Update topics/oidc/java/jaas.adoc
This commit is contained in:
parent
ee62068dcf
commit
4f2490cb93
1 changed files with 5 additions and 5 deletions
|
@ -3,19 +3,19 @@
|
||||||
|
|
||||||
It's generally not needed to use JAAS for most of the applications, especially if they are HTTP based, and you should most likely choose one of our other adapters.
|
It's generally not needed to use JAAS for most of the applications, especially if they are HTTP based, and you should most likely choose one of our other adapters.
|
||||||
However, some applications and systems may still rely on pure legacy JAAS solution.
|
However, some applications and systems may still rely on pure legacy JAAS solution.
|
||||||
{{book.project.title}} provides two login modules to help in these situations.
|
{{book.project.name}} provides two login modules to help in these situations.
|
||||||
|
|
||||||
The provided login modules are:
|
The provided login modules are:
|
||||||
|
|
||||||
org.keycloak.adapters.jaas.DirectAccessGrantsLoginModule::
|
org.keycloak.adapters.jaas.DirectAccessGrantsLoginModule::
|
||||||
This login module allows to authenticate with username/password from {{book.project.title}}.
|
This login module allows to authenticate with username/password from {{book.project.name}}.
|
||||||
It's using <<fake/../../oidc-generic.adoc#_resource_owner_password_credentials_flow,Resource Owner Password Credentials>> flow to validate if the provided
|
It's using <<fake/../../oidc-generic.adoc#_resource_owner_password_credentials_flow,Resource Owner Password Credentials>> flow to validate if the provided
|
||||||
username/password is valid. It's useful for non-web based systems, which need to rely on JAAS and want to use {{book.project.title}}, but can't use the standard browser
|
username/password is valid. It's useful for non-web based systems, which need to rely on JAAS and want to use {{book.project.name}}, but can't use the standard browser
|
||||||
based flows due to their non-web nature. Example of such application could be messaging or SSH.
|
based flows due to their non-web nature. Example of such application could be messaging or SSH.
|
||||||
|
|
||||||
org.keycloak.adapters.jaas.BearerTokenLoginModule::
|
org.keycloak.adapters.jaas.BearerTokenLoginModule::
|
||||||
This login module allows to authenticate with {{book.project.title}} access token passed to it through CallbackHandler as password.
|
This login module allows to authenticate with {{book.project.name}} access token passed to it through CallbackHandler as password.
|
||||||
It may be useful for example in case, when you have {{book.project.title}} access token from standard based authentication flow and your web application then
|
It may be useful for example in case, when you have {{book.project.name}} access token from standard based authentication flow and your web application then
|
||||||
needs to talk to external non-web based system, which rely on JAAS. For example a messaging system.
|
needs to talk to external non-web based system, which rely on JAAS. For example a messaging system.
|
||||||
|
|
||||||
Both modules use the following configuration properties:
|
Both modules use the following configuration properties:
|
||||||
|
|
Loading…
Reference in a new issue