[keycloak-user] help with bearer + basic auth
John Casey
jdcasey at commonjava.org
Tue Jul 14 11:32:45 EDT 2015
Hi,
This is my first post to this list, so please excuse me if this question
has been asked before. I'm having some trouble finding it via Google if
so...
I have a REST server with an Angular.js UI. I also access this REST
server via "raw" http calls (via curl, other utilities) and via a Java
client API that I control.
I'm trying to setup Keycloak to protect it, such that the UI does its
own authentication via the Keycloak javascript adapter, then sends the
bearer token to the REST server. At the same time, I don't want to
complicate things for scripts and such that just want to make one or two
calls to the server using python's httplib2 or curl or something like
that...I'd like those to use BASIC authentication.
When I setup my server's keycloak.json, it seems the only thing that
will work for granting access via the UI is to have it set to:
"bearer-only": true
However, this obviously doesn't work for basic auth via curl.
I get a 400 Bad Request in the UI try to set the server's keycloak.json to:
"enable-basic-auth": true
...but then curl works as expected.
I've looked at the example here:
https://github.com/keycloak/keycloak/tree/master/examples/basic-auth
...but it doesn't seem to have a javascript UI or anything using bearer
tokens to verify that it works that way.
My codebase is here:
https://github.com/jdcasey/aprox/tree/keycloak-refactor
And my keycloak files are here:
https://github.com/jdcasey/aprox/tree/keycloak-refactor/subsys/keycloak/src/main/conf/keycloak
Any insight / hints would be very much appreciated!
Thanks in advance,
-john
--
John Casey
---
GitHub: https://github.com/jdcasey/
Twitter: http://twitter.com/buildchimp
More information about the keycloak-user
mailing list