[keycloak-user] Authentication throw a proxy on Undertow

Fri Nov 21 08:27:03 EST 2014

Still needs some work, testing, and also to make it a distribution.

On 11/21/2014 2:47 AM, Davide Ungari wrote:
> Hi Bill,
> I see you have pushed some changes.
> Tell me as soon as you need me to test it.
>
> Thank you,
> Davide.
>
>     Weird... I'm actually screwing around with writing a security proxy
>     right now. I just started like an hour or so ago so I'm not exactly
>     sure...but I don't think you can implement this with the current
>     codebase. You need a Undertow only (no servlet) authentication
>     mechanism and to set up the security handler chain correctly. (See the
>     BasicAuthServer example in Undertow). I should have something
>     working in master by the end of the week. On 11/19/2014 6:33 PM,
>     Davide Ungari wrote:
>      >/Hi everybody, />/this is the big picture: />/a. frontend
>     application with Undertow />/b. backend application with Undertow
>     and Resteasy for REST API />
>      >/Both are using Keycloak as SSO. />
>      >/I'm trying to configure a proxy from A to B in order to expose
>     backend />/API without CORS problems to the frontend. />
>      >/I asked support also to Undertow guys but the issue seems around
>     the />/integration of Keycloack in Undertow. My proxy is implemented
>     like: />
>      >/final ProxyClient proxyClient = new
>     />/SimpleProxyClientProvider(new URI("http://localhost:8181
>     <http://localhost:8181/> />/<http://localhost:8181/>")); />/final
>     ProxyHandler proxyHandler = new />/ProxyHandler(proxyClient,
>     servletHandler); />/proxyHandler.addRequestHeader(new
>     />/HttpString("Authorization"), new ExchangeAttribute() {
>     />/@Override />/public String readAttribute(HttpServerExchange
>     />/exchange) { />/exchange. />/RefreshableKeycloakSecurityContext
>     context = />/(RefreshableKeycloakSecurityContext)
>     exchange.getSecurityContext(); />/return "Bearer " +
>     context.getTokenString(); />/} />
>      >/@Override />/public void writeAttribute(HttpServerExchange
>     />/exchange, String newValue) throws ReadOnlyAttributeException {
>     />/// TODO Auto-generated method stub />/} />/}); />
>      >/The problem is that the exchange.getSecurityContext() is always
>     null. />/Any ideas? />
>      >/Thanks />
>      >
>      >
>      >/-- />/Davide />
>      >
>      >/_______________________________________________ />/keycloak-user
>     mailing list />/keycloak-user at lists.jboss.org
>     <https://lists.jboss.org/mailman/listinfo/keycloak-user>
>     />/https://lists.jboss.org/mailman/listinfo/keycloak-user /> --
>     Bill Burke
>     JBoss, a division of Red Hat
>     http://bill.burkecentral.com <http://bill.burkecentral.com/>
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com