set auth contraint to true when wildcard is used

2017-12-08 13:38:11 +01:00 · 2017-12-08 13:38:11 +01:00 · a96c9d34c9
commit a96c9d34c9
parent 3d0512efd8
1 changed files with 5 additions and 3 deletions
--- a/adapters/oidc/spring-boot/src/main/java/org/keycloak/adapters/springboot/KeycloakAutoConfiguration.java
+++ b/adapters/oidc/spring-boot/src/main/java/org/keycloak/adapters/springboot/KeycloakAutoConfiguration.java
@ -132,10 +132,8 @@ public class KeycloakAutoConfiguration {
            loginConfig.addFirstAuthMethod("KEYCLOAK");

            deploymentInfo.setLoginConfig(loginConfig);
-
            deploymentInfo.addInitParameter("keycloak.config.resolver", KeycloakSpringBootConfigResolver.class.getName());
            deploymentInfo.addSecurityConstraints(getSecurityConstraints());
-
            deploymentInfo.addServletExtension(new KeycloakServletExtension());
        }

@ -157,7 +155,6 @@ public class KeycloakAutoConfiguration {
                    undertowSecurityConstraint.addWebResourceCollections(webResourceCollection);

                }
-
                undertowSecurityConstraints.add(undertowSecurityConstraint);
            }
            return undertowSecurityConstraints;
@ -280,6 +277,11 @@ public class KeycloakAutoConfiguration {

                for (String authRole : constraint.getAuthRoles()) {
                    tomcatConstraint.addAuthRole(authRole);
+                    if(authRole.equals("*") || authRole.equals("**")) {
+                        // For some reasons embed tomcat don't set the auth constraint on true when wildcard is
+                        // used
+                        tomcatConstraint.setAuthConstraint(true);
+                    }
                }

                for (KeycloakSpringBootProperties.SecurityCollection collection : constraint.getSecurityCollections()) {