Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-3669

Tomcat Adapter 8.x does not work with Tomcat 8.5.5

    Details

      Description

      With Springboot 1.4.1 and following the instructions from https://keycloak.gitbooks.io/securing-client-applications-guide/content/v/2.2/topics/oidc/java/spring-boot-adapter.html , when accessing the webpage we got the following error :

      "No login page was defined for FORM authentication in context []"

      The problem comes from the latest 8.x Tomcat version : 8.5.5 , by fixing https://bz.apache.org/bugzilla/show_bug.cgi?id=59823 , they made some "breaking" changes (https://github.com/apache/tomcat85/commit/c74595783a821cf43de45def094254c673298e73?diff=split) , as a result the authenticate method of the KeycloakAuthenticatorValve is never called.

      The solution is to change the signature of the method to :

      @Override
          protected boolean doAuthenticate(Request request, HttpServletResponse response)
      

      But that fix is only valid for Tomcat 8.5.5 , looks like we need to have a special adapter for 8.5.5 (also valid for Tomcat 9.x)

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  sebastienblanc Sebastien Blanc
                  Reporter:
                  sebastienblanc Sebastien Blanc
                • Votes:
                  1 Vote for this issue
                  Watchers:
                  3 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: