[keycloak-user] Obtaining the user name from the security context

Marek Posolda mposolda at redhat.com
Fri Nov 21 16:57:07 EST 2014


I've just tried it and figured that it doesn't work due to bug 
https://issues.jboss.org/browse/KEYCLOAK-857 . It's fixed in latest 
keycloak master and will be available in next release 1.1.0.Beta2 . The 
easiest workaround is to configure absolute URI for auth-server-url . So 
instead of "/auth", you can use "http://localhost:8080/auth" or 
something like that according to your env.

Hope it helps,

On 20.11.2014 11:25, Gary Brown wrote:
> Hi
> Thanks for the information.
> However, I've tried it without success - I also tried using this attribute in the keycloak unconfigured-demo and preconfigured-demo examples for customer-app/product-app, and didn't have an effect on them either.
> Just wondering whether the text in the doc "OpenID Connection ID Token attribute to populate the UserPrincipal name with" implies that this attribute only works for OpenID?
> With the unconfigured version, it wasn't clear whether this attribute would be set under the realm or secure-deployment elements, so initially I tried just under the realm but then eventually defined the attribute under both. Attached the wildfly standalone-full.xml.
> Regards
> Gary
> ----- Original Message -----
>> If you have 1.1.0.Beta1, you can try to use "principal-attribute" with
>> value "|preferred_username" in the configuration of your adapter. More
>> info in |http://docs.jboss.org/keycloak/docs/1.1.0.Beta1/userguide
>> /html/ch07.html#adapter-config .
>> It should also work to cast getUserPrincipal() to KeycloakPrincipal and
>> use something like:
>> ((KeycloakPrincipal)getUserPrincipal()).getKeycloakSecurityContext().getToken().getPreferredUsername()
>> this should also work on older versions, but your code may need to have
>> dependencies on keycloak.
>> Marek
>> On 19.11.2014 17:20, Gary Brown wrote:
>>> Hi
>>> When I access getUserPrincipal().getName() in
>>> javax.ws.rs.core.SecurityContext I get the UID.
>>> Is it possible to obtain the actual user name?
>>> Regards
>>> Gary
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user

More information about the keycloak-user mailing list