Ask questions and see you at 11th January, 2016 at 6.PM. CET: http://www.ustream.tv/channel/adambien Also see archives: airhacks.tv
- Java EE 8 Progress
Last active
January 11, 2016 02:00
-
-
Save AdamBien/55b8d95e42f3c54f6674 to your computer and use it in GitHub Desktop.
22ndAirhacksQ&A.md
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi Adam!
my question is about AngularJS + Java EE 7 REST API + 3rd Party REST APIs.
In Munich Airhacks you mentioned Keycloak for securing AngularJS + Java EE 7 REST API applications, I already read about it and works great. AngularJS sends the Auth Token for the REST API, if the REST API is configured with the same Keycloak Realm all works like a charm.
But what happens when I create an AngularJS App that authenticates with his own Keycloak Realm and the app consumes a couple of 3rd Party REST APIs using Keycloak too, but a diferent Keycloak Server (see Image1).
So in the AngularJS app I have users
johnandrogeron theangularRealm, the app tries to consume the resources inREST API1andREST API2but needs a diferent authentication. How can I make this work? I'm already thinking about this not been a good practice because I probably will need to burn the 3rd Party credencials somewhere in the JavaScript code.I'm evaluating the need of an intermediate REST API for the AngularJS app, so this new REST API will be the one who connects to the 3rd Party REST APIs (see Image2).
But in this second scenario, how will the APP REST API create a REST Client for the 3rd Party REST APIs? How the REST Client perform authentication without the redirection to the Keycloak Login URL? (I'm already reading the Keycloak documentation.)
My question is your opinion about these two scenarios, what do you think is the best way of doing this communication with the 3rd Party REST APIs? And if you know how to perform the authentication to the 3rd Party REST API's from the Java EE, probably from an EJB as REST Client.