I have a jersey application running on a tomcat server and it has keycloak integrated in it.. My problem is that I'm trying to fetch the information of authenticated user but I'm having a hard time to find a solution. Most (if not all) of the solutions I have seen so far suggest to import KeycloakPrincipal and other things but that would have worked if keycloak was parts of my pom.xml file which isn't the case. Anybody has ran into this issue before?
Related
I am working a Java exercise at IntelliJ Idea using Spring Boot, Maven, MySQL Workbench 8.0 and Postman. I have connected Spring Boot framework with localhost in MySQL. I use github.com platform to post my code there and to refresh it time after time. Now I have a problem with sending request at Postman. The request took too long to give an answer. I tried too many times to fix this problem, but it didn't workout. Sincerely, I don't understand what is happening? Can somebody help me with this? Meanwhile I am posting here the github.com account and there you can see the solution that I have done to it. Below you can find the data of database connection and the data of exercise.
https://github.com/kevingjika/ecommerce-app,
root#127.0.0.1:3306,
jdbc:mysql://127.0.0.1:3306/?user=root,
ecommerce backend application
We have encountered an issue where the application is going into an infinite looping state between the IdP server and the SP server, which are both hosted by different servers. From the logs, we could observe that the authentication was successful and we were able to get the assertion data as well. But at the browser level, we could see that the application was redirecting to IdP server. There were no errors logged in either browser console or in application/tomcat console. Could anyone please help me find a solution to stop this behavior.
Our Environment - Spring Framework application with open saml2 hosted on tomcat server.
Thanks in advance!
it could be tough to point out your problem quickly. Nevertheless, I wanted to write my comments maybe you can find a way worth to look.
IdP, SP, and your application are crucial players in such integration. The proper configuration between IdP and SP is the most important step. The user logins on the identity provider then redirect to SP with SAML assertion with desired attributes inside of a contract which IdP and SP have been agreed on. My suggestion would be, "it might be worthy of having a look at configuration once again."
Sorry, I don't have a concrete solution at this point to help you in resolving your problem. It might be hard for you also to give detailed information about integration between ends. But if you can provide a piece of more details like the name of the products (IdP, SP, SAML configuration details, i.e., which attributes have been mapped) that you are using, I can try to find sth.
I am trying to find out if there is any build-in option on Tomcat to use it's authentication credentials from remote server?
We build some application based on Spring Boot and that application should use authentication based on the credentials configured on another Tomcat server. Ideally I think about some kind of Web Service for the authentication which Tomcat may provide, but as far as I remember there is nothing like that available. Any thoughts on that?
Please don't advise LDAP or dedicated solutions - I can't use them on that particular case.
Thanks!
The components in Tomcat that authenticate users are called Realm, and there's quite a lot of them already implemented. You can find an overview of them, what they do and how to configure them on the Realm documentation page.
Check if any of the other existing ones (some access a database, which might qualify as an external server in your usecase - you judge that for yourself) will suit your needs.
You can even find a realm for LDAP in there if that will ever become an option ;)
I am using ofbiz for an e-commerce site and I have recently migrated from EC2 type amazon servers to VPC type servers provided by Amazon.
After migrating I often see ofbiz asking for login credentials again and again before performing any task. In other words, I have to provide my credentials again and again to accomplish any single task.
Google couldn't help me with this neither the ofbiz forums, any hint if not the exact solution would also help.
This sort of problem often requires some research and testing, but I'd start with looking at session related issues like cookies (for plain HTTP) and HTTPS sessions, and also that the jsessionid is included in the URL when switching between HTTP and HTTPS.
It may be that something in the network is different between the plain EC2 and the private cloud and that is causing issues with maintaining the session. I don't know a lot about VPC on AWS, so can't comment on more detailed things to look into there.
My application currently relies on JDBC realm authentication. Recent needs have forced us to think about having LDAP authentication as well. We are thinking about using Active Directory for both authentication as well as authorization (roles). As a standalone test, I was able to authenticate my application with AD. But here is the confusion I have going forward.
If the user chooses LDAP authentication when he logs in, I authenticate the user with AD, get the user's roles and do I replicate(create a new) windows user in my database?. I have to have the user in the database, because many parts of the application is designed to retrieve the user from database
If the users chooses local login, I still should have JDBCRealm somewhere that I should use to authenticate the user. Is it possible to have multiple realms in tomcat? (I sort of know it is possible, but havent seen much documentation around it)
Any thoughts, comments, suggestions would immensely help me
Thanks
K
If you can run your app on Tomcat 6, there is a realm called CombinedRealm that will let you do what you are trying to do: http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html#CombinedRealm. It is possible to do what you want in older versions but it's a real pain. You basically will have to implement your own custom Realm. I've not yet used this new CombinedRealm, but if it works as advertised it will save you a lot of effort and pain. Trust me.