[keycloak-user] Recommendations for protecting REST service with bearer token and basic auth

Stian Thorgersen stian at redhat.com
Wed Nov 19 03:33:42 EST 2014

----- Original Message -----
> From: "Juraci Paixão Kröhling" <juraci at kroehling.de>
> To: keycloak-user at lists.jboss.org
> Sent: Tuesday, November 18, 2014 4:36:11 PM
> Subject: Re: [keycloak-user] Recommendations for protecting REST service with bearer token and basic auth
> Hash: SHA512
> On 11/18/2014 04:21 PM, Bill Burke wrote:
> > How is that any different than our access tokens?
> To obtain an access token, I'd still need to talk with the Auth server
> and then, based on the response (ie, synchronously), send a request
> with a bearer token to the service. This is not viable when the client
> sends several (thousands of) requests to the service.

Why does the shell script have to talk to the auth server for every request? It should cache the token, not the users credentials.

> That without mentioning the difficulties in parsing tokens via a shell
> script.

Why does the shell script have to parse the token? Does it not just pass it on to the rest services it invokes.

> - - Juca.
> Version: GnuPG v1
> QS/cm4qx6t9YeQt0fWX0hHbRKtMO9wZNDKcPotd5Schx2Rry86g2FbulBg+6Pb2p
> V8G4s0sTSh8jTcZZLlg8756IKwBIpX3xm05nx2TpxWg1d1MwrZb4d533vRevJkmP
> nZpugEIB6btE5LrnnW5XbU1GdtkowTMuXAVCCUIa8PvtpOY8UfWQCPAakPx+er7l
> 7Ejjv3hEyaSs2pl8kjVJ41c4skWNOymPmUfgK5CzTthltElNzi675wmHMWjuaUbd
> 2jnyns6savc9uOslTfugg3cs7gP0BZV5NRd7wN/LTMxxUzbp9cCuTNfKD5T3ceE=
> =pYMG
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

More information about the keycloak-user mailing list