[keycloak-user] KeycloakSecurityContext returns NULL using Tomcat Adapter
Bill Burke
bburke at redhat.com
Thu Feb 18 09:08:22 EST 2016
Log a jira. I'll look into fixing it in the next few weeks.
On 2/18/2016 8:22 AM, LEONARDO NUNES wrote:
> Hi Stian, thanks for your replay.
>
> The problem is that /movies is a page that doesn't require the user to
> be logged in.
> But when he is logged in and goes to /movies, I need retrieve user
> information.
> If I add a security-constraint for movies the user will be redirected
> to the login page, and this can't happen.
>
> Is there another way I can do this?
>
>
>
>
> From: Stian Thorgersen <sthorger at redhat.com <mailto:sthorger at redhat.com>>
> Reply-To: "stian at redhat.com <mailto:stian at redhat.com>"
> <stian at redhat.com <mailto:stian at redhat.com>>
> Date: quinta-feira, 18 de fevereiro de 2016 11:12
> To: Leonardo Nunes <leo.nunes at gjccorp.com.br
> <mailto:leo.nunes at gjccorp.com.br>>
> Cc: "keycloak-user at lists.jboss.org
> <mailto:keycloak-user at lists.jboss.org>" <keycloak-user at lists.jboss.org
> <mailto:keycloak-user at lists.jboss.org>>
> Subject: Re: KeycloakSecurityContext returns NULL using Tomcat Adapter
>
> This is down to the fact that there are differences between different
> containers. In reality you can only guarantee
> that KeycloakSecurityContext as long as the request requires
> authentication. Add a security-constraint for movies and you're fine.
>
> On 18 February 2016 at 12:50, LEONARDO NUNES <leo.nunes at gjccorp.com.br
> <mailto:leo.nunes at gjccorp.com.br>> wrote:
>
> Stian,
>
> I have an application deployed on Tomcat 7 using the Tomcat Adapter.
> When i'm logged in and I go to a non-secured URL,
> KeycloakSecurityContext returns null.
> I deployed the same application to the Keycloak Standalone Server,
> there I don't have this problem.
>
> At Tomcat the code below returns null when called from /movies/,
> and works when called from /article/
> At Keycloak Standalone Server /movies/ and /article/ works fine.
> (KeycloakSecurityContext)
> request.getAttribute(KeycloakSecurityContext.class.getName());
>
> Why is this happening?
>
> In my web.xml I have only one security-constraint securing /article/*
>
> WEB.XML:
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>Articles</web-resource-name>
> <url-pattern>/article/*</url-pattern>
> </web-resource-collection>
> <auth-constraint>
> <role-name>user</role-name>
> </auth-constraint>
> </security-constraint>
>
>
> --
> Leonardo Nunes
> ------------------------------------------------------------------------
> /Esta mensagem pode conter informação confidencial e/ou
> privilegiada. Se você não for o destinatário ou a pessoa
> autorizada a receber esta mensagem, não poderá usar, copiar ou
> divulgar as informações nela contidas ou tomar qualquer ação
> baseada nessas informações. Se você recebeu esta mensagem por
> engano, por favor avise imediatamente o remetente, respondendo o
> e-mail e em seguida apague-o. Agradecemos sua cooperação.
>
> This message may contain confidential and/or privileged
> information. If you are not the addressee or authorized to receive
> this for the addressee, you must not use, copy, disclose or take
> any action based on this message or any information herein. If you
> have received this message in error, please advise the sender
> immediately by reply e-mail and delete this message. Thank you for
> your cooperation/
>
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160218/1bb30056/attachment.html
More information about the keycloak-user
mailing list