<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css" style="display:none;"><!-- P {margin-top:0;margin-bottom:0;} --></style>
</head>
<body dir="ltr">
<div id="divtagdefaultwrapper" style="font-size:12pt;color:#000000;font-family:Calibri,Arial,Helvetica,sans-serif;">
<p>Hello, </p>
<p><br>
</p>
<p>I am using a java servlet with keycloak filters, so no security constraints can be applied. I would like to know how can I block some HttpMethods for users of a certain role. I created roles in keycloak, I tried to define the auth-constraints within the
security-constraints but it always returns error 403 Unauthorized. </p>
<p>If I remove the auth constraint and security roles I am able to access the method. It seems that it is not recognizing keycloak roles or not mapping them between the servlet and keycloak.</p>
<p>I am blocking the method as shown below in the class:</p>
<p><br>
</p>
<p></p>
<pre class="lang-java prettyprint prettyprinted" style="margin-top: 0px; margin-bottom: 1em; padding: 5px; border: 0px; font-size: 13px; width: auto; max-height: 600px; overflow: auto; font-family: Consolas, Menlo, Monaco, "Lucida Console", "Liberation Mono", "DejaVu Sans Mono", "Bitstream Vera Sans Mono", "Courier New", monospace, sans-serif; background-color: rgb(239, 240, 241); color: rgb(57, 51, 24); word-wrap: normal;"><code style="margin: 0px; padding: 0px; border: 0px; font-family: Consolas, Menlo, Monaco, "Lucida Console", "Liberation Mono", "DejaVu Sans Mono", "Bitstream Vera Sans Mono", "Courier New", monospace, sans-serif; white-space: inherit;"><span class="lit" style="margin: 0px; padding: 0px; border: 0px; color: rgb(125, 39, 39);">@GET</span><span class="pln" style="margin: 0px; padding: 0px; border: 0px; color: rgb(48, 51, 54);">
</span><span class="lit" style="margin: 0px; padding: 0px; border: 0px; color: rgb(125, 39, 39);">@Path</span><span class="pun" style="margin: 0px; padding: 0px; border: 0px; color: rgb(48, 51, 54);">(</span><span class="str" style="margin: 0px; padding: 0px; border: 0px; color: rgb(125, 39, 39);">"/get"</span><span class="pun" style="margin: 0px; padding: 0px; border: 0px; color: rgb(48, 51, 54);">)</span><span class="pln" style="margin: 0px; padding: 0px; border: 0px; color: rgb(48, 51, 54);">
</span><span class="lit" style="margin: 0px; padding: 0px; border: 0px; color: rgb(125, 39, 39);">@RolesAllowed</span><span class="pun" style="margin: 0px; padding: 0px; border: 0px; color: rgb(48, 51, 54);">(</span><span class="str" style="margin: 0px; padding: 0px; border: 0px; color: rgb(125, 39, 39);">"admin"</span><span class="pun" style="margin: 0px; padding: 0px; border: 0px; color: rgb(48, 51, 54);">)</span><span class="pln" style="margin: 0px; padding: 0px; border: 0px; color: rgb(48, 51, 54);">
</span><span class="lit" style="margin: 0px; padding: 0px; border: 0px; color: rgb(125, 39, 39);">@Produces</span><span class="pun" style="margin: 0px; padding: 0px; border: 0px; color: rgb(48, 51, 54);">(</span><span class="typ" style="margin: 0px; padding: 0px; border: 0px; color: rgb(43, 145, 175);">MediaType</span><span class="pun" style="margin: 0px; padding: 0px; border: 0px; color: rgb(48, 51, 54);">.</span><span class="pln" style="margin: 0px; padding: 0px; border: 0px; color: rgb(48, 51, 54);">TEXT_PLAIN</span><span class="pun" style="margin: 0px; padding: 0px; border: 0px; color: rgb(48, 51, 54);">)</span><span class="pln" style="margin: 0px; padding: 0px; border: 0px; color: rgb(48, 51, 54);">
</span><span class="kwd" style="margin: 0px; padding: 0px; border: 0px; color: rgb(16, 16, 148);">public</span><span class="pln" style="margin: 0px; padding: 0px; border: 0px; color: rgb(48, 51, 54);"> </span><span class="typ" style="margin: 0px; padding: 0px; border: 0px; color: rgb(43, 145, 175);">String</span><span class="pln" style="margin: 0px; padding: 0px; border: 0px; color: rgb(48, 51, 54);"> delU</span><span class="pun" style="margin: 0px; padding: 0px; border: 0px; color: rgb(48, 51, 54);">(</span><span class="lit" style="margin: 0px; padding: 0px; border: 0px; color: rgb(125, 39, 39);">@HeaderParam</span><span class="pun" style="margin: 0px; padding: 0px; border: 0px; color: rgb(48, 51, 54);">(</span><span class="str" style="margin: 0px; padding: 0px; border: 0px; color: rgb(125, 39, 39);">"user_id"</span><span class="pun" style="margin: 0px; padding: 0px; border: 0px; color: rgb(48, 51, 54);">))</span><span class="pln" style="margin: 0px; padding: 0px; border: 0px; color: rgb(48, 51, 54);"> </span><span class="pun" style="margin: 0px; padding: 0px; border: 0px; color: rgb(48, 51, 54);">{</span><span class="pln" style="margin: 0px; padding: 0px; border: 0px; color: rgb(48, 51, 54);">
</span><span class="pun" style="margin: 0px; padding: 0px; border: 0px; color: rgb(48, 51, 54);">...</span><span class="pln" style="margin: 0px; padding: 0px; border: 0px; color: rgb(48, 51, 54);">
</span><span class="pun" style="margin: 0px; padding: 0px; border: 0px; color: rgb(48, 51, 54);">}</span></code></pre>
<p></p>
<p><br>
</p>
<p>And I have the filters like the link below in the web.xml:</p>
<p><a href="https://keycloak.gitbooks.io/securing-client-applications-guide/content/v/2.2/topics/oidc/java/servlet-filter-adapter.html" class="OWAAutoLink" id="LPlnk405876" previewremoved="true">https://keycloak.gitbooks.io/securing-client-applications-guide/content/v/2.2/topics/oidc/java/servlet-filter-adapter.html</a><br>
</p>
<p><br>
</p>
<p>Best Regards</p>
</div>
</body>
</html>