<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; color: rgb(0, 0, 0); font-size: 16px; font-family: Calibri, sans-serif; ">
<div>
<div>
<div>Hi everyone,</div>
<div><br>
</div>
<div>This problem might stop me from using Keycloak, it's been a week since i'm trying to find a way to make it work but I couldn't find any.</div>
<div>If it's a container issue, is there another way to make it work?</div>
<div><br>
</div>
<div>What can I do to access information from the current logged in user at a page that is not secured at the security-contraints at web.xml?</div>
<div>The code below returns null at pages that is not secured, even when the user is logged in.</div>
<div>If the application is deployed to Wildfly it works, but it doesn't work at Jboss EAP and Apache Tomcat.</div>
<div><br>
</div>
<div>(KeycloakPrincipal) req.getUserPrincipal()</div>
<div>Or</div>
<div>(KeycloakSecurityContext) req.getAttribute(KeycloakSecurityContext.class.getName())</div>
<div><br>
</div>
<div><br>
</div>
<div>All of our applications is deployed to Jboss EAP and Apache Tomcat.</div>
</div>
<div><br>
</div>
<div><br>
</div>
<div>
<div>
<div>-- </div>
<div>Leonardo</div>
</div>
</div>
</div>
<div><br>
</div>
<div><br>
</div>
<span id="OLK_SRC_BODY_SECTION">
<div style="font-family:Calibri; font-size:11pt; text-align:left; color:black; BORDER-BOTTOM: medium none; BORDER-LEFT: medium none; PADDING-BOTTOM: 0in; PADDING-LEFT: 0in; PADDING-RIGHT: 0in; BORDER-TOP: #b5c4df 1pt solid; BORDER-RIGHT: medium none; PADDING-TOP: 3pt">
<span style="font-weight:bold">From: </span>Stian Thorgersen <<a href="mailto:sthorger@redhat.com">sthorger@redhat.com</a>><br>
<span style="font-weight:bold">Reply-To: </span>"<a href="mailto:stian@redhat.com">stian@redhat.com</a>" <<a href="mailto:stian@redhat.com">stian@redhat.com</a>><br>
<span style="font-weight:bold">Date: </span>quinta-feira, 18 de fevereiro de 2016 11:12<br>
<span style="font-weight:bold">To: </span>Leonardo Nunes <<a href="mailto:leo.nunes@gjccorp.com.br">leo.nunes@gjccorp.com.br</a>><br>
<span style="font-weight:bold">Cc: </span>"<a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a>" <<a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a>><br>
<span style="font-weight:bold">Subject: </span>Re: KeycloakSecurityContext returns NULL using Tomcat Adapter<br>
</div>
<div><br>
</div>
<div>
<div>
<div dir="ltr">This is down to the fact that there are differences between different containers. In reality you can only guarantee that KeycloakSecurityContext as long as the request requires authentication. Add a security-constraint for movies and you're fine.</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On 18 February 2016 at 12:50, LEONARDO NUNES <span dir="ltr">
<<a href="mailto:leo.nunes@gjccorp.com.br" target="_blank">leo.nunes@gjccorp.com.br</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div style="word-wrap:break-word;color:rgb(0,0,0);font-size:16px;font-family:Calibri,sans-serif">
<div>
<div>Stian,</div>
<div><br>
</div>
<div>I have an application deployed on Tomcat 7 using the Tomcat Adapter.</div>
<div>When i'm logged in and I go to a non-secured URL, KeycloakSecurityContext returns null.</div>
<div>I deployed the same application to the Keycloak Standalone Server, there I don't have this problem.</div>
<div><br>
</div>
<div>At Tomcat the code below returns null when called from /movies/, and works when called from /article/</div>
<div>At Keycloak Standalone Server /movies/ and /article/ works fine.</div>
<div>(KeycloakSecurityContext) request.getAttribute(KeycloakSecurityContext.class.getName());</div>
<div><br>
</div>
<div>Why is this happening?</div>
<div><br>
</div>
<div>In my web.xml I have only one security-constraint securing /article/*</div>
<div><br>
</div>
<div>WEB.XML:</div>
<div><security-constraint></div>
<div> <web-resource-collection></div>
<div> <web-resource-name>Articles</web-resource-name></div>
<div> <url-pattern>/article/*</url-pattern></div>
<div> </web-resource-collection></div>
<div> <auth-constraint></div>
<div> <role-name>user</role-name></div>
<div> </auth-constraint></div>
<div></security-constraint></div>
<span class="HOEnZb"><font color="#888888"></font></span></div>
<span class="HOEnZb"><font color="#888888">
<div><br>
</div>
<div><br>
</div>
<div>
<div>
<div>-- </div>
<div>Leonardo Nunes</div>
</div>
</div>
<hr style="min-height:1px;color:#c4c4c4">
<div style="font-family:Arial;color:#848484;font-size:11px"><i>Esta mensagem pode conter informação confidencial e/ou privilegiada. Se você não for o destinatário ou a pessoa autorizada a receber esta mensagem, não poderá usar, copiar ou divulgar as informações
nela contidas ou tomar qualquer ação baseada nessas informações. Se você recebeu esta mensagem por engano, por favor avise imediatamente o remetente, respondendo o e-mail e em seguida apague-o. Agradecemos sua cooperação.
<br>
<br>
This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose or take any action based on this message or any information herein. If you have
received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation<i></i></i></div>
</font></span></div>
</blockquote>
</div>
<br>
</div>
</div>
</div>
</span>
</body>
</html>