Re: [keycloak-user] keycloak and spring security

On Aug 2, 2016, at 3:37 AM, Robert van Loenhout <r.vanloenhout(a)greenvalley.nl&gt; wrote: Thanks for the links Scott. Although I am not actually using spring boot with wicket at the moment. Still…. this might come in handy. From: Scott Rossillo [mailto:srossillo@smartling.com] Sent: 02 August 2016 00:07 To: Robert van Loenhout <r.vanloenhout(a)greenvalley.nl&gt; Cc: keycloak-user(a)lists.jboss.org Subject: Re: [keycloak-user] keycloak and spring security Seems the Spring Security filter chain isn’t being invoked on requests to the WicketServlet. Spring Boot is very opinionated about how it does things so I’m not entirely sure what the best approach is. However, I did find a boot starer for wicket[0] that provides some information on using Spring Security + Wicket[1]. [0]: https://github.com/MarcGiffing/wicket-spring-boot <https://github.com/MarcGiffing/wicket-spring-boot> [1]: https://github.com/MarcGiffing/wicket-spring-boot#extension-spring-security <https://github.com/MarcGiffing/wicket-spring-boot#extension-spring-securi... Scott Rossillo Smartling | Senior Software Engineer srossillo(a)smartling.com <mailto:srossillo@smartling.com> On Aug 1, 2016, at 10:09 AM, Robert van Loenhout <r.vanloenhout(a)greenvalley.nl <mailto:r.vanloenhout@greenvalley.nl>> wrote: I’m trying to create a test application using spring and wicket (without spring boot). I’m unable to trigger any authentication redirect. I have added a SecurityConfig class as specified by the manual, and it’s been picked up by Spring. For example my configure method is called @Override protected void configure(HttpSecurity http) throws Exception { super.configure(http); http.authorizeRequests().anyRequest().authenticated(); } However whatever page I call it is returned without taking any security into account. This is my web.xml <servlet> <servlet-name>wicket</servlet-name> <servlet-class>org.apache.wicket.protocol.http.WicketServlet</servlet-class> <init-param> <param-name>applicationFactoryClassName</param-name> <param-value>org.apache.wicket.spring.SpringWebApplicationFactory</param-value> </init-param> <init-param> <param-name>applicationBean</param-name> <param-value>wicketApplication</param-value> </init-param> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>wicket</servlet-name> <url-pattern>/*</url-pattern> </servlet-mapping> <context-param> <param-name>contextConfigLocation</param-name> <param-value>/WEB-INF/applicationContext.xml</param-value> </context-param> <listener> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> </listener> The applicationContext does a component-scan. Did I miss something that I need to add? _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org <mailto:keycloak-user@lists.jboss.org> https://lists.jboss.org/mailman/listinfo/keycloak-user <https://lists.jboss.org/mailman/listinfo/keycloak-user>