2:46 a.m.
Hello,
has anyone experience or advice how to handle the following situation:
I have my application running on a keycloak secured wildfly instance.
Another application
wants to make REST calls from an IIS Server to my application. Of course
the user is not
willing to provide credentials a second time, but the calls must be
associated with the user.
It must not be a shared account in keycloak, which is used for all users on
the IIS.
What is the right way (keycloak way) to approach this?
Thx for your help.
Kevin Hirschmann
HUEBINET Informationsmanagement GmbH & Co. KG
HUEBINET Informationsmanagement GmbH & Co. KG
An der Königsbach 8
56075 Koblenz
Sitz und Registergericht: Koblenz HRA 5329
Persönlich haftender Gesellschafter der KG:
HUEBINET GmbH;
Sitz und Registergericht: Koblenz HRB 6857
Geschäftsführung:
Frank Hüttmann; Michael Biemer
----------------------------------------------------------------------------
----------------------------------------------------------------------------
----------------
Der Nachrichtenaustausch mit HUEBINET Informationsmanagement GmbH & Co. KG,
Koblenz via E-Mail dient lediglich zu Informationszwecken.
Rechtsgeschäftliche Erklärungen mit verbindlichem Inhalt können über dieses
Medium nicht ausgetauscht werden, da die Manipulation von E-Mails durch
Dritte nicht ausgeschlossen werden kann.
Email communication with HUEBINET Informationsmanagement GmbH & Co. KG is
only intended to provide information of a general kind, and shall not be
used for any statement with binding contents in respect to legal relations.
It is not totally possible to prevent a third party from manipulating emails
and email contents.
6:48 a.m.
Hi,
am I understand correctly that you have:
1) UI application, which handles redirection to keycloak login screen
etc. and have access token available
2) REST Application 1
3) REST Application 2
The user wants to send accessToken to RESTApp1 and this RESTApp1 wants
to send another REST request to RESTApp2. Is it correct? I wonder that
you can just send same accessToken used for RESTApp1 for authentication
to RESTApp2. Or am I not understand correctly your environment?
Marek
On 20/11/15 09:46, Kevin Hirschmann wrote:
Hello,
has anyone experience or advice how to handle the following situation:
I have my application running on a keycloak secured wildfly instance.
Another application
wants to make REST calls from an IIS Server to my application. Of
course the user is not
willing to provide credentials a second time, but the calls must be
associated with the user.
It must not be a shared account in keycloak, which is used for all
users on the IIS.
What is the right way (keycloak way) to approach this?
Thx for your help.
Kevin Hirschmann
HUEBINET Informationsmanagement GmbH & Co. KG
HUEBINET Informationsmanagement GmbH & Co. KG
An der Königsbach 8
56075 Koblenz
Sitz und Registergericht: Koblenz HRA 5329
Persönlich haftender Gesellschafter der KG:
HUEBINET GmbH;
Sitz und Registergericht: Koblenz HRB 6857
Geschäftsführung:
Frank Hüttmann; Michael Biemer
------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Der Nachrichtenaustausch mit HUEBINET Informationsmanagement GmbH &
Co. KG, Koblenz via E-Mail dient lediglich zu Informationszwecken.
Rechtsgeschäftliche Erklärungen mit verbindlichem Inhalt können über
dieses Medium nicht ausgetauscht werden, da die Manipulation von
E-Mails durch Dritte nicht ausgeschlossen werden kann.
Email communication with HUEBINET Informationsmanagement GmbH & Co. KG
is only intended to provide information of a general kind, and shall
not be used for any statement with binding contents in respect to
legal relations. It is not totally possible to prevent a third party
from manipulating emails and email contents.
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
3325
days inactive
3325
days old
1 comments
2 participants
participants (2)
-
Kevin Hirschmann -
Marek Posolda