Thanks for the links Scott. Although I am not actually using spring boot with wicket at the moment.

Still…. this might come in handy.

 

 

From: Scott Rossillo [mailto:srossillo@smartling.com]
Sent: 02 August 2016 00:07
To: Robert van Loenhout <r.vanloenhout@greenvalley.nl>
Cc: keycloak-user@lists.jboss.org
Subject: Re: [keycloak-user] keycloak and spring security

 

Seems the Spring Security filter chain isn’t being invoked on requests to the WicketServlet.

 

Spring Boot is very opinionated about how it does things so I’m not entirely sure what the best approach is.  However, I did find a boot starer for wicket[0] that provides some information on

using Spring Security + Wicket[1].

 

[0]: https://github.com/MarcGiffing/wicket-spring-boot

[1]: https://github.com/MarcGiffing/wicket-spring-boot#extension-spring-security

 

 

Scott Rossillo

Smartling | Senior Software Engineer

 

On Aug 1, 2016, at 10:09 AM, Robert van Loenhout <r.vanloenhout@greenvalley.nl> wrote:

 

I’m trying to create a test application using spring and wicket (without spring boot). I’m unable to trigger any authentication redirect.

I have added a SecurityConfig class as specified by the manual, and it’s been picked up by Spring.

For example my configure method is called

 

@Override
protected void configure(HttpSecurity http) throws Exception {
    super.configure(http);
   http.authorizeRequests().anyRequest().authenticated();

}

 

However whatever page I call it is returned without taking any security into account.

 

This is my web.xml

 

       <servlet>

             <servlet-name>wicket</servlet-name>

             <servlet-class>org.apache.wicket.protocol.http.WicketServlet</servlet-class>

             <init-param>

                    <param-name>applicationFactoryClassName</param-name>

                    <param-value>org.apache.wicket.spring.SpringWebApplicationFactory</param-value>

             </init-param>

             <init-param>

                    <param-name>applicationBean</param-name>

                    <param-value>wicketApplication</param-value>

             </init-param>

             <load-on-startup>1</load-on-startup>

       </servlet>

 

    <servlet-mapping>

        <servlet-name>wicket</servlet-name>

        <url-pattern>/*</url-pattern>

    </servlet-mapping>

 

    <context-param>

        <param-name>contextConfigLocation</param-name>

        <param-value>/WEB-INF/applicationContext.xml</param-value>

    </context-param>

 

    <listener>

        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>

    </listener>

 

The applicationContext does a component-scan.

Did I miss something that I need to add?

 

 

_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user