How to pass the keycloak generated token in get request to rest api?
I am using keycloak for authenticating users. I have used
KeycloakInstalled keycloak = new KeycloakInstalled(config);
in 1st application, I am able to authenticate a user and generate a token.
Now in the next step, I want to use this token to authenticate my rest api in 2nd application (both applications are running on same server , just different ports). For that , in my 2nd application, I have added role '*' in constraint mapping.
ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS | org.eclipse.jetty.servlet.ServletContextHandler.SECURITY );
ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
context.setSecurityHandler(securityHandler);
securityHandler.addRole("*");
ConstraintMapping constraintMapping = new ConstraintMapping();
constraintMapping.setPathSpec("/*");
Constraint constraint = new Constraint();
constraint.setAuthenticate(true);
constraint.setRoles(new String[]{"*"});
constraintMapping.setConstraint(constraint);
securityHandler.addConstraintMapping(constraintMapping);
KeycloakJettyAuthenticator keyCloakAuthenticator = new KeycloakJettyAuthenticator();
AdapterConfig keyCloakConfig = new org.keycloak.representations.adapters.config.AdapterConfig();
keyCloakConfig.setRealm("myRealm");
keyCloakConfig.setAuthServerUrl("http://172.23.49.9:8180/auth");
keyCloakConfig.setSslRequired("none");
keyCloakConfig.setResource("my_resource");
Map<String,Object> credentials = new HashMap<String,Object>();
credentials.put("secret", "xxxxx-xxxxx-xx-877b-ssefssss");
keyCloakConfig.setCredentials(credentials);
keyCloakAuthenticator.setAdapterConfig(keyCloakConfig);
context.getSecurityHandler().setAuthenticator(keyCloakAuthenticator);
When I am trying to use the token generated by first application to access a secured resource in my application through browser like this:
http://localhost:7100/api/v1/test/code=generated_code
I get the following error:
HTTP ERROR: 403 Problem accessing /api/v1/design/test/code=eyJhbGciOiJSUz (truncated for readability)
Reason:
!role
What are the mistakes that I did?
Is this the right way to pass the generated token: /code=generated_token ?
NOTE: I have ensured the keycloak config in both the application is exactly same.
The correct way to send the token generated by Keycloak is in HTTP Header:
Authorization: Bearer {generated_token}
- Keep numbers which appear in both columns, in J lang
- Differentiation in J
- How to reshape an array with an arbitrary size in one dimension?
- Why is Insert (fold) right associative
- Write 4 : 'x&{.&.;: y' tacitly
- Alignment issue when printing formatted prime numbers in J language
- How can I define a verb in J that applies a different verb alternately to each atom in a list?
- How to get user input in the J programming language
- How to unbox a list of boxed lists of differing lengths in J?
- How can I fix 'noun result was required' error in J?
- In j, how can I define a verb locally in one scope and pass it to a defined adverb?
- Convert boxed array to normal array?
- Read column of CSV file as array
- Replace atom in array of strings
- What does the dyad `=` do to boxed strings?
- Index of minimum element using J
- How can I take the outer product of string vectors in J?
- Building an array of verbs in J
- Reading in multidigit command line parameter
- Amend with bond to new data shows unexpected behaviour
- How to turn a table or matrix into a (flat) list in J
- How to run dissect in J?
- How to define selection using index function in J
- How to exit the J console?
- Find 4-neighbors using J
- Writing custom verbs in J
- How do I negate a selector in J lang?
- How to use arbitrary selector in interchange in J lang?
- different result once square root is added inside tacit
- Sum of arrays with repeated indices