I need some help from community!
My old applications are running on Jboss 5 and 6, using Java with Hibernate and Struts or Seam. The application running on Jboss 6 are SPs of the IDP that is running on Jboss 5. The users and roles are inside a database and with a specific query, the roles are returned and a SAML response is sent from IDP to SPs.
Everything is done with JAAS and Picketlink 2.5.
We want to move to Keycloak 3 and in fact I was able to replace everything inside the application, but since the applications are huge, I do not have time to do all together mainly due to needed regression testing time.
New applications come in React, protected with Keycloak and JWT.
So, imagine the scenario where I am logged with picketlink and SAML and want to access an new React application. Since react application is protected with Keycloak server, it will push the user into Keycloak login server page.
How can I avoid it? I was planning to make some code on server side ti authenticate into Keycloak server (with an authentication endpoint is available) and get the tokens from response and send it back to the client, before client gets the react app in fact.