Prevent Web App Basic Authorization challenge before forwarding to Keycloak Login





.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box;
}







0















From what I understand, a Web App secured by Keycloak should just forward to the Keycloak login page.



If I just dismiss the challenge, my web app does forward to the Keycloak login page and forwards back after a successful as expected.



How do I prevent the Basic challenge dialog?



My web.xml



<?xml version="1.0" encoding="UTF-8"?>

<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

    xmlns="http://xmlns.jcp.org/xml/ns/javaee"

    xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"

    id="WebApp_ID" version="3.1">

    <display-name>SSO-Example</display-name>

    <welcome-file-list>

        <welcome-file>index.html</welcome-file>

        <welcome-file>index.htm</welcome-file>

        <welcome-file>index.jsp</welcome-file>

        <welcome-file>default.html</welcome-file>

        <welcome-file>default.htm</welcome-file>

        <welcome-file>default.jsp</welcome-file>

    </welcome-file-list>

    <security-constraint>

        <web-resource-collection>

            <web-resource-name>SSO-Example</web-resource-name>

            <url-pattern>/*</url-pattern>

        </web-resource-collection>

        <auth-constraint>

            <role-name>user</role-name>

        </auth-constraint>

    </security-constraint>

    <security-role>

        <role-name>user</role-name>

    </security-role>

</web-app>


My keycloak.json



{

  "realm": "xx",

  "auth-server-url": "https://xx:8443/auth",

  "ssl-required": "external",

  "resource": "xx",

  "verify-token-audience": true,

  "credentials": {

    "secret": "xx"

  },

   "disable-trust-manager": true,

   "allow-any-hostname" : true,

  "use-resource-role-mappings": true,

  "confidential-port": 0

}





security keycloak







share|improve this question





























    0















    From what I understand, a Web App secured by Keycloak should just forward to the Keycloak login page.



    If I just dismiss the challenge, my web app does forward to the Keycloak login page and forwards back after a successful as expected.



    How do I prevent the Basic challenge dialog?



    My web.xml



    <?xml version="1.0" encoding="UTF-8"?>
    
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    
    xmlns="http://xmlns.jcp.org/xml/ns/javaee"
    
    xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
    
    id="WebApp_ID" version="3.1">
    
    <display-name>SSO-Example</display-name>
    
    <welcome-file-list>
    
        <welcome-file>index.html</welcome-file>
    
        <welcome-file>index.htm</welcome-file>
    
        <welcome-file>index.jsp</welcome-file>
    
        <welcome-file>default.html</welcome-file>
    
        <welcome-file>default.htm</welcome-file>
    
        <welcome-file>default.jsp</welcome-file>
    
    </welcome-file-list>
    
    <security-constraint>
    
        <web-resource-collection>
    
            <web-resource-name>SSO-Example</web-resource-name>
    
            <url-pattern>/*</url-pattern>
    
        </web-resource-collection>
    
        <auth-constraint>
    
            <role-name>user</role-name>
    
        </auth-constraint>
    
    </security-constraint>
    
    <security-role>
    
        <role-name>user</role-name>
    
    </security-role>
    
</web-app>


    My keycloak.json



    {
    
  "realm": "xx",
    
  "auth-server-url": "https://xx:8443/auth",
    
  "ssl-required": "external",
    
  "resource": "xx",
    
  "verify-token-audience": true,
    
  "credentials": {
    
    "secret": "xx"
    
  },
    
   "disable-trust-manager": true,
    
   "allow-any-hostname" : true,
    
  "use-resource-role-mappings": true,
    
  "confidential-port": 0
    
}





    security keycloak







    share|improve this question

























      0












      0








      0








      From what I understand, a Web App secured by Keycloak should just forward to the Keycloak login page.



      If I just dismiss the challenge, my web app does forward to the Keycloak login page and forwards back after a successful as expected.



      How do I prevent the Basic challenge dialog?



      My web.xml



      <?xml version="1.0" encoding="UTF-8"?>
      
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
      
    xmlns="http://xmlns.jcp.org/xml/ns/javaee"
      
    xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
      
    id="WebApp_ID" version="3.1">
      
    <display-name>SSO-Example</display-name>
      
    <welcome-file-list>
      
        <welcome-file>index.html</welcome-file>
      
        <welcome-file>index.htm</welcome-file>
      
        <welcome-file>index.jsp</welcome-file>
      
        <welcome-file>default.html</welcome-file>
      
        <welcome-file>default.htm</welcome-file>
      
        <welcome-file>default.jsp</welcome-file>
      
    </welcome-file-list>
      
    <security-constraint>
      
        <web-resource-collection>
      
            <web-resource-name>SSO-Example</web-resource-name>
      
            <url-pattern>/*</url-pattern>
      
        </web-resource-collection>
      
        <auth-constraint>
      
            <role-name>user</role-name>
      
        </auth-constraint>
      
    </security-constraint>
      
    <security-role>
      
        <role-name>user</role-name>
      
    </security-role>
      
</web-app>


      My keycloak.json



      {
      
  "realm": "xx",
      
  "auth-server-url": "https://xx:8443/auth",
      
  "ssl-required": "external",
      
  "resource": "xx",
      
  "verify-token-audience": true,
      
  "credentials": {
      
    "secret": "xx"
      
  },
      
   "disable-trust-manager": true,
      
   "allow-any-hostname" : true,
      
  "use-resource-role-mappings": true,
      
  "confidential-port": 0
      
}





      security keycloak







      share|improve this question














      From what I understand, a Web App secured by Keycloak should just forward to the Keycloak login page.



