[keycloak-user] Authentication throw a proxy on Undertow

Bill Burke bburke at redhat.com
Wed Nov 19 19:02:52 EST 2014 

Weird... I'm actually screwing around with writing a security proxy 
right now.  I just started like an hour or so ago so I'm not exactly 
sure...but I don't think you can implement this with the current 
codebase.  You need a Undertow only (no servlet) authentication 
mechanism and to set up the security handler chain correctly.  (See the 
BasicAuthServer example in Undertow).

I should have something working in master by the end of the week.

On 11/19/2014 6:33 PM, Davide Ungari wrote:
> Hi everybody,
> this is the big picture:
> a. frontend application with Undertow
> b. backend application with Undertow and Resteasy for REST API
>
> Both are using Keycloak as SSO.
>
> I'm trying to configure a proxy from A to B in order to expose backend
> API without CORS problems to the frontend.
>
> I asked support also to Undertow guys but the issue seems around the
> integration of Keycloack in Undertow. My proxy is implemented like:
>
>                  final ProxyClient proxyClient = new
> SimpleProxyClientProvider(new URI("http://localhost:8181
> <http://localhost:8181/>"));
>                  final ProxyHandler proxyHandler = new
> ProxyHandler(proxyClient, servletHandler);
>                  proxyHandler.addRequestHeader(new
> HttpString("Authorization"), new ExchangeAttribute() {
>                      @Override
>                      public String readAttribute(HttpServerExchange
> exchange) {
>                          exchange.
>                          RefreshableKeycloakSecurityContext context =
> (RefreshableKeycloakSecurityContext) exchange.getSecurityContext();
>                          return "Bearer " + context.getTokenString();
>                      }
>
>                      @Override
>                      public void writeAttribute(HttpServerExchange
> exchange, String newValue) throws ReadOnlyAttributeException {
>                          // TODO Auto-generated method stub
>                      }
>                  });
>
> The problem is that the exchange.getSecurityContext() is always null.
> Any ideas?
>
> Thanks
>
>
>
> --
> Davide
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com

More information about the keycloak-user mailing list