if i switch to spring boot adapter, it works localhost embedded tomcat,
but deployed under jboss/undertow it does not even protect the endpoint.
In spring sec setup at least i can see it protects it but i suspect is
undertow that is the isshe with the too many redirects. The only way i
canget it working is standard jee protecting ir by web.xml, but it's not
what i want to do.
The gus at jboss wondering if they even tried this scenario that Im facing.
thanks
I call the rest from a spa front(angular) sending in bearer token
- Authorization in the http header. I see Keycloak filter configured through
spring sec does work , but right after spring sec redirects badly to the
root context back and forth and getting too many redirects back to the
front.
This git (
https://github.com/cternes/slackspace-angular-spring-keycloak)
works ok on mvn spring:boot run on localhost and embedded tomcat. I do the
same but deployed in jboss eap 7 with keycloack as separate instance for
auth.
Anymore ideas? thx
>
So are you trying to access the rest endpoint using a browser? Try to
> access it using a dedicated tool like postman.
>
> Just grab an access token from the authentication endpoint and use it in
> the authorization header to access it.
>
> I originally had some problems with the browser similar to yours because
> of my reverse proxy filtering the cookie headers (which I think isn't
> your case).
>
>
> Nire Sony Xperia⢠telefonotik bidalita
>
> ---- java_os igorleak idatzi du ----
>
>>Around same context, here in the pain i go through
>>My rest war is spring boot which i want to protect it through keycloak
>>spring security adapter with no luck. I can see that keycloak filter
>> gets
>>in first, authenticates fine bearer, but then spring sec gets in, it
>>redirects internally to the root context of my rest end point and starts
>>the dance getting into too many redirects. This is deployed on jboss eap
>>7, goa all the adapters installed.
>>Anyone here got a scenario like mine working, or are we saying spring
>> sec
>>not working under jboss eap/ undertow?
>>thx
>>
>>> Hello there, I am using AngularJS client (fronted) and Spring Boot
>>> with
>>> Keycloak adapter (backend). In the backend, I am trying to expose a
>>> unprotected (naked) API for the client to use, so I would like to make
>>> sure
>>> that keycloak doesn't try to protect it. So I have the following
>>> questions
>>> related to using Keycloak with Spring Boot:
>>>
>>> 1) How the Keycloak intercepts incoming HTTP requests: do incoming
>>> requests
>>> come the Spring Boot and at what point the Keycloak comes into the
>>> play?
>>> Also, how can I make sure that certain Rest applications are left
>>> unprotected? From the documentation I can see a simple way of
>>> protecting
>>> certain URLs, but this brings me to my second question...
>>>
>>> 2) Where can I find full documentation about all the configuration
>>> possibilities for the Spring Boot Adapter? If I'll have to dive into
>>> the
>>> code, could some one kindly point a correct starting point and give
>>> instructions how to learn to extract all of the configuration
>>> properties
>>> like "security collections" etc. (see below). The traditional
>>> "web.xml"
>>> is
>>> quite easy the read and understand, but it isn't one-to-one mapping
>>> with
>>> "application.properties" file content. With further info it might
be
>>> possible to use Spring Boot's code based configuration methods too.
>>>
>>> Thanks in advance, best regards, Jari
>>>
>>> --- The current documentation ---
>>>
>>> You also need to specify the J2EE security config that would normally
>>> go
>>> in
>>> the web.xml. HereâÂÂs an example configuration:
>>>
>>> keycloak.securityConstraints[0].securityCollections[0].name = insecure
>>> stuff
>>> keycloak.securityConstraints[0].securityCollections[0].authRoles[0] =
>>> admin
>>> keycloak.securityConstraints[0].securityCollections[0].authRoles[0] =
>>> user
>>> keycloak.securityConstraints[0].securityCollections[0].patterns[0] =
>>> /insecure
>>>
>>> keycloak.securityConstraints[0].securityCollections[1].name = admin
>>> stuff
>>> keycloak.securityConstraints[0].securityCollections[1].authRoles[0] =
>>> admin
>>> keycloak.securityConstraints[0].securityCollections[1].patterns[0] =
>>> /admin
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user(a)lists.jboss.org
>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>>
>>_______________________________________________
>>keycloak-user mailing list
>>keycloak-user(a)lists.jboss.org
>>https://lists.jboss.org/mailman/listinfo/keycloak-user
>