-
1. Re: Is it possible to secure ModeShape with Keycloak?
hchiorean Feb 13, 2015 2:11 AM (in response to mashama)ModeShape provides an API both for authorization & authentication, allowing clients to extend & plug in their own implementations. See Custom authentication providers - ModeShape 4 - Project Documentation Editor for more details.
-
2. Re: Re: Is it possible to secure ModeShape with Keycloak?
mashama Feb 18, 2015 4:07 PM (in response to hchiorean)Is there any chance we can utilize Servlet authorization for this? When I deploy my applications into Wildfly they are secured with two modifications: 1) the inclusion of a keycloak.json file and 2) the specification of the /web-app/login-config/auth-method element within the Servlet configuration web.xml file. The ModeShape documentation says all I need to do is "create a 'org.modeshape.jcr.api.ServletCredentials' instance with the servlet's HttpServletRequest" ...
Authentication and authorization - ModeShape 4 - Project Documentation Editor
-
3. Re: Re: Re: Is it possible to secure ModeShape with Keycloak?
hchiorean Feb 19, 2015 4:16 AM (in response to mashama)The way servlet authorization & authentication essentially works is via a ServletCredentials instance being passed to session.login like so:
repository.login(new ServletCredentials(httpRequest), workspaceName)
and relies subsequently on the following methods from HttpServletRequest: httpRequest.getUserPrincipal() && httpRequest.isUserInRole(roleName)
I don't know how Keycloak works, but if it integrates with HTTP auth, then your use case should work.