[keycloak-user] How to get user details

valsaraj pv valsarajpv at gmail.com
Thu May 17 08:30:42 EDT 2018 

Hi Subodh,

I am able to fetch these details.
My current issue is:

The java ee application (deployed to wildfly) stores sensitive data like
access keys, etc. for different users in LDAP. In order to decrypt these
data - it needs a master password associated with the current user. A
password entered when the user logs in to application is used for this.

Now I'm considering a possibility of using keycloak to secure this
application. But it looks like there's no way to obtain a password for a
currently logged in user with keycloak (as it operates with tokens)? Asking
user to enter the password again in the application is not an option.
Is there any way to get password back on java application (not recommended)
or process decryption of user keys on Keycloak & return to client java
application using the password that user entered?
Currently I am getting encrypted  user keys from KC using user attribute
mapping. But unable to use it without decryption using password. So if that
can be done along with login in Keycloak, provlem will be solved.
Please suggest if have idea about customizing for this.

Thanks!

On Thu, May 17, 2018 at 5:40 PM, Subodh Joshi <subodhcjoshi82 at gmail.com>
wrote:

> You did not mentioned which technology you are using its JS or Java .I
> Assumed its Java you can check below sample code.
>
>>  KeycloakSecurityContext securityContext = (KeycloakSecurityContext)
>> httpRequest.getAttribute(KeycloakSecurityContext.class.getName());
>>  AccessToken accessToken = securityContext.getToken();
>>           if(null != accessToken ){
>>           userId = accessToken.getPreferredUsername();
>> }
>>
>
> On Tue, May 15, 2018 at 2:26 PM valsaraj pv <valsarajpv at gmail.com> wrote:
>
>> Hi,
>>
>> User redirected to Keyclock & after successful login user redirected back
>> to application. Now there is no user information stored on application
>> side. Earlier it was in LDAP & we fetch user details from LDAP. Now how to
>> get user details in Keyclock based login scenario?
>> Please share if any useful links.
>>
>> Thanks,
>> Valsaraj Viswanathan
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>
> --
> Subodh Chandra Joshi
> subodh1_joshi82 at yahoo.co.in
> http://www.trendsinnews.com
>



-- 
Life is like this: "Just when we get all the answers of life.... God
changes the question paper....

Valsaraj Viswanathan

More information about the keycloak-user mailing list