[keycloak-user] About using Spring Boot adapter

java_os java at neposoft.com
Sun Oct 16 06:47:36 EDT 2016 

if i switch to spring boot adapter, it works localhost embedded tomcat,
but deployed under jboss/undertow it does not even protect the endpoint.
In spring sec setup at least i can see it protects it but i suspect is
undertow that is the isshe with the too many redirects. The only way i
canget it working is standard jee protecting ir by web.xml, but it's not
what i want to do.
The gus at jboss wondering if they even tried this scenario that Im facing.
thanks

>I call the rest from a spa front(angular) sending in bearer token
>- Authorization in the http header. I see Keycloak filter configured through
> spring sec does work , but right after spring sec redirects badly to the
> root context back and forth and getting too many redirects back to the
> front.
> This git ( https://github.com/cternes/slackspace-angular-spring-keycloak)
> works ok on mvn spring:boot run on localhost and embedded tomcat. I do the
> same but deployed in jboss eap 7 with keycloack as separate instance for
> auth.
>
> Anymore ideas? thx
>
>>
>  So are you trying to access the rest endpoint using a browser? Try to
>> access it using a dedicated tool like postman.
>>
>> Just grab an access token from the authentication endpoint and use it in
>> the authorization header to access it.
>>
>> I originally had some problems with the browser similar to yours because
>> of my reverse proxy filtering the  cookie headers (which I think isn't
>> your case).
>>
>>
>> Nire Sony Xperiaâ„¢ telefonotik bidalita
>>
>> ---- java_os igorleak idatzi du ----
>>
>>>Around same context, here in the pain i go through
>>>My rest war is spring boot which i want to protect it through keycloak
>>>spring security adapter with no luck. I can see that keycloak filter
>>> gets
>>>in first, authenticates fine bearer, but then spring sec gets in, it
>>>redirects internally to the root context of my rest end point and starts
>>>the dance getting into too many redirects. This is deployed on jboss eap
>>>7, goa all the adapters installed.
>>>Anyone here got a scenario like mine working, or are we saying spring
>>> sec
>>>not working under jboss eap/ undertow?
>>>thx
>>>
>>>> Hello there, I am using AngularJS client (fronted) and Spring Boot
>>>> with
>>>> Keycloak adapter (backend). In the backend, I am trying to expose a
>>>> unprotected (naked) API for the client to use, so I would like to make
>>>> sure
>>>> that keycloak doesn't try to protect it. So I have the following
>>>> questions
>>>> related to using Keycloak with Spring Boot:
>>>>
>>>> 1) How the Keycloak intercepts incoming HTTP requests: do incoming
>>>> requests
>>>> come the Spring Boot and at what point the Keycloak comes into the
>>>> play?
>>>> Also, how can I make sure that certain Rest applications are left
>>>> unprotected? From the documentation I can see a simple way of
>>>> protecting
>>>> certain URLs, but this brings me to my second question...
>>>>
>>>> 2)  Where can I find full documentation about all the configuration
>>>> possibilities for the Spring Boot Adapter? If I'll have to dive into
>>>> the
>>>> code, could some one kindly point a correct starting point and give
>>>> instructions how to learn to extract all of the configuration
>>>> properties
>>>> like "security collections" etc. (see below). The traditional
>>>> "web.xml"
>>>> is
>>>> quite easy the read and understand, but it isn't one-to-one mapping
>>>> with
>>>> "application.properties" file content. With further info it might be
>>>> possible to use Spring Boot's code based configuration methods too.
>>>>
>>>> Thanks in advance, best regards, Jari
>>>>
>>>> --- The current documentation ---
>>>>
>>>> You also need to specify the J2EE security config that would normally
>>>> go
>>>> in
>>>> the web.xml. Here’s an example configuration:
>>>>
>>>> keycloak.securityConstraints[0].securityCollections[0].name = insecure
>>>> stuff
>>>> keycloak.securityConstraints[0].securityCollections[0].authRoles[0] =
>>>> admin
>>>> keycloak.securityConstraints[0].securityCollections[0].authRoles[0] =
>>>> user
>>>> keycloak.securityConstraints[0].securityCollections[0].patterns[0] =
>>>> /insecure
>>>>
>>>> keycloak.securityConstraints[0].securityCollections[1].name = admin
>>>> stuff
>>>> keycloak.securityConstraints[0].securityCollections[1].authRoles[0] =
>>>> admin
>>>> keycloak.securityConstraints[0].securityCollections[1].patterns[0] =
>>>> /admin
>>>> _______________________________________________
>>>> keycloak-user mailing list
>>>> keycloak-user at lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>>
>>>_______________________________________________
>>>keycloak-user mailing list
>>>keycloak-user at lists.jboss.org
>>>https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>
>

More information about the keycloak-user mailing list