[keycloak-user] SecurityContextHolder.getContext().getAuthentication() is null in spring boot

Steve Chernyak mrrothstein at gmail.com
Fri Sep 23 22:18:08 EDT 2016 

I'm trying to configure keycloak with a spring boot application.

I followed the adapter configuration steps for open id. I'm able to get
authentication working. I have the following dependencies:

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>
        <dependency>
            <groupId>org.keycloak</groupId>
            <artifactId>keycloak-spring-boot-adapter</artifactId>
            <version>${keycloak.version}</version>
        </dependency>
        <dependency>
            <groupId>org.keycloak</groupId>
            <artifactId>keycloak-tomcat8-adapter</artifactId>
            <version>${keycloak.version}</version>
        </dependency>

        ...

        <keycloak.version>2.2.0.Final</keycloak.version>

I have the following application properties:

security.basic.enabled=false

keycloak.realm=TestRealm
keycloak.realmKey=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkz/W3jWdRGrRtklEldftShutJOy+WFhf2Kd7uPqk1F4ABs2RlTDOBWItW7j6zLAEuqOJIU1YLR8rwcW82/z3sUNblehP6nPH3ciZoBAn6THO/pB/BJ4Tq/oQ1GC0oYBb9kTQa3Aq7AQWkcpPVFGa70gaRZfeDk6GeucBa45PpHZgg+6YnGuCAJOi2SEkJBBJmXQyQtFvEtK2nIcche7WjXYIA/Eu/Aaz/b55OwFlxYbKxr6UQClGV+TZQsnVwbNdJMFH9ysrl6tAtROa38e/+ScoODh1CH0I2x6PEmB04bV4bx8iaXLwJotioRb/4xMMsx/+EBXYwd1o0Nw2OazksQIDAQAB
keycloak.auth-server-url=http://172.17.0.2:8080/auth
keycloak.ssl-required=external
keycloak.resource=test-client
keycloak.credentials.secret=e215d192-b9c9-4ebb-86e0-e0b46d21825c

keycloak.securityConstraints[0].securityCollections[0].name = insecure stuff
keycloak.securityConstraints[0].securityCollections[0].authRoles[0] = user
keycloak.securityConstraints[0].securityCollections[0].patterns[0] =
/kennel/ping

I've confirmed my service method:

@RestController
@RequestMapping("/kennel")
@Validated
public class Kennel {

...
    @RequestMapping(value = "/ping", method = RequestMethod.GET)
    public final String ping() {
        return String.valueOf(SecurityContextHolder.
                getContext().
                getAuthentication());
    }
...
}

Is only executed when a user with the "user" role logs in and fails with a
403 otherwise. However, when a valid user, with a correct role does login,
the result is "null".

What do I need to change/add to get the context populating with an
authentication object?

Thanks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160923/cff6f36c/attachment.html

More information about the keycloak-user mailing list