We use an own oidc implementation based on the jakarta standard jaspic.
(We offer it as a lib or as a jar as a server extension for many other internal applications within our company).
The activation of jaspic is done within the jaspic-providers.xml by adding the entry:
<provider name="jfoss" className="XXXX.AuthProvider" layer="HttpServlet" description="Our jaspic implementation"/>
An alternative to this configuration is to register our module with help of a servlet context listener , unfortunately both methods works not with vaadin.
Usually all requests to the tomcat server goest through our impleemntation:
public class AuthProvider implements AuthConfigProvider, ServerAuthConfig, ServerAuthModule, ServerAuthContext {
Together with Vaadin we dont get any requests anymore.
We use plain old java (no spring / spring boot / typescript or any other magic),
and followed the example here →
https://github.com/vaadin/base-starter-gradle.git
(btw. the example needs in the meantime tomcat 10, the docu is a little bit outdated and still refers to tomcat 9 that wotks not anymore).
I’m grateful for every tip.