Re: [keycloak-user] SAML2. Keycloak How to check if a user has been authenticated?

Hello there, I am using the SAML Java Servlet Filter adapter [1] (4.0.0.CR1-SNAPSHOT) in apache tomcat 9 [2]. Is there a way to know is the user has been authenticated? The thing is that the good and old HttpServletRequest.getUserPrincipal() [3] returns the principal (SAMLPrincipal) when there is a <security-constraint> declared for the url-pattern that matches the request. The purpose of this is to implement the "anonymous navigation" in some of our applications. Nowadays in some of our applications like this one https://phonebook.cern.ch/phonebook we do something like this: 1. User can navigate through the application 2. Sign-in link redirect the user to /secure/sso triggering the redirection to the IdP 3. The application makes use of the weblogic.security.Security.getCurrentSubject() [4] to check if the user has been logged in. Any thoughts on this? Thanks in advance, Luis [1] https://www.keycloak.org/docs/latest/securing_apps/index. html#java-servlet-filter-adapter [2] https://tomcat.apache.org/download-90.cgi [3] https://tomcat.apache.org/tomcat-9.0-doc/servletapi/ javax/servlet/http/HttpServletRequest.html#getUserPrincipal-- [4] https://docs.oracle.com/cd/E68505_01/wls/WLAPI/ weblogic/security/Security.html#getCurrentSubject()