[keycloak-user] Obtaining the user name from the security context

Stan Silvert ssilvert at redhat.com
Thu Dec 4 13:20:49 EST 2014


On 12/4/2014 12:03 PM, Bill Burke wrote:
> Waiting on the AS7 adapter to be fixed.  I can just push one out today I
> guess.
I should be done in a couple of hours as long as I don't run into any 
new issues.
>
> On 12/4/2014 11:10 AM, Eric Wittmann wrote:
>> Any update on the beta2 release?  I've got keycloak really nicely
>> included in apiman, just waiting on beta2 before I push the code.  :)
>>
>> -Eric
>>
>> On 11/24/2014 2:22 PM, Marek Posolda wrote:
>>> Not sure, probably this or next week.
>>>
>>> Marek
>>>
>>> On 24.11.2014 12:22, Gary Brown wrote:
>>>> Thanks that works fine now.
>>>>
>>>> Any idea when beta2 will be released?
>>>>
>>>> Regards
>>>> Gary
>>>>
>>>> ----- Original Message -----
>>>>> Hi,
>>>>>
>>>>> I've just tried it and figured that it doesn't work due to bug
>>>>> https://issues.jboss.org/browse/KEYCLOAK-857 . It's fixed in latest
>>>>> keycloak master and will be available in next release 1.1.0.Beta2 . The
>>>>> easiest workaround is to configure absolute URI for auth-server-url . So
>>>>> instead of "/auth", you can use "http://localhost:8080/auth" or
>>>>> something like that according to your env.
>>>>>
>>>>> Hope it helps,
>>>>> Marek
>>>>>
>>>>> On 20.11.2014 11:25, Gary Brown wrote:
>>>>>> Hi
>>>>>>
>>>>>> Thanks for the information.
>>>>>>
>>>>>> However, I've tried it without success - I also tried using this attribute
>>>>>> in the keycloak unconfigured-demo and preconfigured-demo examples for
>>>>>> customer-app/product-app, and didn't have an effect on them either.
>>>>>>
>>>>>> Just wondering whether the text in the doc "OpenID Connection ID Token
>>>>>> attribute to populate the UserPrincipal name with" implies that this
>>>>>> attribute only works for OpenID?
>>>>>>
>>>>>> With the unconfigured version, it wasn't clear whether this attribute would
>>>>>> be set under the realm or secure-deployment elements, so initially I tried
>>>>>> just under the realm but then eventually defined the attribute under both.
>>>>>> Attached the wildfly standalone-full.xml.
>>>>>>
>>>>>> Regards
>>>>>> Gary
>>>>>>
>>>>>> ----- Original Message -----
>>>>>>> If you have 1.1.0.Beta1, you can try to use "principal-attribute" with
>>>>>>> value "|preferred_username" in the configuration of your adapter. More
>>>>>>> info in |http://docs.jboss.org/keycloak/docs/1.1.0.Beta1/userguide
>>>>>>> /html/ch07.html#adapter-config .
>>>>>>>
>>>>>>> It should also work to cast getUserPrincipal() to KeycloakPrincipal and
>>>>>>> use something like:
>>>>>>>
>>>>>>> ((KeycloakPrincipal)getUserPrincipal()).getKeycloakSecurityContext().getToken().getPreferredUsername()
>>>>>>>
>>>>>>> this should also work on older versions, but your code may need to have
>>>>>>> dependencies on keycloak.
>>>>>>>
>>>>>>> Marek
>>>>>>>
>>>>>>> On 19.11.2014 17:20, Gary Brown wrote:
>>>>>>>> Hi
>>>>>>>>
>>>>>>>> When I access getUserPrincipal().getName() in
>>>>>>>> javax.ws.rs.core.SecurityContext I get the UID.
>>>>>>>>
>>>>>>>> Is it possible to obtain the actual user name?
>>>>>>>>
>>>>>>>> Regards
>>>>>>>> Gary
>>>>>>>> _______________________________________________
>>>>>>>> keycloak-user mailing list
>>>>>>>> keycloak-user at lists.jboss.org
>>>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>



More information about the keycloak-user mailing list