Howdy,
We have recently have implemented OIDC (Currently Keycloak) into our products and current I am working on geting this working with Orbeon, We are running orbeon version `2023.1.1.202403192132-PE`, We are deploying this on Wildfly 30, I am currently deploying Orbeon and using OIDC with the following setting in my `web.xml`
<login-config>
<auth-method>OIDC</auth-method>
</login-config>
This works fine when trying to access orbeon, I get redirected to my keycloak and a new security context is created and then I can access the orbeon resource.
The issue comes when I am trying to access our persistence api, with our oidc implementation we require that a Authorization Header (that contains our access-token) to be sent with any request to get the access token, I have a servlet that gives access to the token, however I am not sure how I can get this token into the rests to the call to our persistence api.
One thing I have tried is creating a Filter that will intercept any request and inject the access-token into the header, but it seems that the persistence call does not get captured by this filter.
<filter>
<filter-name>SSOFilter</filter-name>
<filter-class>au.com.infomedix.orbeon.filter.SSOFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>SSOFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
Any thoughts on any other way that I can insert my authorization header into this request?
Thanks,