<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Log a jira. I'll look into fixing it in the next few weeks.<br>
<br>
<div class="moz-cite-prefix">On 2/18/2016 8:22 AM, LEONARDO NUNES
wrote:<br>
</div>
<blockquote cite="mid:D2EB5868.26884%25leo.nunes@ojc.com.br"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<div>
<div>Hi Stian, thanks for your replay.</div>
<div><br>
</div>
<div>The problem is that /movies is a page that doesn't require
the user to be logged in.</div>
<div>But when he is logged in and goes to /movies, I need
retrieve user information.</div>
<div>If I add a security-constraint for movies the user will be
redirected to the login page, and this can't happen.</div>
<div><br>
</div>
<div>Is there another way I can do this?</div>
<div><br>
</div>
<div><br>
</div>
</div>
<div><br>
</div>
<div><br>
</div>
<span id="OLK_SRC_BODY_SECTION">
<div style="font-family:Calibri; font-size:11pt;
text-align:left; color:black; BORDER-BOTTOM: medium none;
BORDER-LEFT: medium none; PADDING-BOTTOM: 0in; PADDING-LEFT:
0in; PADDING-RIGHT: 0in; BORDER-TOP: #b5c4df 1pt solid;
BORDER-RIGHT: medium none; PADDING-TOP: 3pt">
<span style="font-weight:bold">From: </span>Stian Thorgersen
<<a moz-do-not-send="true"
href="mailto:sthorger@redhat.com">sthorger@redhat.com</a>><br>
<span style="font-weight:bold">Reply-To: </span>"<a
moz-do-not-send="true" href="mailto:stian@redhat.com"><a class="moz-txt-link-abbreviated" href="mailto:stian@redhat.com">stian@redhat.com</a></a>"
<<a moz-do-not-send="true" href="mailto:stian@redhat.com">stian@redhat.com</a>><br>
<span style="font-weight:bold">Date: </span>quinta-feira, 18
de fevereiro de 2016 11:12<br>
<span style="font-weight:bold">To: </span>Leonardo Nunes <<a
moz-do-not-send="true"
href="mailto:leo.nunes@gjccorp.com.br"><a class="moz-txt-link-abbreviated" href="mailto:leo.nunes@gjccorp.com.br">leo.nunes@gjccorp.com.br</a></a>><br>
<span style="font-weight:bold">Cc: </span>"<a
moz-do-not-send="true"
href="mailto:keycloak-user@lists.jboss.org"><a class="moz-txt-link-abbreviated" href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a></a>"
<<a moz-do-not-send="true"
href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a>><br>
<span style="font-weight:bold">Subject: </span>Re:
KeycloakSecurityContext returns NULL using Tomcat Adapter<br>
</div>
<div><br>
</div>
<div>
<div>
<div dir="ltr">This is down to the fact that there are
differences between different containers. In reality you
can only guarantee that KeycloakSecurityContext as long as
the request requires authentication. Add a
security-constraint for movies and you're fine.</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On 18 February 2016 at 12:50,
LEONARDO NUNES <span dir="ltr">
<<a moz-do-not-send="true"
href="mailto:leo.nunes@gjccorp.com.br"
target="_blank">leo.nunes@gjccorp.com.br</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div
style="word-wrap:break-word;color:rgb(0,0,0);font-size:16px;font-family:Calibri,sans-serif">
<div>
<div>Stian,</div>
<div><br>
</div>
<div>I have an application deployed on Tomcat 7
using the Tomcat Adapter.</div>
<div>When i'm logged in and I go to a non-secured
URL, KeycloakSecurityContext returns null.</div>
<div>I deployed the same application to the
Keycloak Standalone Server, there I don't have
this problem.</div>
<div><br>
</div>
<div>At Tomcat the code below returns null when
called from /movies/, and works when called from
/article/</div>
<div>At Keycloak Standalone Server /movies/ and
/article/ works fine.</div>
<div>(KeycloakSecurityContext)
request.getAttribute(KeycloakSecurityContext.class.getName());</div>
<div><br>
</div>
<div>Why is this happening?</div>
<div><br>
</div>
<div>In my web.xml I have only one
security-constraint securing /article/*</div>
<div><br>
</div>
<div>WEB.XML:</div>
<div><security-constraint></div>
<div> <web-resource-collection></div>
<div>
<web-resource-name>Articles</web-resource-name></div>
<div>
<url-pattern>/article/*</url-pattern></div>
<div> </web-resource-collection></div>
<div> <auth-constraint></div>
<div>
<role-name>user</role-name></div>
<div> </auth-constraint></div>
<div></security-constraint></div>
<span class="HOEnZb"></span></div>
<span class="HOEnZb"><font color="#888888">
<div><br>
</div>
<div><br>
</div>
<div>
<div>
<div>-- </div>
<div>Leonardo Nunes</div>
</div>
</div>
<hr style="min-height:1px;color:#c4c4c4">
<div
style="font-family:Arial;color:#848484;font-size:11px"><i>Esta
mensagem pode conter informação confidencial
e/ou privilegiada. Se você não for o
destinatário ou a pessoa autorizada a
receber esta mensagem, não poderá usar,
copiar ou divulgar as informações nela
contidas ou tomar qualquer ação baseada
nessas informações. Se você recebeu esta
mensagem por engano, por favor avise
imediatamente o remetente, respondendo o
e-mail e em seguida apague-o. Agradecemos
sua cooperação.
<br>
<br>
This message may contain confidential and/or
privileged information. If you are not the
addressee or authorized to receive this for
the addressee, you must not use, copy,
disclose or take any action based on this
message or any information herein. If you
have received this message in error, please
advise the sender immediately by reply
e-mail and delete this message. Thank you
for your cooperation</i></div>
</font></span></div>
</blockquote>
</div>
<br>
</div>
</div>
</div>
</span>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
keycloak-user mailing list
<a class="moz-txt-link-abbreviated" href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a>
<a class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/keycloak-user">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Bill Burke
JBoss, a division of Red Hat
<a class="moz-txt-link-freetext" href="http://bill.burkecentral.com">http://bill.burkecentral.com</a></pre>
</body>
</html>