[keycloak-user] keycloak and spring security

Scott Rossillo srossillo at smartling.com
Mon Aug 1 18:07:23 EDT 2016 

Seems the Spring Security filter chain isn’t being invoked on requests to the WicketServlet.

Spring Boot is very opinionated about how it does things so I’m not entirely sure what the best approach is.  However, I did find a boot starer for wicket[0] that provides some information on
using Spring Security + Wicket[1].

[0]: https://github.com/MarcGiffing/wicket-spring-boot
[1]: https://github.com/MarcGiffing/wicket-spring-boot#extension-spring-security


Scott Rossillo
Smartling | Senior Software Engineer
srossillo at smartling.com

> On Aug 1, 2016, at 10:09 AM, Robert van Loenhout <r.vanloenhout at greenvalley.nl> wrote:
> 
> I’m trying to create a test application using spring and wicket (without spring boot). I’m unable to trigger any authentication redirect.
> I have added a SecurityConfig class as specified by the manual, and it’s been picked up by Spring.
> For example my configure method is called
>  
> @Override
> protected void configure(HttpSecurity http) throws Exception {
>     super.configure(http);
>    http.authorizeRequests().anyRequest().authenticated();
> }
>  
> However whatever page I call it is returned without taking any security into account.
>  
> This is my web.xml
>  
>        <servlet>
>              <servlet-name>wicket</servlet-name>
>              <servlet-class>org.apache.wicket.protocol.http.WicketServlet</servlet-class>
>              <init-param>
>                     <param-name>applicationFactoryClassName</param-name>
>                     <param-value>org.apache.wicket.spring.SpringWebApplicationFactory</param-value>
>              </init-param>
>              <init-param>
>                     <param-name>applicationBean</param-name>
>                     <param-value>wicketApplication</param-value>
>              </init-param>
>              <load-on-startup>1</load-on-startup>
>        </servlet>
>  
>     <servlet-mapping>
>         <servlet-name>wicket</servlet-name>
>         <url-pattern>/*</url-pattern>
>     </servlet-mapping>
>  
>     <context-param>
>         <param-name>contextConfigLocation</param-name>
>         <param-value>/WEB-INF/applicationContext.xml</param-value>
>     </context-param>
>  
>     <listener>
>         <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
>     </listener>
>  
> The applicationContext does a component-scan.
> Did I miss something that I need to add?
>  
>  
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org <mailto:keycloak-user at lists.jboss.org>
> https://lists.jboss.org/mailman/listinfo/keycloak-user <https://lists.jboss.org/mailman/listinfo/keycloak-user>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160801/86713f8d/attachment-0001.html

More information about the keycloak-user mailing list