How do I access the authenticated user in my business logic?

Upon successful authentication, a JudoPrincipal object containing the username, realm, and attributes is made available via the standard CXF SecurityContext.

What identity providers does this skill support?

The skill is optimized for Keycloak but supports any identity provider compatible with standard OAuth2 and OpenID Connect (OIDC) protocols.

Can I use this for multi-tenant applications?

Yes, the RealmExtractor component identifies the correct security realm and actor type from the HTTP request path, supporting complex multi-tenant architectures.

How does JUDO handle user synchronization?

It uses the UserManagedWrappedDao to automatically sync create, update, and delete operations from the application database to the identity provider's admin API.

JUDO Security Authentication Flow

Name: JUDO Security Authentication Flow
Author: BlackBeltTechnology

byBlackBeltTechnology

보안 및 테스팅

Implements and manages comprehensive OAuth2 and OpenID Connect authentication pipelines within the JUDO Runtime Core.

소개

This skill provides a detailed framework for managing the complete authentication lifecycle in JUDO-based applications. It enables developers to integrate seamlessly with identity providers like Keycloak, handling complex tasks such as JWT validation, claims extraction, and multi-tenant realm management. By providing standardized patterns for actor-based access control and automated user synchronization through DAOs, it ensures that security is consistently applied across the service layer while simplifying the debugging of authentication headers and token signatures.

주요 기능

Automated JWT token validation and secure claims mapping
Bi-directional user synchronization between application DAOs and Keycloak
Standardized OAuth2 and OpenID Connect (OIDC) integration patterns
Multi-tenant and multi-realm support via dynamic RealmExtractor
Pre-configured Guice modules for Keycloak and CXF interceptor management
0 GitHub stars

사용 사례

Integrating Keycloak as a centralized identity provider for enterprise applications
Debugging complex JWT validation issues and clock skew errors
Implementing actor-based security contexts for fine-grained access control

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add blackbelttechnology/judo-runtime-core authentication-flow

For use in Claude.ai and ChatGPT

Download Skill

GitHub

소개