keycloak-如何获取当前用户密码或存储加密数据?
[英]keycloak - how to get current user password or store encrypted data?
问题描述
The java ee application (deployed to wildfly) stores sensitive data like access keys, etc. for different users in a DB. 
java ee应用程序(部署为wildfly)为数据库中的不同用户存储敏感数据,如访问密钥等。 In order to decrypt these data - it needs a master password associated with the current user. 为了解密这些数据-它需要与当前用户关联的主密码。 A password entered when the user logs in to application is used for this. 用户登录应用程序时输入的密码用于此目的。
Now I'm considering a possibility of using keycloak to secure this application. 现在,我正在考虑使用密钥斗篷保护此应用程序的可能性。 But it looks like there's no way to obtain a password for a currently logged in user with keycloak (as it operates with tokens)? 但是,看起来没有办法为当前使用keycloak登录的用户获取密码(因为它使用令牌操作)? Asking user to enter the password again in the application is not an option. 不允许用户在应用程序中再次输入密码。
The question is - is it possible to configure keycloak to provide a constant (secret) value in a token for a current user which will not be stored unencrypted in the keycloak db? 问题是-是否可以配置keycloak为当前用户提供令牌中的常量(秘密)值,该值不会未经加密地存储在keycloak数据库中?
1 个解决方案
解决方案1
0 2016-04-11 05:13:58
It looks like it is possible to get hold of the password or the data derived from it using the custom Authenticator API. 看起来可以使用自定义的Authenticator API来获取密码或从密码获得的数据。 I am not 100% sure that it works but it seems to be a possible answer. 我不是100%确信它能起作用,但这似乎是一个可能的答案。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.