[keycloak-user] SAML2. Keycloak How to check if a user has been authenticated?
Luis Rodríguez Fernández
uo67113 at gmail.com
Mon Apr 30 13:26:41 EDT 2018
Hello there,
I am using the SAML Java Servlet Filter adapter [1] (4.0.0.CR1-SNAPSHOT) in
apache tomcat 9 [2]. Is there a way to know is the user has been
authenticated?
The thing is that the good and old HttpServletRequest.getUserPrincipal()
[3] returns the principal (SAMLPrincipal) when there is a
<security-constraint> declared for the url-pattern that matches the request.
The purpose of this is to implement the "anonymous navigation" in some of
our applications. Nowadays in some of our applications like this one
https://phonebook.cern.ch/phonebook we do something like this:
1. User can navigate through the application
2. Sign-in link redirect the user to /secure/sso triggering the redirection
to the IdP
3. The application makes use of the
weblogic.security.Security.getCurrentSubject()
[4] to check if the user has been logged in.
Any thoughts on this?
Thanks in advance,
Luis
[1]
https://www.keycloak.org/docs/latest/securing_apps/index.html#java-servlet-filter-adapter
[2] https://tomcat.apache.org/download-90.cgi
[3]
https://tomcat.apache.org/tomcat-9.0-doc/servletapi/javax/servlet/http/HttpServletRequest.html#getUserPrincipal--
[4]
https://docs.oracle.com/cd/E68505_01/wls/WLAPI/weblogic/security/Security.html#getCurrentSubject()
More information about the keycloak-user
mailing list