[keycloak-user] servlet filter and roles
Simon Gordon
dev at sgordon.totalise.co.uk
Tue Mar 22 04:33:36 EDT 2016
Hi
My client applications (some SAML, some OIDC) are all running within Tomcat
7 on OpenShift. Since the Keycloak Tomcat adapter is a Valve, the jar needs
adding into the server classpath which of course I can't do on OpenShift.
(Or I've struggled to at least!)
Hence I'm using the generic servlet filter adapter. Looking here for SAML:
http://keycloak.github.io/docs/userguide/saml-client-adapter/html/ch07.html
and here for OIDC:
http://keycloak.github.io/docs/userguide/keycloak-server/html/ch08.html#d4e1046
I can't see how to achieve the security-constraints (roles primarily). Do I
need to resort to coding those in the apps, or maybe using JAAS?
Thanks,
Simon
More information about the keycloak-user
mailing list