      If I just dismiss the challenge, my web app does forward to the Keycloak login page and forwards back after a successful as expected.



      How do I prevent the Basic challenge dialog?



      My web.xml



      <?xml version="1.0" encoding="UTF-8"?>
      
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
      
    xmlns="http://xmlns.jcp.org/xml/ns/javaee"
      
    xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
      
    id="WebApp_ID" version="3.1">
      
    <display-name>SSO-Example</display-name>
      
    <welcome-file-list>
      
        <welcome-file>index.html</welcome-file>
      
        <welcome-file>index.htm</welcome-file>
      
        <welcome-file>index.jsp</welcome-file>
      
        <welcome-file>default.html</welcome-file>
      
        <welcome-file>default.htm</welcome-file>
      
        <welcome-file>default.jsp</welcome-file>
      
    </welcome-file-list>
      
    <security-constraint>
      
        <web-resource-collection>
      
            <web-resource-name>SSO-Example</web-resource-name>
      
            <url-pattern>/*</url-pattern>
      
        </web-resource-collection>
      
        <auth-constraint>
      
            <role-name>user</role-name>
      
        </auth-constraint>
      
    </security-constraint>
      
    <security-role>
      
        <role-name>user</role-name>
      
    </security-role>
      
</web-app>


      My keycloak.json



      {
      
  "realm": "xx",
      
  "auth-server-url": "https://xx:8443/auth",
      
  "ssl-required": "external",
      
  "resource": "xx",
      
  "verify-token-audience": true,
      
  "credentials": {
      
    "secret": "xx"
      
  },
      
   "disable-trust-manager": true,
      
   "allow-any-hostname" : true,
      
  "use-resource-role-mappings": true,
      
  "confidential-port": 0
      
}





      security keycloak




      security keycloak






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Jan 4 at 15:03









      Christopher SmithChristopher Smith

      479




      479
























          0






          active

          oldest

          votes












          Your Answer






          StackExchange.ifUsing("editor", function () {
          StackExchange.using("externalEditor", function () {
          StackExchange.using("snippets", function () {
          StackExchange.snippets.init();
          });
          });
          }, "code-snippets");

          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "1"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f54041459%2fprevent-web-app-basic-authorization-challenge-before-forwarding-to-keycloak-logi%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          0






          active

          oldest

          votes








          0






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes
















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Stack Overflow!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f54041459%2fprevent-web-app-basic-authorization-challenge-before-forwarding-to-keycloak-logi%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          -

          Popular posts from this blog

          Angular Downloading a file using contenturl with Basic Authentication

          Image
          0 I have a contentUrl when user clicks on that,file should be downloaded. If I try to browse the contentUrl in the browser it asks for Userid and password.I believe this is Basic Authentication.I dont want user to enter UserId and Password so I am passing it Authorization(Please see below code). Url looks some thing like this: http://XXX.XXX.XX.XXX:8080/flowable-rest/service/runtime/tasks/90875/attachments/90555/content let username : string = 'admin'; let pwd : string = 'test'; let headers = new Headers(); headers.set('Accept', 'text/json'); headers.append('Content-Type', 'application/json'); headers.set('Access-Control-Allow-Origin', '*'); headers.set('Access-Control-Allow-Methods','POST, GET, OPTIONS, PUT, DELETE'); head
          Read more

          Olmecas

          Image
          Monumento 1, uma das quatro cabeças colossais encontradas em La Venta, com altura aproximada de 3 metros Olmecas é a designação do povo e da civilização que estiveram na origem da antiga cultura pré-colombiana da Mesoamérica e que se desenvolveram nas regiões tropicais do centro-sul do atual México durante o pré-clássico, próximo de onde hoje estão localizados os estados mexicanos de Veracruz e Tabasco, no Istmo de Tehuantepec, numa zona designada área nuclear olmeca. A cultura olmeca floresceu nesta região aproximadamente entre 1500 e 400 a.C., [ 1 ] e crê-se que tenha sido a civilização-mãe de todas as civilizações mesoamericanas que se desenvolveram posteriormente. [ 2 ] No entanto, desconhece-se a sua exacta filiação étnica, ainda que existam numerosas hipóteses colocadas para tentar resolver esta questão. O etnónimo olmeca foi cunhado pelos arqueólogos do século XX, e não devem confundir-se com os muito posteriores olmecas-xicalancas que ocuparam vários locais do México
          Read more

          Can't read property showImagePicker of undefined in react native iOS

          Image
          1 I have tired with this issue npm install react-native-image-picker@latest --save react-native link react-native-image-picker import ImagePicker from 'react-native-image-picker'; const options = { quality: 1.0, maxWidth: 500, maxHeight: 500, storageOptions: { skipBackup: true } }; ImagePicker.showImagePicker(options, (response) => { console.log('Response = ', response); if (response.didCancel) { console.log('User cancelled image picker'); } else if (response.error) { console.log('ImagePicker Error: ', response.error); } else if (response.customButton) { console.log('User tapped custom button: ', response.customButton); } else {
          Read more