[undertow-dev] AuthMechanism called always?
Bill Burke
bburke at redhat.com
Mon Dec 22 10:34:47 EST 2014
A user is reporting that our Keycloak AuthMechanism is being called even
with unsecured resources. They have constraints defined in web.xml, but
if the constraint is unmatched (unsecure) the mechanism is still called.
Why is the auth mechanism called for unsecure resources?
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the undertow-dev
mailing list