Hi,

I wonder that the Servlet OAuth Client won't propagate authentication to wildfy EJB layer... Am I wrong ?

Jérôme.

Le mar. 21 avr. 2015 à 18:13, Marek Posolda <mposolda@redhat.com> a écrit :

You can take a look at our examples for how to use ServletOAuthClient. Hopefully it could help with your usecase:
https://github.com/keycloak/keycloak/tree/master/examples/demo-template/third-party
https://github.com/keycloak/keycloak/tree/master/examples/demo-template/third-party-cdi

Marek

On 21.4.2015 12:14, Jérôme Blanchard wrote:

Hi all,

I'm trying to protect a servlet application which can be accessed either as anonymous user and as authenticated user. Some resources are protected and my application takes in charge the access control (not role based) so I can't use the war protection using role user constraint.

In this case I've removed the role constraint in the web.xml and the keycloak wildfly (undertow) adapter let me access the application as unauthentified user (anonymous) which is perfect.

What I want to handle on some AccessDeniedException is to redirect the user to the authentication server manually. In this case, user authentified an come back to the protected URL but is no more anonymous but a authentified user.

Is ther is a way to handle this redirection to the authentication server manually (I don't know where to store the state variable allowing keycloak wildfly adapter to handle properly the auth redirect that include the code).

Best regards, Jérôme.
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user