[keycloak-user] Arquillian Remote Container / Secured Webroot
Lauer Markus
Markus.Lauer at co-met.info
Wed Mar 23 05:21:48 EDT 2016
Hello,
This problem is not really Keycloak-specific, but maybe someone else
using Keycloak stumbled over this:
A WAR deployment with context-root "/" has a security-constraint as
follows:
<security-constraint>
<web-resource-collection>
<web-resource-name>Customers</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>user</role-name>
</auth-constraint>
</security-constraint>
Each access to application should be restricted.
Now Arquillian deploys it's testing deployment also to the same webroot
and as a result the tests can not be run. (Can not handle redirect to
Keycloak server.)
Error launching test at
http://0.0.0.0:8080/dd2ff55e-faa7-41fe-b092-8cc14d8ef4ae/ArquillianServletRunner?outputMode=serializedObject&className=some.example.TestClass&methodName=someTest. Got 302 (Found)
I do not want to blacklist all application paths/resources separately
(so that access to arquillian's UUID-named deployment would be
possible), because I'm afraid to forget one path.
Solution could be s/th like get a token via direct access grant and
inject it somehow into arquillian's requests...
How do you handle this?
Regards,
Markus.
________________________________
Zum Lesen der rechtlichen Hinweise dieser Mail, kopieren Sie bitte die aufgeführte URL in Ihren Browser oder folgen Sie dem Link.
http://disclaimer.tec-saar.de/co-met.htm
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4628 bytes
Desc: not available
Url : http://lists.jboss.org/pipermail/keycloak-user/attachments/20160323/82b698ae/attachment.bin
More information about the keycloak-user
mailing list