If you have a javascript applicaiton why are you not using the javascript adapter?

On 4 December 2015 at 15:15, Christopher Wallace <cjwallac@gmail.com> wrote:
We are using Apache TOMCAT v. 8.0.18. We have a Javascript application that we would like to configure web.xml using KEYCLOAK to protect all root URI's '/' except '/tracking'. Is there a way to exclude '/tracking' from being protected either in the KEYCLOAK admin console or in the WEB.XML itself. Some additional information is for the tracking URL we will use both HTTP and WEBSOCKETS protocols. Our current approach was to specifically protect all URI except for '/tracking' but that doesn't seem to be working as a solution.

We have attached our example WEB.XML attempting to specifically protect URLs:

<?xml version="1.0" encoding="UTF-8"?>
         version="3.0">
    <module-name>ROOT</module-name>
    <security-constraint>
        <web-resource-collection>
            <web-resource-name>APP</web-resource-name>
            <url-pattern>/app/*</url-pattern>
        </web-resource-collection>
        <!--API-->
        <web-resource-collection>
            <web-resource-name>API</web-resource-name>
            <url-pattern>/api/*</url-pattern>
        </web-resource-collection>
        <!--HTML-->
        <web-resource-collection>
            <web-resource-name>HTML</web-resource-name>
            <url-pattern>*.html</url-pattern>
        </web-resource-collection>
<auth-constraint>
            <role-name>user</role-name>
        </auth-constraint>
    </security-constraint>
 <login-config>
        <auth-method>KEYCLOAK</auth-method>
        <realm-name>worktrac</realm-name>
    </login-config>
    <security-role>
        <role-name>user</role-name>
    </security-role>
</web-app>

We appreciate your feedback and thoughts on a solution.
- Chris

_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user