[keycloak-dev] KeycloakSecurityContext is always null
Maurício Giacomini Penteado
mauriciogiacomini at hotmail.com
Thu Oct 13 10:59:10 EDT 2016
On Keycloak Secure Application Service Guide is described like an obligation the definition of security-constration in web.xml.
I am programming an application that follows concepts of "WYSIWYG". My app need have the feature of anonymous browsing and identified browsing on same app URIs. The definition of url-paths protected by security-constration are breaking the concepts of "WYSIWYG".
Is there a way to get access to keycloak SecurityDomain without restrict paths by security-constration?
Regards,
Mauricio.
________________________________
De: Maurício Giacomini Penteado <mauriciogiacomini at hotmail.com>
Enviado: terça-feira, 11 de outubro de 2016 21:50
Para: keycloak-dev at lists.jboss.org
Assunto: KeycloakSecurityContext is always null
Hello everyone,
I do not understanding how can I correctly use KeycloakSecurityContext on a Rest service to obtain access to keycloak tokens.
I tryed via httpServletRequest:
KeycloakSecurityContext session = (KeycloakSecurityContext) httpServletRequest.getAttribute(KeycloakSecurityContext.class.getName());
But, my KeycloakSecurityContext is always null.
I put the anotation @SecurityDomain("keycloak") on my class without success.
The authentication works perfectly but, the authorization is a problem. I am trying access to KeycloakSecurityContext to work with authorization.
If someone has a tip that can help me, please let me know.
Regards,
Mauricio.
More information about the keycloak-dev
mailing list