Re: [keycloak-user] KeycloakSecurityContext returns NULL using Tomcat Adapter

Hi Stian, thanks for your replay. The problem is that /movies is a page that doesn't require the user to be logged in. But when he is logged in and goes to /movies, I need retrieve user information. If I add a security-constraint for movies the user will be redirected to the login page, and this can't happen. Is there another way I can do this? From: Stian Thorgersen <sthorger(a)redhat.com <mailto:sthorger@redhat.com>> Reply-To: &quot;stian(a)redhat.com <mailto:stian@redhat.com>" <stian(a)redhat.com <mailto:stian@redhat.com>> Date: quinta-feira, 18 de fevereiro de 2016 11:12 To: Leonardo Nunes <leo.nunes(a)gjccorp.com.br <mailto:leo.nunes@gjccorp.com.br>> Cc: &quot;keycloak-user(a)lists.jboss.org <mailto:keycloak-user@lists.jboss.org>" <keycloak-user(a)lists.jboss.org <mailto:keycloak-user@lists.jboss.org>> Subject: Re: KeycloakSecurityContext returns NULL using Tomcat Adapter This is down to the fact that there are differences between different containers. In reality you can only guarantee that KeycloakSecurityContext as long as the request requires authentication. Add a security-constraint for movies and you're fine. On 18 February 2016 at 12:50, LEONARDO NUNES <leo.nunes(a)gjccorp.com.br <mailto:leo.nunes@gjccorp.com.br>> wrote: Stian, I have an application deployed on Tomcat 7 using the Tomcat Adapter. When i'm logged in and I go to a non-secured URL, KeycloakSecurityContext returns null. I deployed the same application to the Keycloak Standalone Server, there I don't have this problem. At Tomcat the code below returns null when called from /movies/, and works when called from /article/ At Keycloak Standalone Server /movies/ and /article/ works fine. (KeycloakSecurityContext) request.getAttribute(KeycloakSecurityContext.class.getName()); Why is this happening? In my web.xml I have only one security-constraint securing /article/* WEB.XML: <security-constraint> <web-resource-collection> <web-resource-name>Articles</web-resource-name> <url-pattern>/article/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>user</role-name> </auth-constraint> </security-constraint> -- Leonardo Nunes ------------------------------------------------------------------------ /Esta mensagem pode conter informação confidencial e/ou privilegiada. Se você não for o destinatário ou a pessoa autorizada a receber esta mensagem, não poderá usar, copiar ou divulgar as informações nela contidas ou tomar qualquer ação baseada nessas informações. Se você recebeu esta mensagem por engano, por favor avise imediatamente o remetente, respondendo o e-mail e em seguida apague-o. Agradecemos sua cooperação. This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation/ _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user