[keycloak-dev] Custom KeycloakPrincipal in adapter
Marcelo Arthur Sampaio
marcelo.sampaio at serpro.gov.br
Thu Jul 16 08:08:36 EDT 2015
Hi,
I created my custom valve to set my user principal in the security context.
It would be possible to change the org.keycloak.subsystem.as7.KeycloakAdapterConfigDeploymentProcessor class so that the custom valve?
I would like to be able to set my custom valve and extends the keycloakValve.
Line 93: valve.setValveClass (KeycloakAuthenticatorValve.class.getName ());
maybe change to config the valve in module.xml or other config file.
Thanks.
Em 11/07/2015 05:59:55, Marek Posolda escreveu:
>
> Not sure why you need this. But maybe
easiest is to create just Http Servlet filter (this can be
configured in web.xml and doesn't use any tomcat/jboss-web
specific stuff) . In this filter, you will create
HttpServletRequestWrapper wrapping the original
HttpServletRequest, but you will override just the method
"getUserPrincipal" in your wrapper class. Here you can do any
hacking you want and return any principal instance you want. All
the data from Keycloak (KeycloakSecurityContext, AccessToken,
IDToken, original KeycloakPrincipal...) are already available in
the filter, so you can use them for create your own principal.
>
>
Marek
>
>
On 10.7.2015 21:02, Marcelo Arthur Sampaio wrote:
>
> >
> > Hi,
> >
> >
I need to implement my custom security Principal.
> >
What is the best way to do it in adapter for jboss eap.
> >
> >
Create new adapter for my business extends
RefreshableKeycloakSecurityContext, KeycloakAuthenticatorValve and
set the new valve class in
KeycloakAdapterConfigDeploymentProcessor?
> >
> >
I need to set new attributes in principal and get principal in the
SecurityContext.
> >
> >
There is an other way?
> >
> >
Thanks.
> >
-
> >
> >
> >
"Esta mensagem do SERVIÇO FEDERAL DE PROCESSAMENTO DE DADOS
(SERPRO), empresa pública federal regida pelo disposto na Lei
Federal nº 5.615, é enviada exclusivamente a seu destinatário e
pode conter informações confidenciais, protegidas por sigilo
profissional. Sua utilização desautorizada é ilegal e sujeita o
infrator às penas da lei. Se você a recebeu indevidamente,
queira, por gentileza, reenviá-la ao emitente, esclarecendo o
equívoco."
> >
> >
"This message from SERVIÇO FEDERAL DE PROCESSAMENTO DE DADOS
(SERPRO) -- a government company established under Brazilian law
(5.615/70) -- is directed exclusively to its addressee and may
contain confidential data, protected under professional secrecy
rules. Its unauthorized use is illegal and may subject the
transgressor to the law's penalties. If you're not the
addressee, please send it back, elucidating the failure."
> >
> > _______________________________________________
keycloak-dev mailing list
> > keycloak-dev at lists.jboss.org> >
> > https://lists.jboss.org/mailman/listinfo/keycloak-dev> >
>
-
"Esta mensagem do SERVIÇO FEDERAL DE PROCESSAMENTO DE DADOS (SERPRO), empresa pública federal regida pelo disposto na Lei Federal nº 5.615, é enviada exclusivamente a seu destinatário e pode conter informações confidenciais, protegidas por sigilo profissional. Sua utilização desautorizada é ilegal e sujeita o infrator às penas da lei. Se você a recebeu indevidamente, queira, por gentileza, reenviá-la ao emitente, esclarecendo o equívoco."
"This message from SERVIÇO FEDERAL DE PROCESSAMENTO DE DADOS (SERPRO) -- a government company established under Brazilian law (5.615/70) -- is directed exclusively to its addressee and may contain confidential data, protected under professional secrecy rules. Its unauthorized use is illegal and may subject the transgressor to the law's penalties. If you're not the addressee, please send it back, elucidating the failure."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20150716/bbc94b1b/attachment.html
More information about the keycloak-dev
mailing list