[keycloak-user] Spring boot application with keycloak
paolo lizarazu
polochepu at gmail.com
Fri Oct 12 17:22:34 EDT 2018
Hi All,
I have an spring boot application that use keycloak adapter to handle the
security, here the scenario.
Kecloak 4.2.0
- has a realm and a client configured to confidential and secret generated
running in docker container
- the spring boot application run in my local machine and has configured
the secret and the required keycloak properties
-- spring boot app has
@Bean
@Override
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl());
}@Override
protected void configure(HttpSecurity http) throws Exception {
super.configure(http);
http.authorizeRequests()
.antMatchers("/customers*","/users*")
.hasAnyRole("USER", "ADMIN", "user", "admin", "users")
.anyRequest()
.permitAll();
}
on KeycloakWebSecurityConfigurerAdapter, as you can see we are validating
/customer* and users* path to has roles.
when I go to localhost:8080/users the application is redirected to keycloak
login page and after login success the page show 403 error, the log show
the connection with keycloak was well but seems i have user anonimus in my
request.
I think my user get session and this should save the token? sorry if this
is beginner question.
any help would be appreciate.
More information about the keycloak-user
mailing list