[keycloak-dev] Spring Security for Keycloak Contribution

Scott Rossillo srossillo at smartling.com
Mon Apr 20 19:02:28 EDT 2015


There are two different approaches here. The project I mentioned still relies on a Keycloak adapter being present in the servlet container. It’s not quite the final product I need but it would be useful to people who can declare their protected resources in web.xml.

What I’m working on now is a Keycloak adapter-less Spring Security integration. Basically, it’s a Keycloak Spring Security Adapter that can stand on it’s own and protect resources based on the Spring Security configuration. It’s this latter implementation that I believe has the most value.

Question for you: Do you want to see both approaches covered or is one approach more in line with the Keycloak project’s goals?

In my option, the latter, Keycloak Spring Security Adapter, is of more value, but please let me know your thoughts.

Thanks in advance,

> On Apr 16, 2015, at 9:24 AM, Stian Thorgersen <stian at redhat.com> wrote:
> If you can prepare a PR for it that'd be great. Please add a 'spring-security' module within the integration module where all the other adapters live. Also, to create a distribution archive for the adapter please add a module inside distribution that packages it up (look at existing modules there for a reference).
> ----- Original Message -----
>> From: "Scott Rossillo" <srossillo at smartling.com>
>> To: "keycloak-dev" <keycloak-dev at lists.jboss.org>
>> Sent: Thursday, April 16, 2015 3:08:13 PM
>> Subject: [keycloak-dev] Spring Security for Keycloak Contribution
>> Good morning,
>> As I mentioned a few days ago on the users mailing list, we developed an
>> integration between the Keycloak Adapter and Spring Security. The
>> announcement can be found here:
>> http://lists.jboss.org/pipermail/keycloak-user/2015-April/001992.html
>> The code is here:
>> http://smartling.github.io/spring-security-keycloak/
>> Would you be interested in either:
>> 1. Us contributing the code to the Keycloak project or
>> 2. You integrating the code into the Keycloak project
>> We released the code under the Apache 2.0 license to be compatible with the
>> Keycloak project. Let me know your thoughts.
>> Best,
>> Scott
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev

More information about the keycloak-dev mailing list