[keycloak-user] REST -> Backend App

[Red Samh]

Hello,

We have an application that is protected using Keycloak and a user can
access this application through a web front. After login the user can use
the functionality of the application. The application is also exposed
through REST API's and is protected via keycloak as part of the application
and accessible only after login into the main application.

We have a

(Step 1) Javascript application (retrieving data from) ->

(Step 2) Business Application exposed as REST API (REST API has to make
calls to backend Application mentioned above) ->

(Step 3) BackEnd Application Server + REST API.

Directly accessing the BackEnd Application Server works fine but when we
need to call the REST API from another REST service which is authenticated
via Keycloak we have issues.

We used the existing sample to try and do a POC but not sure what is the
best approach to solve this issue. The part from (Step 1) to (Step 2) works
and the REST API is protected using BEARER token. The (Step 2) to (Step 3)
is a problem as in (Step 2) we only have the BEARER token and the BackEnd
Application is protected using the full keycloak configuration. So The
BackEnd Application service is not authenticating by sending in only the
BEARER token in the header which is a full keycloak installation (work as
only a web service).

Thanks
Sam
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20140905/f258e089/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: keycloak-issue.png
Type: image/png
Size: 40822 bytes
Desc: not available
Url : http://lists.jboss.org/pipermail/keycloak-user/attachments/20140905/f258e089/attachment-0001.png