[keycloak-user] Authentication throw a proxy on Undertow
Davide Ungari
ungarida at gmail.com
Fri Nov 21 02:47:21 EST 2014
Hi Bill,
I see you have pushed some changes.
Tell me as soon as you need me to test it.
Thank you,
Davide.
> Weird... I'm actually screwing around with writing a security proxy
> right now. I just started like an hour or so ago so I'm not exactly
> sure...but I don't think you can implement this with the current
> codebase. You need a Undertow only (no servlet) authentication
> mechanism and to set up the security handler chain correctly. (See the
> BasicAuthServer example in Undertow).
> I should have something working in master by the end of the week.
> On 11/19/2014 6:33 PM, Davide Ungari wrote:
> >* Hi everybody,
> *>* this is the big picture:
> *>* a. frontend application with Undertow
> *>* b. backend application with Undertow and Resteasy for REST API
> *>
> >* Both are using Keycloak as SSO.
> *>
> >* I'm trying to configure a proxy from A to B in order to expose backend
> *>* API without CORS problems to the frontend.
> *>
> >* I asked support also to Undertow guys but the issue seems around the
> *>* integration of Keycloack in Undertow. My proxy is implemented like:
> *>
> >* final ProxyClient proxyClient = new
> *>* SimpleProxyClientProvider(new URI("http://localhost:8181 <http://localhost:8181/>
> *>* <http://localhost:8181/ <http://localhost:8181/>>"));
> *>* final ProxyHandler proxyHandler = new
> *>* ProxyHandler(proxyClient, servletHandler);
> *>* proxyHandler.addRequestHeader(new
> *>* HttpString("Authorization"), new ExchangeAttribute() {
> *>* @Override
> *>* public String readAttribute(HttpServerExchange
> *>* exchange) {
> *>* exchange.
> *>* RefreshableKeycloakSecurityContext context =
> *>* (RefreshableKeycloakSecurityContext) exchange.getSecurityContext();
> *>* return "Bearer " + context.getTokenString();
> *>* }
> *>
> >* @Override
> *>* public void writeAttribute(HttpServerExchange
> *>* exchange, String newValue) throws ReadOnlyAttributeException {
> *>* // TODO Auto-generated method stub
> *>* }
> *>* });
> *>
> >* The problem is that the exchange.getSecurityContext() is always null.
> *>* Any ideas?
> *>
> >* Thanks
> *>
> >
> >
> >* --
> *>* Davide
> *>
> >
> >* _______________________________________________
> *>* keycloak-user mailing list
> *>* keycloak-user at lists.jboss.org <https://lists.jboss.org/mailman/listinfo/keycloak-user>
> *>* https://lists.jboss.org/mailman/listinfo/keycloak-user <https://lists.jboss.org/mailman/listinfo/keycloak-user>
> *>
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20141121/c3f42056/attachment.html
More information about the keycloak-user
mailing list