Integrating Keycloak with a IT HIT webdav server + web client

Dear fellow Keycloak users and developers,

We need to integrate Keycloak authentication in an existing application, consisting of:

  • a Java/Spring backend (“rest” api), implementing the WebDAV protocol through some proprietary library (IT HIT Webdav)
  • a Javascript frontend app (proprietary, companion of the above library, and hardly customizable).

The frontend app documentation says it supports the following authentication schemas: Basic, Digest, Kerberos or Integrated Windows Authentication. The APIs in fact won’t allow setting a custom header for this purpose.

Is it possible to achieve this integration? Is it possible to handle the JWT token on the backend side? We have seen that the OAuth flow named “Authorization Code” should be what we’re looking for, and it’s recommended for frontend applications, in order to keep the token itself in a safe communication channel: just send the Authorization Code to the backend, and it will initiatate with you an authenticated session (JSESSION_ID cookie in our case).

However, we couldn’t find any example of such implementation. The Keycloak JS adapter itself handles everything (including token refresh) on the frontend side, and we couldn’t find a way to change this configuration.

Can you help us?
Thank you.