===== Per WAR Configuration This section describes how to secure a WAR directly by adding config and editing files within your WAR package. The first thing you must do is create a `keycloak-saml.xml` adapter config file within the `WEB-INF` directory of your WAR. The format of this config file is described in the <> section. Next you must set the `auth-method` to `KEYCLOAK-SAML` in `web.xml`. You also have to use standard servlet security to specify role-base constraints on your URLs. Here's an example _web.xml_ file: [source,xml] ---- customer-portal Admins /admin/* admin CONFIDENTIAL Customers /customers/* user CONFIDENTIAL KEYCLOAK-SAML this is ignored currently admin user ---- All standard servlet settings except the `auth-method` setting.