Can you describe your use case a bit more? I'm not 100% sure what you mean by "Shiro embedded into Jena into Keycloak"
If you just need to validate a JWT passed as a bearer token (i.e. an `Authorization` header with the `Bearer` prefix), you can do that. Here is an example I created for Okta (you would have to replace the JWT parsing logic to fit your own use case) https://github.com/oktadev/okta-shiro-plugin/blob/1f22f79d2fdb36551e98fc7afd946c43e018c777/core/src/main/java/com/okta/shiro/realm/OktaResourceServerRealm.java https://github.com/oktadev/okta-shiro-plugin/blob/1f22f79d2fdb36551e98fc7afd946c43e018c777/examples/jaxrs/src/main/resources/shiro.ini On Tue, Jan 17, 2023 at 11:46 AM Jonathan MERCIER <jonathan.mercier@microbiome.studio> wrote: > Dear community, > > We plan to use keycloak as IAM service for all our application and one of > our tools used (Apache Jena) manage authorization with apache shiro. > So I would like to know if one of below it is possible to : > 1. register apache Shiro embeded into Jena into Keycloak? in order to > forward autorization throuhgt a JWT containing encrypted role > 2. Detach Jena/shiro, in order to get 1 server for apache shiro (as IAM > service instead of keycloak) and 1 another server for Jena > and all our internal application would use apache shiro to validate an > user Identity/Authorization > > To me I would prefer the first one as it imply less devlopment > > Thanks for your help and your insight > > Best regards > > >
