keycloak-scim/topics/oidc/java/adapter-context.adoc

21 lines
717 B
Text
Raw Normal View History

2016-06-03 10:35:36 +00:00
=== Security Context
2016-04-18 19:10:32 +00:00
2016-06-03 10:35:36 +00:00
The `KeycloakSecurityContext` interface is available if you need to access to the tokens directly. This could be useful if you want to retrieve additional
details from the token (such as user profile information) or you want to invoke a RESTful service that is protected by {{book.project.title}}.
2016-04-18 19:10:32 +00:00
2016-06-03 10:35:36 +00:00
In servlet environments it is available in secured invocations as an attribute in HttpServletRequest:
[source,java]
----
httpServletRequest
.getAttribute(KeycloakSecurityContext.class.getName());
----
Or, it is available in secure and insecure requests in the HttpSession:
[source,java]
----
httpServletRequest.getSession()
.getAttribute(KeycloakSecurityContext.class.getName());
2016-04-18 19:10:32 +00:00
----