I’m doing a simple tutorial with SpringBoot 2.1.0 and KeyCloack 4.5.0. When I start my
app, I am getting the error below. It’s like the session manager bean is being registered
more than once.
org.springframework.beans.factory.support.BeanDefinitionOverrideException: Invalid bean
definition with name 'httpSessionManager' defined in class path resource
[com/example/demo/configuration/SecurityConfig.class]: Cannot register bean definition
[Root bean: class [null]; scope=; abstract=false; lazyInit=false; autowireMode=3;
dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=securityConfig;
factoryMethodName=httpSessionManager; initMethodName=null; destroyMethodName=(inferred);
defined in class path resource [com/example/demo/configuration/SecurityConfig.class]] for
bean 'httpSessionManager': There is already [Generic bean: class
[org.keycloak.adapters.springsecurity.management.HttpSessionManager]; scope=singleton;
abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true;
primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null;
destroyMethodName=null; defined in URL [jar:file:/Users/bigcat/.m!
2/repository/org/keycloak/keycloak-spring-security-adapter/4.5.0.Final/keycloak-spring-security-adapter-4.5.0.Final.jar!/org/keycloak/adapters/springsecurity/management/HttpSessionManager.class]]
bound.
Relevant maven dependencies I have are:
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-spring-boot-starter</artifactId>
<version>${keycloak.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
SecurityConfig.class is:
@KeycloakConfiguration
public class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter {
@Bean
public KeycloakConfigResolver KeycloakConfigResolver() {
return new KeycloakSpringBootConfigResolver();
}
/**
* Registers the KeycloakAuthenticationProvider with the authentication manager.
*/
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(keycloakAuthenticationProvider());
}
/**
* Defines the session authentication strategy.
*/
@Bean
@Override
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl());
}
@Override
protected void configure(HttpSecurity http) throws Exception
{
super.configure(http);
http
.authorizeRequests()
.antMatchers("/customers*").hasRole("pharmacist")
.anyRequest().permitAll();
}
}
Appreciate any help. Thanks