Re: [keycloak-dev] Access original session

From: "Christian Beikov" <christian.beikov(a)gmail.com&gt; To: "Stian Thorgersen" <stian(a)redhat.com&gt; Cc: keycloak-dev(a)lists.jboss.org Sent: Tuesday, 30 December, 2014 1:45:13 PM Subject: Re: [keycloak-dev] Access original session Seems like my question wasn't clear enough. I have the following config in my web.xml <security-constraint> <web-resource-collection> <web-resource-name>Protected</web-resource-name> <url-pattern>/protected/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>user</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>KEYCLOAK</auth-method> <realm-name>portfolio-webapp</realm-name> </login-config> <security-role> <role-name>user</role-name> </security-role> Now when I navigate to e.g. "/protected/index.xhtml" I get redirected to the Keycloak login. Unfortunately, the cookie which is set by the Keycloak adapters after a succesful login, has the path "/protected" set. When I navigate to "/whatever.xhtml" I obviously have no access to the cookie since the browser doesn't send it. How am I supposed to access the logged in user outside of the protected area? The session cookie (assuming you're talking about JSESSIONID) should be set to the context-path of your WAR not a specific protected resource. Unfortunately I am experiencing that it is set to a different path.

Is your protected resources in the same WAR as the unprotected resources? Yes, it's all in the same WAR. Mit freundlichen Grüßen, ------------------------------------------------------------------------ *Christian Beikov* Am 30.12.2014 um 13:38 schrieb Stian Thorgersen: > The session cookie (assuming you're talking about JSESSIONID) should be set > to the context-path of your WAR not a specific protected resource. Is your > protected resources in the same WAR as the unprotected resources? > > ----- Original Message ----- >> From: "Christian Beikov" <christian.beikov(a)gmail.com&gt; >> To: keycloak-dev(a)lists.jboss.org >> Sent: Sunday, 28 December, 2014 11:01:54 AM >> Subject: [keycloak-dev] Access original session >> >> Hello there!" >> >> I have an application that has protected resources on the pattern >> "/protected/*" and I receive a session cookie for the path "/protected", >> which makes sense. Now my problem is, that I want the path of the cookie >> to >> be "/" so I can access the user information even outside of the protected >> resources. >> Since I think this might introduce some problems, the only other way to >> realize that I could think of is, to get access to the underlying servlet >> session. Not only would that session have to be created properly, which I >> am >> not sure is happening when browsing in the protected resources, I would >> also >> need to access it on the server, so that I can save the currently logged >> in >> user into it. >> >> Is there a possibility to access the servlet session within the Keycloak >> context? If so, could you please share some code or point me to an API? >> -- >> >> Mit freundlichen Grüßen, >> >> Christian Beikov >> >> _______________________________________________ >> keycloak-dev mailing list >> keycloak-dev(a)lists.jboss.org >> https://lists.jboss.org/mailman/listinfo/keycloak-dev