From e6745532ce8978d69ef742916381002933dd88e7 Mon Sep 17 00:00:00 2001
From: William DeCoste <bdecoste@gmail.com>
Date: Wed, 2 Sep 2015 09:05:54 -0700
Subject: [PATCH 1/2] KEYCLOAK-1779

---
 .../subsystem/as7/KeycloakAdapterConfigDeploymentProcessor.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/integration/as7-eap6/as7-subsystem/src/main/java/org/keycloak/subsystem/as7/KeycloakAdapterConfigDeploymentProcessor.java b/integration/as7-eap6/as7-subsystem/src/main/java/org/keycloak/subsystem/as7/KeycloakAdapterConfigDeploymentProcessor.java
index 08dbdd7422..6cd1856ffe 100755
--- a/integration/as7-eap6/as7-subsystem/src/main/java/org/keycloak/subsystem/as7/KeycloakAdapterConfigDeploymentProcessor.java
+++ b/integration/as7-eap6/as7-subsystem/src/main/java/org/keycloak/subsystem/as7/KeycloakAdapterConfigDeploymentProcessor.java
@@ -67,7 +67,7 @@ public class KeycloakAdapterConfigDeploymentProcessor implements DeploymentUnitP
         // if secure-deployment configuration exists for web app, we force KEYCLOAK auth method on it
         // otherwise we only set up KEYCLOAK auth if it's requested through web.xml auth-method
         LoginConfigMetaData loginConfig = webMetaData.getLoginConfig();
-        if (!service.isSecureDeployment(deploymentName) && (loginConfig == null || !loginConfig.getAuthMethod().equalsIgnoreCase("KEYCLOAK"))) {
+        if (!service.isSecureDeployment(deploymentName) || loginConfig == null || !loginConfig.getAuthMethod().equalsIgnoreCase("KEYCLOAK")) {
             return;
         }
 

From b0095154d14710833d6b83921a850b8a7bfbbf7f Mon Sep 17 00:00:00 2001
From: Marko Strukelj <marko.strukelj@gmail.com>
Date: Fri, 4 Sep 2015 14:11:54 +0200
Subject: [PATCH 2/2] KEYCLOAK-1779 NPE due to missing web.xml/jboss-web.xml -
 improved code readability and npe fix

---
 ...cloakAdapterConfigDeploymentProcessor.java | 35 +++++++++++--------
 1 file changed, 20 insertions(+), 15 deletions(-)

diff --git a/integration/as7-eap6/as7-subsystem/src/main/java/org/keycloak/subsystem/as7/KeycloakAdapterConfigDeploymentProcessor.java b/integration/as7-eap6/as7-subsystem/src/main/java/org/keycloak/subsystem/as7/KeycloakAdapterConfigDeploymentProcessor.java
index 6cd1856ffe..5891b4b802 100755
--- a/integration/as7-eap6/as7-subsystem/src/main/java/org/keycloak/subsystem/as7/KeycloakAdapterConfigDeploymentProcessor.java
+++ b/integration/as7-eap6/as7-subsystem/src/main/java/org/keycloak/subsystem/as7/KeycloakAdapterConfigDeploymentProcessor.java
@@ -64,23 +64,28 @@ public class KeycloakAdapterConfigDeploymentProcessor implements DeploymentUnitP
 
         KeycloakAdapterConfigService service = KeycloakAdapterConfigService.getInstance();
 
-        // if secure-deployment configuration exists for web app, we force KEYCLOAK auth method on it
-        // otherwise we only set up KEYCLOAK auth if it's requested through web.xml auth-method
+        // otherwise
         LoginConfigMetaData loginConfig = webMetaData.getLoginConfig();
-        if (!service.isSecureDeployment(deploymentName) || loginConfig == null || !loginConfig.getAuthMethod().equalsIgnoreCase("KEYCLOAK")) {
-            return;
+
+        boolean hasSubsystemConfig = service.isSecureDeployment(deploymentName);
+        boolean webRequiresKC = loginConfig != null && "KEYCLOAK".equalsIgnoreCase(loginConfig.getAuthMethod());
+
+        if (hasSubsystemConfig || webRequiresKC) {
+            log.debug("Setting up KEYCLOAK auth method for WAR: " + deploymentName);
+
+            // if secure-deployment configuration exists for web app, we force KEYCLOAK auth method on it
+            if (hasSubsystemConfig) {
+                addJSONData(service.getJSON(deploymentName), warMetaData);
+                if (loginConfig != null) {
+                    loginConfig.setAuthMethod("KEYCLOAK");
+                    loginConfig.setRealmName(service.getRealmName(deploymentName));
+                } else {
+                    log.warn("Failed to set up KEYCLOAK auth method for WAR: " + deploymentName + " (loginConfig == null)");
+                }
+            }
+            addValve(webMetaData);
+            KeycloakLogger.ROOT_LOGGER.deploymentSecured(deploymentName);
         }
-
-        log.debug("Setting up KEYCLOAK auth method for WAR: " + deploymentName);
-        loginConfig.setAuthMethod("KEYCLOAK");
-
-        if (service.isSecureDeployment(deploymentName)) {
-            addJSONData(service.getJSON(deploymentName), warMetaData);
-            loginConfig.setRealmName(service.getRealmName(deploymentName));
-        }
-        addValve(webMetaData);
-
-        KeycloakLogger.ROOT_LOGGER.deploymentSecured(deploymentName);
     }
 
     private void addValve(JBossWebMetaData webMetaData) {