking for, but in the mean time you'd need to look at PicketLink,
DeltaSpike, or a way to do it with standard JEE security.
----- Original Message -----
From: "Scott Rossillo" <srossillo(a)smartling.com>
To: "Bill Burke" <bburke(a)redhat.com>
Cc: keycloak-user(a)lists.jboss.org
Sent: Monday, 20 April, 2015 2:50:26 AM
Subject: Re: [keycloak-user] Keycloak Adapter without web.xml security-constraint
Could we have a hook into application code to determine if a resource should
be protected by Keycloak? Maybe an event handler?
b oolean shouldProtectResourse(HttpServletRequest)
On Friday, April 17, 2015, Scott Rossillo < srossillo(a)smartling.com > wrote:
I could work around that for interactive logins, but it wouldn’t work for
application to application requests. Do you have any pointers on where I
could start to manually trigger the adapter?
Do you think it’s a reasonable requirement to have the application determine
if the adapter should be triggered? I feel it’s necessary for integration
with applications that have to support more than one authentication
mechanism.
Let me know.
Thanks in advance,
Scott
On Fri, Apr 17, 2015 at 4:46 PM, Bill Burke < bburke(a)redhat.com > wrote:
Our adapters need a security constraint or they won't be triggered.
On 4/17/2015 4:34 PM, Scott Rossillo wrote:
> When using a security mechanism, such as Spring Security, it’s possible
> that multiple security mechanisms are in place or that only parts of an
> application are secured via Keycloak, not a blanket path (e.g. /api/*).
>
> What I’m trying to do is use the Spring’s authentication entrypoint to
> direct to Keycloak (this part work somewhat) and have the Keycloak
> adapter pick up from there (not working).
>
> What’s the best way to handle this?
>
> Thanks,
> Scott
>
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user