[keycloak-user] Which adapter must I use ?

[Jérôme Blanchard]

Hi all,
I'm facing a problem regarding which adapter to use in my case :
I have an application which runs on wildfly.
It is packaged as an ear containing an EJB backend (jar) and a web
application (war) that expose a REST API and a simple content browsing
servlet.
Both of the rest api and the content servlet allows anonymous access and
authentified access. The EJB layer takes in charge the access control usign
internal rules system.
The authentication on the REST API using bearer token works fine as it is a
javascript client that use it and the javascript adapter works fine.
What I want to do is to allow authentication on the content servlet in the
following way :
1. A user ask some content using the content servlet /content/file.txt
2. Because anonymous and the file.txt is protect, EJB layer return an
AccessDeniedException which is handled by the servlet to redirect the user
browser to an specific jsp page saying that content is protected and giving
a link to the keycloak server for eventual authentication.
3. The user follow this link to perform authentication and is redirected
back to the content url /content/file1.txt
4. I don't know how but the browser should be able to include something (a
cookie) that would holds the authentication token and allow the content
servlet to act as authentified.
Because my current adapter just check a bearer token header I don't see
which adapter to add, or how to handle authentication in another way
allowing the client navigator to propagate authentication token ??
Thanks in advance for your support and congratulation for this very nice
product that is keycloak.
Best regards, Jérôme.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150415/ca27d779/attachment.html