[keycloak-dev] Spring Security for Keycloak Contribution
Bill Burke
bburke at redhat.com
Tue Apr 21 10:53:55 EDT 2015
FYI, Our common adapter module is a bit convoluted as it is shared
between different versions of Jetty, Tomcat, JBoss, and Wildfly who all
do security a bit differently. A pure Spring adapter would be great,
but we have zero experience with Spring Security. I've done some
component integration work with core Spring awhile back, but nothing for
years.
On 4/21/2015 2:47 AM, Stian Thorgersen wrote:
> It's been years since I last looked at Spring, so I'm not the person to ask ;)
>
> It sounds like the pure Spring Security Adapter is the better option. You should at try to use code from integration/adapter-core module as that's used as the core for all our current Java based adapters. Also, it should be configurable by supplying a keycloak.json file.
>
> ----- Original Message -----
>> From: "Scott Rossillo" <srossillo at smartling.com>
>> To: "Stian Thorgersen" <stian at redhat.com>
>> Cc: "keycloak-dev" <keycloak-dev at lists.jboss.org>
>> Sent: Tuesday, 21 April, 2015 1:02:28 AM
>> Subject: Re: [keycloak-dev] Spring Security for Keycloak Contribution
>>
>> Hi,
>>
>> There are two different approaches here. The project I mentioned still relies
>> on a Keycloak adapter being present in the servlet container. It’s not quite
>> the final product I need but it would be useful to people who can declare
>> their protected resources in web.xml.
>>
>> What I’m working on now is a Keycloak adapter-less Spring Security
>> integration. Basically, it’s a Keycloak Spring Security Adapter that can
>> stand on it’s own and protect resources based on the Spring Security
>> configuration. It’s this latter implementation that I believe has the most
>> value.
>>
>> Question for you: Do you want to see both approaches covered or is one
>> approach more in line with the Keycloak project’s goals?
>>
>> In my option, the latter, Keycloak Spring Security Adapter, is of more value,
>> but please let me know your thoughts.
>>
>> Thanks in advance,
>> Scott
>>
>>
>>> On Apr 16, 2015, at 9:24 AM, Stian Thorgersen <stian at redhat.com> wrote:
>>>
>>> If you can prepare a PR for it that'd be great. Please add a
>>> 'spring-security' module within the integration module where all the other
>>> adapters live. Also, to create a distribution archive for the adapter
>>> please add a module inside distribution that packages it up (look at
>>> existing modules there for a reference).
>>>
>>> ----- Original Message -----
>>>> From: "Scott Rossillo" <srossillo at smartling.com>
>>>> To: "keycloak-dev" <keycloak-dev at lists.jboss.org>
>>>> Sent: Thursday, April 16, 2015 3:08:13 PM
>>>> Subject: [keycloak-dev] Spring Security for Keycloak Contribution
>>>>
>>>> Good morning,
>>>>
>>>> As I mentioned a few days ago on the users mailing list, we developed an
>>>> integration between the Keycloak Adapter and Spring Security. The
>>>> announcement can be found here:
>>>>
>>>> http://lists.jboss.org/pipermail/keycloak-user/2015-April/001992.html
>>>>
>>>> The code is here:
>>>> http://smartling.github.io/spring-security-keycloak/
>>>> Would you be interested in either:
>>>> 1. Us contributing the code to the Keycloak project or
>>>> 2. You integrating the code into the Keycloak project
>>>>
>>>> We released the code under the Apache 2.0 license to be compatible with
>>>> the
>>>> Keycloak project. Let me know your thoughts.
>>>> Best,
>>>> Scott
>>>>
>>>> _______________________________________________
>>>> keycloak-dev mailing list
>>>> keycloak-dev at lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>
>>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-dev
mailing list