[keycloak-dev] Possible bug in Tomcat8 adapter
Marc Savy
marc.savy at redhat.com
Thu May 19 14:07:05 EDT 2016
Hi All,
I've been setting up apiman's quickstart tomcat8 distro with Keycloak
(rather than using the inbuilt auth).
I've managed to get everything working swimmingly, with one strange issue:
HttpServletRequest#getRemoteUser()
- On WildFly, this code[1] returns the preferred_username (e.g.
admin). Expected behaviour.
- On Tomcat8 it return the subject[2] (e.g.
5291684c-225a-4b3d-8795-15486feaf2ae)
I think the problem might stem from where the principal is being built:
https://github.com/keycloak/keycloak/blob/master/adapters/spi/tomcat-adapter-spi/src/main/java/org/keycloak/adapters/tomcat/GenericPrincipalFactory.java#L39
Are we misusing #getRemoteUser, or is there an error in the adapter?
Regards,
Marc
[1] https://github.com/apiman/apiman/blob/master/manager/ui/war/src/main/java/io/apiman/manager/ui/server/servlets/ConfigurationServlet.java#L105
[2] 'id' in UI
More information about the keycloak-dev
mailing list