Re: [keycloak-user] [1.5.0] KC Issue with filters
Servlet Filters will *NEVER* execute until authentication and
authorization is complete. Keycloak adapter acts as a built in servlet
security mechanism and built-in servlet security mechanisms (BASIC,
FORM, etc.) need to pass authz before any Filters are executed.
On 10/11/2015 4:11 AM, Hristo Stoyanov wrote:
Hi all,
has anyone seen a situation where this KC declaration in a WEB.XML:
<security-constraint>
<web-resource-collection>
<web-resource-name>Login</web-resource-name>
<url-pattern>/app-login</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>*</role-name>
</auth-constraint>
</security-constraint>
will suppress any filters with the same usrl-pattern and under what
circumstances could this happen:
<filter-mapping>
<filter-name>ErraiLoginRedirectFilter</filter-name>
<url-pattern>/app-login</url-pattern>
</filter-mapping>
You can see the full details of my issue in this thread:
https://developer.jboss.org/message/941862#941862
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com