Hi Bill, I see you have pushed some changes. Tell me as soon as you need me to test it. Thank you, Davide. Weird... I'm actually screwing around with writing a security proxy right now. I just started like an hour or so ago so I'm not exactly sure...but I don't think you can implement this with the current codebase. You need a Undertow only (no servlet) authentication mechanism and to set up the security handler chain correctly. (See the BasicAuthServer example in Undertow). I should have something working in master by the end of the week. On 11/19/2014 6:33 PM, Davide Ungari wrote: >/Hi everybody, />/this is the big picture: />/a. frontend application with Undertow />/b. backend application with Undertow and Resteasy for REST API /> >/Both are using Keycloak as SSO. /> >/I'm trying to configure a proxy from A to B in order to expose backend />/API without CORS problems to the frontend. /> >/I asked support also to Undertow guys but the issue seems around the />/integration of Keycloack in Undertow. My proxy is implemented like: /> >/final ProxyClient proxyClient = new />/SimpleProxyClientProvider(new URI("http://localhost:8181 <http://localhost:8181/> />/<http://localhost:8181/>")); />/final ProxyHandler proxyHandler = new />/ProxyHandler(proxyClient, servletHandler); />/proxyHandler.addRequestHeader(new />/HttpString("Authorization"), new ExchangeAttribute() { />/@Override />/public String readAttribute(HttpServerExchange />/exchange) { />/exchange. />/RefreshableKeycloakSecurityContext context = />/(RefreshableKeycloakSecurityContext) exchange.getSecurityContext(); />/return "Bearer " + context.getTokenString(); />/} /> >/@Override />/public void writeAttribute(HttpServerExchange />/exchange, String newValue) throws ReadOnlyAttributeException { />/// TODO Auto-generated method stub />/} />/}); /> >/The problem is that the exchange.getSecurityContext() is always null. />/Any ideas? /> >/Thanks /> > > >/-- />/Davide /> > >/_______________________________________________ />/keycloak-user mailing list />/keycloak-user at lists.jboss.org <https://lists.jboss.org/mailman/listinfo/keycloak-user> />/https://lists.jboss.org/mailman/listinfo/keycloak-user /> -- Bill Burke JBoss, a division of Red Hat http://bill.burkecentral.com <http://bill.burkecentral.com/> _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user

From: "Davide Ungari" <ungarida(a)gmail.com&gt; To: keycloak-user(a)lists.jboss.org Sent: Tuesday, January 27, 2015 9:46:33 PM Subject: Re: [keycloak-user] Authentication throw a proxy on Undertow Hi everybody, I saw release 1.0.5.Final. There is somenthing usefull for my usecase? Il giorno Fri Nov 21 2014 at 8:47:21 AM Davide Ungari < ungarida(a)gmail.com > ha scritto: Hi Bill, I see you have pushed some changes. Tell me as soon as you need me to test it. Thank you, Davide. Weird... I'm actually screwing around with writing a security proxy right now. I just started like an hour or so ago so I'm not exactly sure...but I don't think you can implement this with the current codebase. You need a Undertow only (no servlet) authentication mechanism and to set up the security handler chain correctly. (See the BasicAuthServer example in Undertow). I should have something working in master by the end of the week. On 11/19/2014 6:33 PM, Davide Ungari wrote: > Hi everybody, > this is the big picture: > a. frontend application with > Undertow > b. backend application with Undertow and Resteasy for REST API > > > Both are using Keycloak as SSO. > > I'm trying to configure a proxy from A to B in order to expose backend > > API without CORS problems to the frontend. > > I asked support also to Undertow guys but the issue seems around the > > integration of Keycloack in Undertow. My proxy is implemented like: > > final ProxyClient proxyClient = new > SimpleProxyClientProvider(new URI(" > http://localhost:8181 > < http://localhost:8181/ >")); > final ProxyHandler proxyHandler = new > ProxyHandler(proxyClient, > servletHandler); > proxyHandler.addRequestHeader(new > > HttpString("Authorization"), new ExchangeAttribute() { > @Override > > public String readAttribute(HttpServerExchange > exchange) { > exchange. > > RefreshableKeycloakSecurityContext context = > > (RefreshableKeycloakSecurityContext) exchange.getSecurityContext(); > > return "Bearer " + context.getTokenString(); > } > > @Override > public void writeAttribute(HttpServerExchange > exchange, > String newValue) throws ReadOnlyAttributeException { > // TODO > Auto-generated method stub > } > }); > > The problem is that the exchange.getSecurityContext() is always null. > Any > ideas? > > Thanks > > > > -- > Davide > > > _______________________________________________ > keycloak-user mailing > list > keycloak-user at lists.jboss.org > > https://lists.jboss.org/mailman/listinfo/keycloak-user > -- Bill Burke JBoss, a division of Red Hat http://bill.burkecentral.com _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user