6:45 a.m.
Seems like my question wasn't clear enough.
I have the following config in my web.xml
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected</web-resource-name>
<url-pattern>/protected/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>user</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>KEYCLOAK</auth-method>
<realm-name>portfolio-webapp</realm-name>
</login-config>
<security-role>
<role-name>user</role-name>
</security-role>
Now when I navigate to e.g. "/protected/index.xhtml" I get redirected to
the Keycloak login. Unfortunately, the cookie which is set by the
Keycloak adapters after a succesful login, has the path "/protected"
set. When I navigate to "/whatever.xhtml" I obviously have no access to
the cookie since the browser doesn't send it.
How am I supposed to access the logged in user outside of the protected
area?
The session cookie (assuming you're talking about JSESSIONID) should be set to the
context-path of your WAR not a specific protected resource.
Unfortunately I am experiencing that it is set to a different path.
Is your protected resources in the same WAR as the unprotected resources?
Yes, it's all in the same WAR.
Mit freundlichen Grüßen,
------------------------------------------------------------------------
*Christian Beikov*
Am 30.12.2014 um 13:38 schrieb Stian Thorgersen:
The session cookie (assuming you're talking about JSESSIONID)
should be set to the context-path of your WAR not a specific protected resource. Is your
protected resources in the same WAR as the unprotected resources?
----- Original Message -----
> From: "Christian Beikov" <christian.beikov(a)gmail.com>
> To: keycloak-dev(a)lists.jboss.org
> Sent: Sunday, 28 December, 2014 11:01:54 AM
> Subject: [keycloak-dev] Access original session
>
> Hello there!"
>
> I have an application that has protected resources on the pattern
> "/protected/*" and I receive a session cookie for the path
"/protected",
> which makes sense. Now my problem is, that I want the path of the cookie to
> be "/" so I can access the user information even outside of the protected
> resources.
> Since I think this might introduce some problems, the only other way to
> realize that I could think of is, to get access to the underlying servlet
> session. Not only would that session have to be created properly, which I am
> not sure is happening when browsing in the protected resources, I would also
> need to access it on the server, so that I can save the currently logged in
> user into it.
>
> Is there a possibility to access the servlet session within the Keycloak
> context? If so, could you please share some code or point me to an API?
> --
>
> Mit freundlichen Grüßen,
>
> Christian Beikov
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev