[keycloak-dev] KeycloakSecurityContext is always null

Maurício Giacomini Penteado mauriciogiacomini at hotmail.com
Thu Oct 13 14:37:57 EDT 2016 

Strangely, if I add "Keycloak OIDC JBoss Subsystem XML" on my standalone.xml  the authentication stops to work and when I try do login I receive:

WARN  [org.keycloak.adapters.OAuthRequestAuthenticator] No state cookie

Please, is "state cookie" a enable/disable feature?

Regards,
Mauricio.


________________________________
De: keycloak-dev-bounces at lists.jboss.org <keycloak-dev-bounces at lists.jboss.org> em nome de Maurício Giacomini Penteado <mauriciogiacomini at hotmail.com>
Enviado: quinta-feira, 13 de outubro de 2016 14:59
Para: keycloak-dev at lists.jboss.org
Assunto: Re: [keycloak-dev] KeycloakSecurityContext is always null

On Keycloak Secure Application Service Guide is described like an obligation the definition of security-constration in web.xml.

I am programming an application that follows concepts of "WYSIWYG". My app need have the feature of anonymous browsing and identified browsing on same app URIs. The definition of url-paths protected by security-constration are breaking the concepts of "WYSIWYG".

Is there a way to get access to keycloak SecurityDomain without restrict paths by security-constration?

Regards,
Mauricio.

________________________________
De: Maurício Giacomini Penteado <mauriciogiacomini at hotmail.com>
Enviado: terça-feira, 11 de outubro de 2016 21:50
Para: keycloak-dev at lists.jboss.org
Assunto: KeycloakSecurityContext is always null


Hello everyone,

I do not understanding how can I correctly use KeycloakSecurityContext on a Rest service to obtain access to keycloak tokens.

I tryed via httpServletRequest:
KeycloakSecurityContext session = (KeycloakSecurityContext) httpServletRequest.getAttribute(KeycloakSecurityContext.class.getName());

But, my KeycloakSecurityContext is always null.
I put the anotation @SecurityDomain("keycloak") on my class without success.

The authentication works perfectly but, the authorization is a problem. I am trying access to KeycloakSecurityContext to work with authorization.

If someone has a tip that can help me, please let me know.

Regards,
Mauricio.

_______________________________________________
keycloak-dev mailing list
keycloak-dev at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev
keycloak-dev Info Page - lists.jboss.org<https://lists.jboss.org/mailman/listinfo/keycloak-dev>
lists.jboss.org
To see the collection of prior postings to the list, visit the keycloak-dev Archives. Using keycloak-dev: To post a message to all the list members ...

More information about the keycloak-dev mailing list