keycloak

问题 I have secured an enterprise application with Keycloak using standard wildfly based Keycloak adapters. Issue that I am facing is that the rest web services when invoked, needs to know the username that is currently logged in. How do I get the logged in user information from Keycloak? I tried using SecurityContext , WebListener etc. But none of them are able to give me the required details. 回答1: You get all user information from the security context. Example: public class Greeter { @Context

问题 I have a Keycloak protected backend that I would like to access via swagger-ui. Keycloak provides the oauth2 implicit and access code flow, but I was not able to make it work. Currently, Keycloak's documentation is lacking regarding which url should be used for authorizationUrl and tokenUrl within swagger.json . Each realm within Keycloak offers a huge list of configuration urls by accessing http://keycloak.local/auth/realms/REALM/.well-known/openid-configuration Furthermore I've tried to

问题 I am working on creating an angular.js web application and looking for how to integrate keycloak into the project. I have read and watched many tutorials and I see that most of them have users logging/registering through the default login page of keycloak which then redirects to the app. I have designed my own login and registration page which I want to use. How do I use them instead of keycloak default. Are there any API that I can call or may be my backend would do that? I also read there

问题 We are trying to evaluate Keycloak as an SSO solution, and it looks good in many respects, but the documentation is painfully lacking in the basics. For a given Keycloak installation on http://localhost:8080/ for realm test , what are the OAuth2 Authorization Endpoint, OAuth2 Token Endpoint and OpenID Connect UserInfo Endpoint ? We are not interested in using Keycloak's own client library, we want to use standard OAuth2 / OpenID Connect client libraries, as the client applications using the

问题 I can use KecloakRestTemplate where one keycloak client is communicating with another keycloak client. However it only works if I have logged into the first keycloak client, i.e. it sends client ID, client secret, username, password, to keycloak server. If I haven't authenticated with a user and password on the first client I get "Cannot set authorization header because there is no authenticated principle". But I have configured keycloak to use a service account for the first client (Client

问题 My setup has three components: A backend application (Python/Flask) A frontend application (VueJS) Keycloak The frontend will use Keycloak to let users sign in and use the access tokens to authenticate requests to the backend. So far so good. Now I want third party applications to be able to make authenticated requests against the backend and I am wondering how that can be realized using Keycloak? My idea is to issue a new set of credentials for each customer. Their application then talks to

问题 I Have integrated keycloak with an angular app. Basically, both frontend and backend are on different server.Backend app is running on apache tomcat 8. Frontend app is running on JBoss welcome content folder. Angular config angular.element(document).ready(function ($http) { var keycloakAuth = new Keycloak('keycloak.json'); auth.loggedIn = false; keycloakAuth.init({ onLoad: 'login-required' }).success(function () { keycloakAuth.loadUserInfo().success(function (userInfo) { console.log(userInfo)

问题 In my rest service i can obtain the principal information after authentication using KeycloakPrincipal kcPrincipal = (KeycloakPrincipal) servletRequest.getUserPrincipal(); statement. Keycloak principal does\'nt cotain all the information i need about the authenticated user. Is it possibile to customize my own principal type? On the keycloak-server-end i ve developed a user federation provider. I saw that UserModel makes possible to add a set of custom attributes to my user. Is it possibile to