From a96c9d34c90c786c4892b0c8035f288fb1c5a1e7 Mon Sep 17 00:00:00 2001 From: sebastienblanc Date: Fri, 8 Dec 2017 13:38:11 +0100 Subject: [PATCH] set auth contraint to true when wildcard is used --- .../adapters/springboot/KeycloakAutoConfiguration.java | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/adapters/oidc/spring-boot/src/main/java/org/keycloak/adapters/springboot/KeycloakAutoConfiguration.java b/adapters/oidc/spring-boot/src/main/java/org/keycloak/adapters/springboot/KeycloakAutoConfiguration.java index 679691aef6..e18677a3c2 100755 --- a/adapters/oidc/spring-boot/src/main/java/org/keycloak/adapters/springboot/KeycloakAutoConfiguration.java +++ b/adapters/oidc/spring-boot/src/main/java/org/keycloak/adapters/springboot/KeycloakAutoConfiguration.java @@ -132,10 +132,8 @@ public class KeycloakAutoConfiguration { loginConfig.addFirstAuthMethod("KEYCLOAK"); deploymentInfo.setLoginConfig(loginConfig); - deploymentInfo.addInitParameter("keycloak.config.resolver", KeycloakSpringBootConfigResolver.class.getName()); deploymentInfo.addSecurityConstraints(getSecurityConstraints()); - deploymentInfo.addServletExtension(new KeycloakServletExtension()); } @@ -157,7 +155,6 @@ public class KeycloakAutoConfiguration { undertowSecurityConstraint.addWebResourceCollections(webResourceCollection); } - undertowSecurityConstraints.add(undertowSecurityConstraint); } return undertowSecurityConstraints; @@ -280,6 +277,11 @@ public class KeycloakAutoConfiguration { for (String authRole : constraint.getAuthRoles()) { tomcatConstraint.addAuthRole(authRole); + if(authRole.equals("*") || authRole.equals("**")) { + // For some reasons embed tomcat don't set the auth constraint on true when wildcard is + // used + tomcatConstraint.setAuthConstraint(true); + } } for (KeycloakSpringBootProperties.SecurityCollection collection : constraint.getSecurityCollections()) {