[keycloak-user] spring sec/boot:: SPA -> Bearer_1 -> Bearer_2

java_os java at neposoft.com
Fri Nov 25 10:38:27 EST 2016

What's the best practice on this scenario:
SPA (has the token from keycloak.js) -->Rest call--> Bearer_1 -->Rest call
--> Bearer_2

Bearer_1 and Bearer_2 are spring sec/boot enabled.
Rest calls between Bearer_1 and Bearer_2 using resttemplates and injecting
into "Authorization" header the "Bearer token_long_string"

Bearer_1 has the KeycloakAuthenticationToken object.
Bearer_2 needs to be feed in with a valid non-expired token somehow - but
how? Not sure if one can get this out from KeycloakAuthenticationToken and
pass it in onto the header calls to bearer_2.
Is this the right approach for in-flight rest calls between 2 bearers?

What's the best practice on this scenario?
Anyone has done this for real?
- thx.

More information about the keycloak-user mailing list