CODEWITHSUNDEEP
keycloakquarkusquarkus-oidc
Kai
Kai

Reputation: 1

Multiple authentications (Basic Auth + Keycloak)

I have 2 different rest endpoints in my Quarkus project:

/api/ws/...
/api/web/...

according to my understanding, it is so with Keycloak that I get a bearer token before and with this token I can access the endpoints. But how do I do that if I want to secure the "ws" endpoint only with basic auth (Username + Password)? So that I have then also the user in the SecurityIdentity (Principal) contained ?

the current "application.properties" looks like this:

# AUTH
quarkus.http.auth.basic=true
quarkus.http.auth.permission.authenticated.paths=/*
quarkus.http.auth.permission.authenticated.policy=authenticated
quarkus.http.auth.permission.web.paths=/*
quarkus.http.auth.permission.web.policy=authenticated
quarkus.oidc.tenant-id=RealmResolver
quarkus.oidc.enabled=true

quarkus.oidc.auth-server-url=${keycloak.url}/auth/realms/${keycloak.realm}
quarkus.oidc.client-id=${keycloak.client_id}
quarkus.oidc.token-path=${keycloak.url}/auth/realms/${keycloak.realm}/protocol/openid-connect/token
quarkus.oidc.token.refresh-expired=true
quarkus.oidc.application-type=WEB_APP

## WS
quarkus.http.auth.ws.basic=true
quarkus.oidc.ws.auth-server-url=${keycloak.url}/auth/realms/${keycloak.realm}
quarkus.oidc.ws.client-id=${keycloak.client_id}
quarkus.oidc.ws.application-type=hybrid
quarkus.http.auth.permission.ws.paths=/api/ws/*
quarkus.http.auth.permission.ws.policy=authenticated

Upvotes: 0

Views: 712

Answers (1)

Sergey Beryozkin
Sergey Beryozkin

Reputation: 863

Quarkus can support several authentication mechanisms at the same time - but at the moment it can not apply only one mechanism for a specific request path. Please watch https://github.com/quarkusio/quarkus/issues/11886 thanks

Upvotes: 2

Related Questions