Hello Dmitry,
thanx for the reply.
Currently I do indeed just return a new KeycloakDeployment() as you suggest.
This approach may stop working though, take a look at [1].
That said, I don't know if this code will be eventually included in
Keycloak.
Cheers,
Vagelis
On 02/11/2018 06:49, Dmitry Telegin wrote:
Hello Vagelis,
Please see my answer to exactly the same question:
http://lists.jboss.org/pipermail/keycloak-user/2018-October/016026.html
TL;DR: this is by design, but you shouldn't be worried. For unsecured URLs you can
simply return new KeycloakDeployment() from your resolver.
Cheers,
Dmitry Telegin
CTO, Acutus s.r.o.
Keycloak Consulting and Training
Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
+42 (022) 888-30-71
E-mail: info(a)acutus.pro
On Tue, 2018-10-30 at 09:19 +0200, Vagelis Savvas wrote:
> Hello,
>
> in a multitenant app on Wildfly 14.0.1 with a bearer-only REST API to
> protect I would like some URLs
> to not be secured. So I would like my custom KeycloakConfigResolver
> implementation
> to not be called when those URLs are hit but it is. The reason I don't
> want my KeycloakConfigResolver to be called is simply because
> I have no clue as to what to return in that case: its a non-secured REST
> endpoint so a Keycloak realm doesn't make sense in my understanding.
> My setup follows the docs: I've installed the adapter for Wildfly and
> the web.xml has the necessary setup for not securing some URLs (no
> auth-constraint for those URLs)
> Also in jboss-web.xml the security-domain element isn't defined,
> although I don't know if that plays any role.
> My final goal is to have some URLs secured by using the JBoss specific
> @SecurityDomain and the standard @RolesAllowed etc annotations.
> Can you please shed some light on this matter? I'd greatly appreciate
> any detailed explanation of the mechanisms involved in this area.
>
> Cheers,
> Vagelis
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/keycloak-user