[keycloak-user] Keycloak Adapter without web.xml security-constraint

Scott Rossillo srossillo at smartling.com
Sun Apr 19 20:50:26 EDT 2015


Could we have a hook into application code to determine if a resource
should be protected by Keycloak? Maybe an event handler?

boolean shouldProtectResourse(HttpServletRequest)

On Friday, April 17, 2015, Scott Rossillo <srossillo at smartling.com> wrote:

> I could work around that for interactive logins, but it wouldn’t work for
> application to application requests. Do you have any pointers on where I
> could start to manually trigger the adapter?
>
> Do you think it’s a reasonable requirement to have the application
> determine if the adapter should be triggered? I feel it’s necessary for
> integration with applications that have to support more than one
> authentication mechanism.
>
> Let me know.
>
> Thanks in advance,
> Scott
>
>
> On Fri, Apr 17, 2015 at 4:46 PM, Bill Burke <bburke at redhat.com
> <javascript:_e(%7B%7D,'cvml','bburke at redhat.com');>> wrote:
>
>> Our adapters need a security constraint or they won't be triggered.
>>
>> On 4/17/2015 4:34 PM, Scott Rossillo wrote:
>> > When using a security mechanism, such as Spring Security, it’s possible
>> > that multiple security mechanisms are in place or that only parts of an
>> > application are secured via Keycloak, not a blanket path (e.g. /api/*).
>> >
>> > What I’m trying to do is use the Spring’s authentication entrypoint to
>> > direct to Keycloak (this part work somewhat) and have the Keycloak
>> > adapter pick up from there (not working).
>> >
>> > What’s the best way to handle this?
>> >
>> > Thanks,
>> > Scott
>> >
>> >
>> >
>> >
>> > _______________________________________________
>> > keycloak-user mailing list
>> > keycloak-user at lists.jboss.org
>> <javascript:_e(%7B%7D,'cvml','keycloak-user at lists.jboss.org');>
>> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>> >
>>
>> --
>> Bill Burke
>> JBoss, a division of Red Hat
>> http://bill.burkecentral.com
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> <javascript:_e(%7B%7D,'cvml','keycloak-user at lists.jboss.org');>
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150419/9c8ed633/attachment.html 


More information about the keycloak-user mailing list