在转发到keypolt登录之前阻止Web应用基本授权质询

如果我不接受这个挑战,我的web应用程序会转发到keypolt登录页面,并在成功后按预期转发。

如何防止基本挑战对话框?

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns="http://xmlns.jcp.org/xml/ns/javaee"
    xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
    id="WebApp_ID" version="3.1">
    <display-name>SSO-Example</display-name>
    <welcome-file-list>
        <welcome-file>index.html</welcome-file>
        <welcome-file>index.htm</welcome-file>
        <welcome-file>index.jsp</welcome-file>
        <welcome-file>default.html</welcome-file>
        <welcome-file>default.htm</welcome-file>
        <welcome-file>default.jsp</welcome-file>
    </welcome-file-list>
    <security-constraint>
        <web-resource-collection>
            <web-resource-name>SSO-Example</web-resource-name>
            <url-pattern>/*</url-pattern>
        </web-resource-collection>
        <auth-constraint>
            <role-name>user</role-name>
        </auth-constraint>
    </security-constraint>
    <security-role>
        <role-name>user</role-name>
    </security-role>
</web-app>

我的keyclover.json

{
  "realm": "xx",
  "auth-server-url": "https://xx:8443/auth",
  "ssl-required": "external",
  "resource": "xx",
  "verify-token-audience": true,
  "credentials": {
    "secret": "xx"
  },
   "disable-trust-manager": true,
   "allow-any-hostname" : true,
  "use-resource-role-mappings": true,
  "confidential-port": 0
}