I'm using with Tomcat 8 Adapter and with Spring Boot Adapter.

On both i'm using Keycloak version 1.9.1.Final.

The Login button calls this URL:

http://localhost:8180/auth/realms/accounts/protocol/openid-connect/auth?client_id=accounts-teste&redirect_uri=http://localhost:8088/accounts-teste/&response_mode=fragment&response_type=code

The Register button calls this URL:

http://localhost:8180/auth/realms/accounts/protocol/openid-connect/registrations?client_id=accounts-teste&redirect_uri=http://localhost:8088/accounts-teste/&response_mode=fragment&response_type=code

Att,

Leonardo Nunes

Analista de Sistemas

leo.nunes@gjccorp.com.br

Skype: leonardo.puc

+55 (62) 3250-1462

Grupo Jaime Câmara

www.gjccorp.com.br

From: Leonardo Nunes <leo.nunes@gjccorp.com.br>
Date: quinta-feira, 31 de março de 2016 18:01
To: "keycloak-user@lists.jboss.org" <keycloak-user@lists.jboss.org>
Subject: req.getUserPrincipal() returns NULL before navigating to a restricted url (after login)

Hi everyone,

I have a page1 that it's access is not restricted, at the page1 I have a Login button that directs to Keycloak and the redirect_uri is the page1.

After I login and get redirect to page1, I try to access the logged in user information with req.getUserPrincipal() but this method returns NULL at this moment.

If I navigate to a page that it's url is restricted and then return to the non-restricted page, then req.getUserPrincipal() returns the user object.

I noticed that I have to go to a restricted page before being able to access the user information at a non-restricted page.

The ticket below solved the problem of not accessing the user information at a non-restricted page, but still have this case when the user logged in at non-restricted page.

https://issues.jboss.org/browse/KEYCLOAK-2518

Leonardo

Esta mensagem pode conter informação confidencial e/ou privilegiada. Se você não for o destinatário ou a pessoa autorizada a receber esta mensagem, não poderá usar, copiar ou divulgar as informações nela contidas ou tomar qualquer ação baseada nessas informações. Se você recebeu esta mensagem por engano, por favor avise imediatamente o remetente, respondendo o e-mail e em seguida apague-o. Agradecemos sua cooperação.

This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation