keycloak-scim/topics/oidc/java/adapter-context.adoc

=== Security Context

The `KeycloakSecurityContext` interface is available if you need to access to the tokens directly. This could be useful if you want to retrieve additional
details from the token (such as user profile information) or you want to invoke a RESTful service that is protected by {{book.project.title}}.

In servlet environments it is available in secured invocations as an attribute in HttpServletRequest:
[source,java]
----
httpServletRequest
    .getAttribute(KeycloakSecurityContext.class.getName());
----

Or, it is available in secure and insecure requests in the HttpSession:

[source,java]
----
httpServletRequest.getSession()
    .getAttribute(KeycloakSecurityContext.class.getName());
----
Complete Java chapters 2016-06-03 10:35:36 +00:00			`=== Security Context`
initial import 2016-04-18 19:10:32 +00:00
Complete Java chapters 2016-06-03 10:35:36 +00:00			The `KeycloakSecurityContext` interface is available if you need to access to the tokens directly. This could be useful if you want to retrieve additional
			`details from the token (such as user profile information) or you want to invoke a RESTful service that is protected by {{book.project.title}}.`
initial import 2016-04-18 19:10:32 +00:00
Complete Java chapters 2016-06-03 10:35:36 +00:00			`In servlet environments it is available in secured invocations as an attribute in HttpServletRequest:`
			`[source,java]`
			`----`
			`httpServletRequest`
			`.getAttribute(KeycloakSecurityContext.class.getName());`
			`----`

			`Or, it is available in secure and insecure requests in the HttpSession:`

			`[source,java]`
			`----`
			`httpServletRequest.getSession()`
			`.getAttribute(KeycloakSecurityContext.class.getName());`
initial import 2016-04-18 19:10:32 +00:00			`----`