5:11 a.m.
I call the rest from a spa front(angular) sending in bearer token
Authorization in the http header. I see Keycloak filter configured through
spring sec does work , but right after spring sec redirects badly to the
root context back and forth and getting too many redirects back to the
front.
This git ( https://github.com/cternes/slackspace-angular-spring-keycloak)
works ok on mvn spring:boot run on localhost and embedded tomcat. I do the
same but deployed in jboss eap 7 with keycloack as separate instance for
auth.
Anymore ideas? thx
So are you trying to access the rest endpoint using a browser?
Try to
> access it using a dedicated tool like postman.
> Just grab an access token from the authentication endpoint
and use it in
> the authorization header to access it.
> I originally had some problems with the browser similar to
yours because
> of my reverse proxy filtering the cookie headers (which I think isn't
> your case).
> Nire Sony Xperia⢠telefonotik
bidalita
> ---- java_os igorleak idatzi du ----
>>Around same context, here in the pain i go through
>>My rest war is spring boot which i want to protect it through keycloak
>>spring security adapter with no luck. I can see that keycloak filter gets
>>in first, authenticates fine bearer, but then spring sec gets in, it
>>redirects internally to the root context of my rest end point and starts
>>the dance getting into too many redirects. This is deployed on jboss eap
>>7, goa all the adapters installed.
>>Anyone here got a scenario like mine working, or are we saying spring sec
>>not working under jboss eap/ undertow?
>>thx
> >>> Hello there, I am using AngularJS client (fronted)
and Spring Boot with
>>> Keycloak adapter (backend). In the backend, I am trying to expose a
>>> unprotected (naked) API for the client to use, so I would like to make
>>> sure
>>> that keycloak doesn't try to protect it. So I have the following
>>> questions
>>> related to using Keycloak with Spring Boot:
>> >>> 1) How the Keycloak
intercepts incoming HTTP requests: do incoming
>>> requests
>>> come the Spring Boot and at what point the Keycloak comes into the
>>> play?
>>> Also, how can I make sure that certain Rest applications are left
>>> unprotected? From the documentation I can see a simple way of
>>> protecting
>>> certain URLs, but this brings me to my second question...
>> >>> 2) Where can I find
full documentation about all the configuration
>>> possibilities for the Spring Boot Adapter? If I'll have to dive into
>>> the
>>> code, could some one kindly point a correct starting point and give
>>> instructions how to learn to extract all of the configuration
>>> properties
>>> like "security collections" etc. (see below). The traditional
"web.xml"
>>> is
>>> quite easy the read and understand, but it isn't one-to-one mapping
>>> with
>>> "application.properties" file content. With further info it might
be
>>> possible to use Spring Boot's code based configuration methods too.
>> >>> Thanks in advance, best
regards, Jari
>> >>> --- The current
documentation ---
>> >>> You also need to
specify the J2EE security config that would normally
>>> go
>>> in
>>> the web.xml. HereâÂÂs an example configuration:
>> >>>
keycloak.securityConstraints[0].securityCollections[0].name = insecure
>>> stuff
>>> keycloak.securityConstraints[0].securityCollections[0].authRoles[0] =
>>> admin
>>> keycloak.securityConstraints[0].securityCollections[0].authRoles[0] =
>>> user
>>> keycloak.securityConstraints[0].securityCollections[0].patterns[0] =
>>> /insecure
>> >>>
keycloak.securityConstraints[0].securityCollections[1].name = admin
>>> stuff
>>> keycloak.securityConstraints[0].securityCollections[1].authRoles[0] =
>>> admin
>>> keycloak.securityConstraints[0].securityCollections[1].patterns[0] =
>>> /admin
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user(a)lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
>>_______________________________________________
>>keycloak-user mailing list
>>keycloak-user(a)lists.jboss.org
>>https://lists.jboss.org/mailman/listinfo/keycloak-user