[keycloak-user] authenticator.principal is null after successful authentication

Gregor Jarisch gregor at jarisch.net
Fri Feb 19 04:33:41 EST 2016


Hi there,

we are currently setting up keycloak (1.8.1.Final) with an application containing an embedded jetty (9.2.10.v20150310). 
Following the guidelines in the documentation, we have managed to make the authentication redirect process work.

However when the request is redirected back to our jetty (with an successful authentication), the variable "principal" of org.keycloak.adapters.jetty.core.JettyRequestAuthenticator in line 274 of org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator is null. 

We are not fully understanding the mechanism behind it, thus have difficulties understanding what we are doing wrong here. Following is our jetty embedded code. We assume that the problem must be within those lines.
Any help, insight or tip is highly appreciated!

Thank you,
Gregor  

        ...
        final HandlerList handlers = new HandlerList();

        KeycloakJettyAuthenticator keycloakAuthenticator = new KeycloakJettyAuthenticator();
        AdapterConfig keycloakAdapterConfig = new AdapterConfig();
        keycloakAdapterConfig.setRealm("realm");
        keycloakAdapterConfig.setRealmKey("realmKEY");
        keycloakAdapterConfig.setAuthServerUrl("http://localhost:8080/auth");
        keycloakAdapterConfig.setSslRequired("none");
        keycloakAdapterConfig.setResource("client");
        keycloakAdapterConfig.setPublicClient(true);
        keycloakAdapterConfig.setTokenStore("cookie");

        keycloakAuthenticator.setAdapterConfig(keycloakAdapterConfig);

        ConstraintSecurityHandler security = new ConstraintSecurityHandler();
        server.setHandler(security);

        Constraint constraint = new Constraint();
        constraint.setName("auth");
        constraint.setAuthenticate(true);
        constraint.setRoles(new String[] { "user", "admin" });

        ConstraintMapping mapping = new ConstraintMapping();
        mapping.setPathSpec("/*");
        mapping.setConstraint(constraint);

        security.setConstraintMappings(Collections.singletonList(mapping));
        security.setAuthenticator(keycloakAuthenticator);

        handlers.addHandler(security);


        ServletContextHandler servletHandler = new ServletContextHandler(security, "/*", ServletContextHandler.NO_SESSIONS);
        handlers.addHandler(servletHandler);
        server.setHandler(handlers);
        ...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160219/77589ff3/attachment.html 


More information about the keycloak-user mailing list