Please ignore this question, just found that I need to add this line
" <auth-constraint>
            <role-name>user</role-name>
 </auth-constraint>"

to the <security-constraint> section. 

Thank you.


On Fri, Aug 5, 2016 at 10:35 PM, Ling <lingvisa@gmail.com> wrote:
Hi, if I want to secure the root directory, namely, when I visit http://localhost:8080/myapp, then it redirects me to the keycloak login page, asking for credentials. How to achieve that?

I modified the Web.xml as follows, but it doesn't secure anything at all. I thought this should work "<url-pattern>/*</url-pattern>", but it doesn't. 


<!-- 
    <security-constraint>
        <web-resource-collection>
            <web-resource-name>Admins</web-resource-name>
            <url-pattern>/admin/*</url-pattern>
        </web-resource-collection>
        <auth-constraint>
            <role-name>admin</role-name>
        </auth-constraint>
    </security-constraint>
    <security-constraint>
        <web-resource-collection>
            <web-resource-name>Login</web-resource-name>
            <url-pattern>/login2/*</url-pattern>
        </web-resource-collection>
        <auth-constraint>
            <role-name>user</role-name>
        </auth-constraint>
    </security-constraint>
 -->
    
    <security-constraint>
        <web-resource-collection>
        <web-resource-name>Web Root</web-resource-name>
            <url-pattern>/*</url-pattern>
        </web-resource-collection>
      
 <!-- 
        <user-data-constraint>
            <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
         -->
    </security-constraint>

    <login-config>
        <auth-method>KEYCLOAK</auth-method>
        <realm-name>bword</realm-name>
    </login-config>