libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions

Merge pull request #30 from thomasdarimont/issue/29-document-skipPattern-parameter-in-servlet-filter-adapter

Browse source 
Document support for skipPath parameter in servlet-filter-adapter
This commit is contained in:
Bill Burke 2016-08-03 21:30:15 -04:00 committed by GitHub
commit 6f58c4daa6
1 changed files with 14 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
topics/oidc/java/servlet-filter-adapter.adoc
View file

@ -33,6 +33,20 @@ There's no way standard way to invalidate an HTTP session based on a session id.
In the snippet above there are two url-patterns. In the snippet above there are two url-patterns.
_/protected/*_ are the files we want protected, while the _/keycloak/*_ url-pattern handles callbacks from the {{book.project.name}} server. _/protected/*_ are the files we want protected, while the _/keycloak/*_ url-pattern handles callbacks from the {{book.project.name}} server.
If you need to exclude some paths beneath the configured `url-patterns` you can use the Filter init-param `keycloak.config.skipPattern` to configure
a regular expression that describes a path-pattern for which the keycloak filter should immediately delegate to the filter-chain.
By default no skipPattern is configured.
Patterns are matched against the `requestURI` without the `context-path`. Given the context-path `/myapp` a request for `/myapp/index.html` will be matched with `/index.html` against the skip pattern.
[source,xml]
----
<init-param>
<param-name>keycloak.config.skipPattern</param-name>
<param-value>^/(path1|path2|path3).*</param-value>
</init-param>
----
Note that you should configure your client in the {{book.project.name}} Admin Console with an Admin URL that points to a secured section covered by the filter's url-pattern. Note that you should configure your client in the {{book.project.name}} Admin Console with an Admin URL that points to a secured section covered by the filter's url-pattern.
The Admin URL will make callbacks to the Admin URL to do things like backchannel logout. The Admin URL will make callbacks to the Admin URL to do things like backchannel logout.