Re: [keycloak-dev] Possible bug in Tomcat8 adapter
By default it returns the UUID for the user. So in Tomcat you are seeing
the default behavior, while on WildFly you are seeing the behavior if
principal-attribute is set to principal-attribute in keycloak.json. See
http://keycloak.github.io/docs/userguide/keycloak-server/html/ch08.html#a...
On 19 May 2016 at 20:07, Marc Savy <marc.savy(a)redhat.com> wrote:
Hi All,
I've been setting up apiman's quickstart tomcat8 distro with Keycloak
(rather than using the inbuilt auth).
I've managed to get everything working swimmingly, with one strange issue:
HttpServletRequest#getRemoteUser()
- On WildFly, this code[1] returns the preferred_username (e.g.
admin). Expected behaviour.
- On Tomcat8 it return the subject[2] (e.g.
5291684c-225a-4b3d-8795-15486feaf2ae)
I think the problem might stem from where the principal is being built:
https://github.com/keycloak/keycloak/blob/master/adapters/spi/tomcat-adap...
Are we misusing #getRemoteUser, or is there an error in the adapter?
Regards,
Marc
[1]
https://github.com/apiman/apiman/blob/master/manager/ui/war/src/main/java...
[2] 'id' in UI
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev
Attachments:
- attachment.html (text/html — 2.4 KB)