Hello Vagelis,
KeycloakConfigResolver will be always called when the request is processed.
Can you check this example if it helps you?
https://github.com/keycloak/keycloak/tree/master/examples/multi-tenant
If not feel free to contact me and hopefully I can help you set it up.
Regards,
Vlasta
On 10/30/18 8:19 AM, Vagelis Savvas wrote:
Hello,
in a multitenant app on Wildfly 14.0.1 with a bearer-only REST API to
protect I would like some URLs
to not be secured. So I would like my custom KeycloakConfigResolver
implementation
to not be called when those URLs are hit but it is. The reason I don't
want my KeycloakConfigResolver to be called is simply because
I have no clue as to what to return in that case: its a non-secured REST
endpoint so a Keycloak realm doesn't make sense in my understanding.
My setup follows the docs: I've installed the adapter for Wildfly and
the web.xml has the necessary setup for not securing some URLs (no
auth-constraint for those URLs)
Also in jboss-web.xml the security-domain element isn't defined,
although I don't know if that plays any role.
My final goal is to have some URLs secured by using the JBoss specific
@SecurityDomain and the standard @RolesAllowed etc annotations.
Can you please shed some light on this matter? I'd greatly appreciate
any detailed explanation of the mechanisms involved in this area.
Cheers,
Vagelis
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user