[keycloak-user] Which adapter must I use ?

Jérôme Blanchard jayblanc at gmail.com
Wed Apr 15 09:32:07 EDT 2015


Hi Meissa,
thanks for your answer I'm already using the keycloak wildfly adapter. WHat
I don't manage to do is to use it with a classic browser client. Is there
is a way to ask for a token stored in the client's browser cookie and to
the server application look for this token in a cookie instead of in the
authentication header ?
Jerome

Le mer. 15 avr. 2015 à 14:27, Meissa M'baye Sakho <msakho at redhat.com> a
écrit :

> Hi Jerôme,
> Since your application runs on Wildfy, you'll have to use the
> Keycloak-wildfly adapter.
> Meissa
>
> ------------------------------
> *De: *"Jérôme Blanchard" <jayblanc at gmail.com>
> *À: *keycloak-user at lists.jboss.org
> *Envoyé: *Mercredi 15 Avril 2015 12:08:55
> *Objet: *[keycloak-user] Which adapter must I use ?
>
>
> Hi all,
> I'm facing a problem regarding which adapter to use in my case :
> I have an application which runs on wildfly.
> It is packaged as an ear containing an EJB backend (jar) and a web
> application (war) that expose a REST API and a simple content browsing
> servlet.
> Both of the rest api and the content servlet allows anonymous access and
> authentified access. The EJB layer takes in charge the access control usign
> internal rules system.
> The authentication on the REST API using bearer token works fine as it is
> a javascript client that use it and the javascript adapter works fine.
> What I want to do is to allow authentication on the content servlet in the
> following way :
> 1. A user ask some content using the content servlet /content/file.txt
> 2. Because anonymous and the file.txt is protect, EJB layer return an
> AccessDeniedException which is handled by the servlet to redirect the user
> browser to an specific jsp page saying that content is protected and giving
> a link to the keycloak server for eventual authentication.
> 3. The user follow this link to perform authentication and is redirected
> back to the content url /content/file1.txt
> 4. I don't know how but the browser should be able to include something (a
> cookie) that would holds the authentication token and allow the content
> servlet to act as authentified.
> Because my current adapter just check a bearer token header I don't see
> which adapter to add, or how to handle authentication in another way
> allowing the client navigator to propagate authentication token ??
> Thanks in advance for your support and congratulation for this very nice
> product that is keycloak.
> Best regards, Jérôme.
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150415/aa69773a/attachment.html 


More information about the keycloak-user mailing list