[keycloak-dev] getAuthorizationContext from RefreshableKeycloakSecurityContext with Spring Security

Ignacio Ocampo nafiux at gmail.com
Wed Nov 23 01:53:09 EST 2016 

Hello Pedro,

I have implemented something to solve my requirement, it was in a Zuul
filter:

  @Override
>   public Object run() {
>     RequestContext ctx = RequestContext.getCurrentContext();
>     HttpServletRequest request = ctx.getRequest();
>     HttpServletResponse response = ctx.getResponse();
>     KeycloakSecurityContext keycloakSecurityContext =
> (KeycloakSecurityContext)
> request.getAttribute(KeycloakSecurityContext.class.getName());
>     OIDCServletHttpFacade facade = new OIDCServletHttpFacade(request,
> response);
>     AuthenticatedActionsHandler actions = new
> AuthenticatedActionsHandler(keycloakSecurityContext.deployment, facade);
>     if(actions.handledRequest()) { // true if !isAuthorized()
>       // disable route filters
>       ctx.setSendZuulResponse();
>     }
>     return null;
>   }


Dependencies for keycloakVersion = '2.3.0.Final'

    compile
> "org.keycloak:keycloak-spring-security-adapter:${keycloakVersion}"
>     compile "org.keycloak:keycloak-authz-client:${keycloakVersion}"
>     compile "org.keycloak:keycloak-adapter-core:${keycloakVersion}"
>     compile
> "org.keycloak:keycloak-servlet-filter-adapter:${keycloakVersion}"


This is working perfectly! But I don't understand so much in deep what is
behind the code that I did. Does it make sense for you?

Thank you very much.

Regards.

On Tue, Nov 22, 2016 at 3:49 AM, Pedro Igor <psilva at redhat.com> wrote:

> Hey Ignacio,
>
> It is more related with KEYCLOAK-3662
> <https://issues.jboss.org/browse/KEYCLOAK-3662>. I think we don't have
> authz integrated with Spring adapters, yet. Will talk with Sebastien.
>
> That should explain why you are not getting that instance.
>
> Regards.
> Pedro Igor
>
> On 11/21/2016 9:04:00 PM, Ignacio Ocampo <nafiux at gmail.com> wrote:
> I've a question, is this issue related?
> https://issues.jboss.org/browse/KEYCLOAK-3796
>
> On Mon, Nov 21, 2016 at 11:43 AM, Ignacio Ocampo wrote:
>
> > Hello Team,
> >
> > I've an Spring Boot application with Spring Security Core, everything is
> > working fine in terms of authentication.
> >
> > The next step is to setup the authorization with "Authorization enabled"
> > in the Client.
> >
> > I've a problem trying to obtain the authorizationContext from
> > RefreshableKeycloakSecurityContext
> >
> > KeycloakSecurityContext keycloakSecurityContext =
> > (KeycloakSecurityContext) request.getAttribute(
> > KeycloakSecurityContext.class.getName());
> >
> >> org.keycloak.adapters.RefreshableKeycloakSecurityContext at 69d7e12b
> >>
> >
> > AuthorizationContext authzContext = keycloakSecurityContext.
> > getAuthorizationContext();
> >
> >> null
> >>
> > Could you please help me to understand how I can get the authorization
> > context?
> >
> > In my keycloak.json I have:
> >
> > {
> >> "realm": "MyRealName",
> >> "auth-server-url": "http://myendpoint/auth",
> >> "ssl-required": "none",
> >> "resource": "serviceName",
> >> "credentials": {
> >> "secret": "XXX-XXX-XXX"
> >> },
> >> "policy-enforcer": {
> >> "enforcement-mode" : "ENFORCING"
> >> }
> >> }
> >
> >
> > Thanks
> >
> > Regards.
> >
> > --
> > Ignacio Ocampo Millán
> >
>
>
>
> --
> Ignacio Ocampo Millán
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
>


-- 
Ignacio Ocampo Millán

More information about the keycloak-dev mailing list