[keycloak-dev] Spring Security for Keycloak Contribution

Stian Thorgersen stian at redhat.com
Tue Apr 21 02:47:35 EDT 2015


It's been years since I last looked at Spring, so I'm not the person to ask ;)

It sounds like the pure Spring Security Adapter is the better option. You should at try to use code from integration/adapter-core module as that's used as the core for all our current Java based adapters. Also, it should be configurable by supplying a keycloak.json file.

----- Original Message -----
> From: "Scott Rossillo" <srossillo at smartling.com>
> To: "Stian Thorgersen" <stian at redhat.com>
> Cc: "keycloak-dev" <keycloak-dev at lists.jboss.org>
> Sent: Tuesday, 21 April, 2015 1:02:28 AM
> Subject: Re: [keycloak-dev] Spring Security for Keycloak Contribution
> 
> Hi,
> 
> There are two different approaches here. The project I mentioned still relies
> on a Keycloak adapter being present in the servlet container. It’s not quite
> the final product I need but it would be useful to people who can declare
> their protected resources in web.xml.
> 
> What I’m working on now is a Keycloak adapter-less Spring Security
> integration. Basically, it’s a Keycloak Spring Security Adapter that can
> stand on it’s own and protect resources based on the Spring Security
> configuration. It’s this latter implementation that I believe has the most
> value.
> 
> Question for you: Do you want to see both approaches covered or is one
> approach more in line with the Keycloak project’s goals?
> 
> In my option, the latter, Keycloak Spring Security Adapter, is of more value,
> but please let me know your thoughts.
> 
> Thanks in advance,
> Scott
> 
> 
> > On Apr 16, 2015, at 9:24 AM, Stian Thorgersen <stian at redhat.com> wrote:
> > 
> > If you can prepare a PR for it that'd be great. Please add a
> > 'spring-security' module within the integration module where all the other
> > adapters live. Also, to create a distribution archive for the adapter
> > please add a module inside distribution that packages it up (look at
> > existing modules there for a reference).
> > 
> > ----- Original Message -----
> >> From: "Scott Rossillo" <srossillo at smartling.com>
> >> To: "keycloak-dev" <keycloak-dev at lists.jboss.org>
> >> Sent: Thursday, April 16, 2015 3:08:13 PM
> >> Subject: [keycloak-dev] Spring Security for Keycloak Contribution
> >> 
> >> Good morning,
> >> 
> >> As I mentioned a few days ago on the users mailing list, we developed an
> >> integration between the Keycloak Adapter and Spring Security. The
> >> announcement can be found here:
> >> 
> >> http://lists.jboss.org/pipermail/keycloak-user/2015-April/001992.html
> >> 
> >> The code is here:
> >> http://smartling.github.io/spring-security-keycloak/
> >> Would you be interested in either:
> >> 1. Us contributing the code to the Keycloak project or
> >> 2. You integrating the code into the Keycloak project
> >> 
> >> We released the code under the Apache 2.0 license to be compatible with
> >> the
> >> Keycloak project. Let me know your thoughts.
> >> Best,
> >> Scott
> >> 
> >> _______________________________________________
> >> keycloak-dev mailing list
> >> keycloak-dev at lists.jboss.org
> >> https://lists.jboss.org/mailman/listinfo/keycloak-dev
> 
>



More information about the keycloak-dev mailing list