How do I access the authenticated user in my business logic?

Upon successful authentication, a JudoPrincipal object containing the username, realm, and attributes is made available via the standard CXF SecurityContext.

What identity providers does this skill support?

The skill is optimized for Keycloak but supports any identity provider compatible with standard OAuth2 and OpenID Connect (OIDC) protocols.

Can I use this for multi-tenant applications?

Yes, the RealmExtractor component identifies the correct security realm and actor type from the HTTP request path, supporting complex multi-tenant architectures.

How does JUDO handle user synchronization?

It uses the UserManagedWrappedDao to automatically sync create, update, and delete operations from the application database to the identity provider's admin API.

JUDO Security Authentication Flow

Name: JUDO Security Authentication Flow
Author: BlackBeltTechnology

byBlackBeltTechnology

0•

Security & Testing

Implements and manages comprehensive OAuth2 and OpenID Connect authentication pipelines within the JUDO Runtime Core.

This skill provides a detailed framework for managing the complete authentication lifecycle in JUDO-based applications. It enables developers to integrate seamlessly with identity providers like Keycloak, handling complex tasks such as JWT validation, claims extraction, and multi-tenant realm management. By providing standardized patterns for actor-based access control and automated user synchronization through DAOs, it ensures that security is consistently applied across the service layer while simplifying the debugging of authentication headers and token signatures.

Key Features

01Automated JWT token validation and secure claims mapping

02Bi-directional user synchronization between application DAOs and Keycloak

03Standardized OAuth2 and OpenID Connect (OIDC) integration patterns

04Multi-tenant and multi-realm support via dynamic RealmExtractor

05Pre-configured Guice modules for Keycloak and CXF interceptor management

060 GitHub stars

Use Cases

01Integrating Keycloak as a centralized identity provider for enterprise applications

02Debugging complex JWT validation issues and clock skew errors

03Implementing actor-based security contexts for fine-grained access control

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add blackbelttechnology/judo-runtime-core authentication-flow

For use in Claude.ai and ChatGPT

Download Skill