[keycloak-user] req.getUserPrincipal() returns NULL before navigating to a restricted url (after login)
Bill Burke
bburke at redhat.com
Fri Apr 1 13:54:05 EDT 2016
Actually, I don't think I can fix this on all platforms. I suggest that
your login button redirects to a secure area on your website as a
workaround. The redirect can just a a jsp that redirects back to the
unsecured page.
On 4/1/2016 1:49 PM, Bill Burke wrote:
> Also, how does your login button work? Are you calling
> HttpServletRequest.authenticate()?
>
> On 4/1/2016 1:45 PM, Bill Burke wrote:
>> Which adapter are you using? I'll log a jira after I know this
>> information.
>>
>> On 3/31/2016 5:01 PM, LEONARDO NUNES wrote:
>>> Hi everyone,
>>>
>>> I have a page1 that it's access is not restricted, at the page1 I
>>> have a Login button that directs to Keycloak and the redirect_uri is
>>> the page1.
>>> After I login and get redirect to page1, I try to access the logged
>>> in user information with req.getUserPrincipal() but this method
>>> returns NULL at this moment.
>>> If I navigate to a page that it's url is restricted and then return
>>> to the non-restricted page, then req.getUserPrincipal() returns the
>>> user object.
>>>
>>> I noticed that I have to go to a restricted page before being able
>>> to access the user information at a non-restricted page.
>>>
>>> The ticket below solved the problem of not accessing the user
>>> information at a non-restricted page, but still have this case when
>>> the user logged in at non-restricted page.
>>> https://issues.jboss.org/browse/KEYCLOAK-2518
>>>
>>>
>>>
>>> --
>>> Leonardo
>>> ------------------------------------------------------------------------
>>> /Esta mensagem pode conter informação confidencial e/ou
>>> privilegiada. Se você não for o destinatário ou a pessoa autorizada
>>> a receber esta mensagem, não poderá usar, copiar ou divulgar as
>>> informações nela contidas ou tomar qualquer ação baseada nessas
>>> informações. Se você recebeu esta mensagem por engano, por favor
>>> avise imediatamente o remetente, respondendo o e-mail e em seguida
>>> apague-o. Agradecemos sua cooperação.
>>>
>>> This message may contain confidential and/or privileged information.
>>> If you are not the addressee or authorized to receive this for the
>>> addressee, you must not use, copy, disclose or take any action based
>>> on this message or any information herein. If you have received this
>>> message in error, please advise the sender immediately by reply
>>> e-mail and delete this message. Thank you for your cooperation/
>>> ////
>>>
>>>
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>> --
>> Bill Burke
>> JBoss, a division of Red Hat
>> http://bill.burkecentral.com
>>
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160401/d12831c9/attachment-0001.html
More information about the keycloak-user
mailing list