[keycloak-user] SamlAuthenticatorValve in apache tomee for a ear application
Luis Rodríguez Fernández
uo67113 at gmail.com
Fri Oct 5 13:14:19 EDT 2018
Hello there,
OS Version: CentOS Linux release 7.5.1804
(Core) 3.10.0-862.11.6.el7.x86_64
Server version: Apache Tomcat/8.5.32 (TomEE 7.0.5)
Keycloak: 4.2.1 final
Tomcat SAML
adapter: org.keycloak.adapters.saml.tomcat.SamlAuthenticatorValve
The adapter is working, great, piece of cake, thank you keycloack crew!
However I have a big .ear application composed by multiple modules (.war).
Some modules use resources (.js, .css, images, etc) from other modules and
this resources are protected. For instance:
/Document/Claims/TravelRequest wants to use a calendar.gif that is stored
in the /main application. This last one declares "/*" as the url-pattern in
its security-constraint and is also secured with the SamlAuthenticatorValve.
I have tried enabling at the same time
the "org.apache.catalina.authenticator.SingleSignOn in tomcat but no luck.
Also forcing "/" via the tomcat global context (sessionCookiePath="/"), no
luck either, sigh...
Any thoughts on this?
Thanks in advance,
Luis
--
"Ever tried. Ever failed. No matter. Try Again. Fail again. Fail better."
- Samuel Beckett
More information about the keycloak-user
mailing list