20 lines
700 B
Text
20 lines
700 B
Text
==== Security Context
|
|
|
|
The `KeycloakSecurityContext` interface is available if you need to access to the tokens directly. This could be useful if you want to retrieve additional
|
|
details from the token (such as user profile information) or you want to invoke a RESTful service that is protected by {project_name}.
|
|
|
|
In servlet environments it is available in secured invocations as an attribute in HttpServletRequest:
|
|
[source,java]
|
|
----
|
|
httpServletRequest
|
|
.getAttribute(KeycloakSecurityContext.class.getName());
|
|
----
|
|
|
|
Or, it is available in insecured requests in the HttpSession:
|
|
|
|
[source,java]
|
|
----
|
|
httpServletRequest.getSession()
|
|
.getAttribute(KeycloakSecurityContext.class.getName());
|
|
----
|
|
|