[keycloak-user] TOMCAT exclude protection for endpoint

[Stian Thorgersen]

If you have a javascript applicaiton why are you not using the javascript
adapter?

On 4 December 2015 at 15:15, Christopher Wallace <cjwallac at gmail.com> wrote:

> We are using Apache TOMCAT v. 8.0.18. We have a Javascript application
> that we would like to configure web.xml using KEYCLOAK to protect all root
> URI's '/' except '/tracking'. Is there a way to exclude '/tracking' from
> being protected either in the KEYCLOAK admin console or in the WEB.XML
> itself. Some additional information is for the tracking URL we will use
> both HTTP and WEBSOCKETS protocols. Our current approach was to
> specifically protect all URI except for '/tracking' but that doesn't seem
> to be working as a solution.
>
> We have attached our example WEB.XML attempting to specifically protect
> URLs:
>
> <?xml version="1.0" encoding="UTF-8"?>
> <web-app xmlns="http://java.sun.com/xml/ns/javaee"
>          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>          xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
> http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
>          version="3.0">
>     <module-name>ROOT</module-name>
>     <security-constraint>
>         <web-resource-collection>
>             <web-resource-name>APP</web-resource-name>
>             <url-pattern>/app/*</url-pattern>
>         </web-resource-collection>
>         <!--API-->
>         <web-resource-collection>
>             <web-resource-name>API</web-resource-name>
>             <url-pattern>/api/*</url-pattern>
>         </web-resource-collection>
>         <!--HTML-->
>         <web-resource-collection>
>             <web-resource-name>HTML</web-resource-name>
>             <url-pattern>*.html</url-pattern>
>         </web-resource-collection>
> <auth-constraint>
>             <role-name>user</role-name>
>         </auth-constraint>
>     </security-constraint>
>  <login-config>
>         <auth-method>KEYCLOAK</auth-method>
>         <realm-name>worktrac</realm-name>
>     </login-config>
>     <security-role>
>         <role-name>user</role-name>
>     </security-role>
> </web-app>
>
> We appreciate your feedback and thoughts on a solution.
> - Chris
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20151207/37ba70c5/attachment.html