[keycloak-user] Adding custom HTTP request attribute after successfull keycloak login in custom Authenticator or User Storage Provider?

Juan Pablo Perata jpperata at gmail.com
Thu Jan 25 16:32:12 EST 2018


Hi all,

I developed a custom User Storage Provider which allows to federate users
from a external database.
I would like to know if it is possible to add a custom attribute to the
HTTP request after successfull login, just in a similar way that
KeycloakSecurityContext instance is set in attribute
"KeycloakSecurityContext.class.getName()" (for example in keycloak class
ServletRequestAuthenticator.java).

It would be really good to do that in User Storage Provider or a custom
authenticator.

Context:
I need to set up roles to the authenticated user after successfull login,
but before entering to the application.
Keycloak roles that not fit my needs. So it would be good to add this bunch
of roles in a custom HTTP attribute.
I appreciate if somebody faced this and have a cute solution to this
:slightly_smiling_face:

Thanks in advance,


More information about the keycloak-user mailing list