keycloak

问题 I am trying to configure my Spring Security with Keycloak . I am using Spring Boot . I have the following dependencies in my pom. <dependency> <groupId>org.keycloak</groupId> <artifactId>keycloak-spring-boot-starter</artifactId> </dependency> <dependency> <groupId>org.keycloak</groupId> <artifactId>keycloak-spring-security-adapter</artifactId> </dependency> <dependency> <groupId>org.keycloak</groupId> <artifactId>keycloak-tomcat8-adapter</artifactId> </dependency> I use the spring boot

问题 I've tried to import a realm from java application, but the server always return: Exception in thread "main" javax.ws.rs.BadRequestException: HTTP 400 Bad Request at org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.handleErrorStatus(ClientInvocation.java:197) at org.jboss.resteasy.client.jaxrs.internal.proxy.extractors.DefaultEntityExtractorFactory$3.extractEntity(DefaultEntityExtractorFactory.java:50) at org.jboss.resteasy.client.jaxrs.internal.proxy.ClientInvoker.invoke

问题 I'm using Keycloak to secure my Spring app (which is registered in Keycloak as my_app client). Now I want to retrieve all active sessions of that client. Would be great if I could do it using keycloak-admin-client, because I couldn't figure out how to use Admin Rest API in java... So far I've tried this: Keycloak keycloak=KeycloakBuilder.builder() .serverUrl("http://localhost:8180/auth") .realm("master") .username("admin") .password("admin") .clientId("admin-cli") .resteasyClient(new

问题 I have a springboot application linked to a postgresql database. The app is secured using keycloak (keycloak springboot adapter). The idea is to have multiple schemas in the postgres database for different groups of users that login. I hope to identify the user-group using the keycloak token that is received by rest endpoints on the springboot server and then access the respective schema. Where should I start ? Can anyone point me to a guide for this ? or is there any other better approach ?

问题 Actually We have following flow and scenario to poll data in to my Spring boot App Active Directory --> Keycloak --> Spring boot App Here we are able to poll data in but in future if there is any record change in Active Directory keycloak has a provision to poll data in it's DB periodically but the same changed (Newly Added /Deleted /Updated ) records from key cloak to Spring boot application there is some eventing option but I do not see how and where to implement it ? I suppose there should

问题 I am building a REST API with spring boot and for authentication and authorization I am using Keycloak. Since the users are managed by Keycloak, my application database does not have the data of the users. But I want to store some attributes of the User entity from Keycloak in my application database, as user data will be required for audit purposes. So what would be the best way to synchronize the application database User table with keycloak User table? 回答1: I would implement a Keycloak

问题 I'm new to Keycloak and having a hard time authenticating a desktop app written on Electron. I looked at the documentation that discusses the OpenID Connect endpoint and then found a blog that walks through Keycloak and Postman and I was able to get tokens from Keycloak via this method. I'm pretty sure this is incorrect for a few reasons. How can I authenticate my Electron app without running a client side web server to handle the redirects? There is an example for authenticating a web app,

问题 I'm using keycloak header based authentication to secure a REST API. There I want set a request header field (basically keycloak Autharization Header) before authication happes. Another appocach for this is exlained here : How to get javax.servlet.Filter called before Keycloak Authentication In this try I tried to call the overriden HeaderBasedKeycloakConfigResolver's resolve method and after tempering the web.xml . I could note that it can be called before the authentication happens. I read

问题 I'm using Keycloak's JavaScript Adapter to connect a web application with the SSO of my workplace. The code looks like this (server data is loaded via they keycloak.json file): const keycloak = Keycloak(); keycloak.init({onLoad: "login-required"}).success(authenticated => { ... }).error(() => { ... }); It works as intended on Firefox and Chrome, but on Internet Explorer (v. 11) the POST request for the token returns a 400 Bad Request. Is this a problem with my configuration of Internet

问题 Implementing SSO in my application and from app-1 i need to make a rest call to app-2. Login in app-1 with SAML and authenticated successfully and trying for rest call from app-1 with openid but since authentication is using saml only so not able to get the access/bearer token. Please help how to get the access/bearer token from saml request/response. I'm using Keycloak Server for SSO implementation. 回答1: You can't. REST API need a JWT token not a SAML one. Change SAML to OpenID Connect and