8:28 p.m.
Hi. I am trying to get this sample application working against a local
keycloak instance
https://github.com/spring-cloud-samples/sso
As I understand it, it's a Spring Boot application using Spring Security to
support SSO. And I can't get it (as the client) to interact with the
KeyCloak authentication server.
If I just add the configuration for the Spring Boot adapter alone, it
attempts to call out to KeyCloak but the url always includes a redirect_uri
parameter, which Keycloak doesn't like and displays an error instead of a
login screen.
I've then tried to add, in addition to the Spring Boot configuration, the
integration with Spring Security (the next section in the KeyCloak
documentation). When I that, however, the server complains because it
cannot find the keycloak.json file. Which isn't there because I've added
the details to the application.yml file (as directed by the Spring Boot
config)
Is there some last step that I need to do to get these working? I'm new to
Spring Boot. so I'm not sure I know how to step through it's configuration
to see why it insists on sending the redirect_uri, and including Spring
Security seems like a miss.
Thanks for any help,
Ed
9:30 p.m.
Hi Ed,
I’d recommend not using the Spring Boot adapter for now and sticking with the Spring
Security adapter, even for Spring Boot apps. You’ll still need a keycloak.json file, which
you can put in your src/main/resources folder.
Here’s an repositories with examples of how to use Spring Security rules and run with
Spring Boot:
https://github.com/foo4u/keycloak-spring-demo
<https://github.com/foo4u/keycloak-spring-demo>
Take a look at this configuration for a confidential app:
https://github.com/foo4u/keycloak-spring-demo/blob/master/customer-app/sr...
<https://github.com/foo4u/keycloak-spring-demo/blob/master/customer-app/sr...
Or this configuration for a bearer-only app:
https://github.com/foo4u/keycloak-spring-demo/blob/master/database-servic...
<https://github.com/foo4u/keycloak-spring-demo/blob/master/database-servic...
Hope that helps.
We’ll try to align the Spring Boot module with the Spring Security module in the coming
months. For now, the two modules are mutually exclusive. Ideally, the Spring Boot module
would simply add sensible defaults and configuration via application config to the Spring
Security adapter.
Best,
Scott
On Aug 13, 2015, at 9:28 PM, Ed Hillmann
<ed.hillmann(a)gmail.com> wrote:
Hi. I am trying to get this sample application working against a local keycloak
instance
https://github.com/spring-cloud-samples/sso
<https://github.com/spring-cloud-samples/sso>
As I understand it, it's a Spring Boot application using Spring Security to support
SSO. And I can't get it (as the client) to interact with the KeyCloak authentication
server.
If I just add the configuration for the Spring Boot adapter alone, it attempts to call
out to KeyCloak but the url always includes a redirect_uri parameter, which Keycloak
doesn't like and displays an error instead of a login screen.
I've then tried to add, in addition to the Spring Boot configuration, the integration
with Spring Security (the next section in the KeyCloak documentation). When I that,
however, the server complains because it cannot find the keycloak.json file. Which
isn't there because I've added the details to the application.yml file (as
directed by the Spring Boot config)
Is there some last step that I need to do to get these working? I'm new to Spring
Boot. so I'm not sure I know how to step through it's configuration to see why it
insists on sending the redirect_uri, and including Spring Security seems like a miss.
Thanks for any help,
Ed
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
9:39 p.m.
Thanks Scott. I'll give that a try.
For the record, I progressed past that error by updating the
application.yml to set useCurrentUri to false when defining the client
configuration. But that just got me to the next error of too many
redirects.
So, I'll try using Spring Security on it's own for now. Thanks heaps for
the help.
Thanks again,
Ed
On Fri, Aug 14, 2015 at 12:30 PM, Scott Rossillo <srossillo(a)smartling.com>
wrote:
Hi Ed,
I’d recommend not using the Spring Boot adapter for now and sticking with
the Spring Security adapter, even for Spring Boot apps. You’ll still need a
keycloak.json file, which you can put in your src/main/resources folder.
Here’s an repositories with examples of how to use Spring Security rules
and run with Spring Boot:
https://github.com/foo4u/keycloak-spring-demo
Take a look at this configuration for a confidential app:
https://github.com/foo4u/keycloak-spring-demo/blob/master/customer-app/sr...
Or this configuration for a bearer-only app:
https://github.com/foo4u/keycloak-spring-demo/blob/master/database-servic...
Hope that helps.
We’ll try to align the Spring Boot module with the Spring
Security module in the coming months. For now, the two modules are mutually
exclusive. Ideally, the Spring Boot module would simply add sensible
defaults and configuration via application config to the Spring Security
adapter.
Best,
Scott
On Aug 13, 2015, at 9:28 PM, Ed Hillmann <ed.hillmann(a)gmail.com> wrote:
Hi. I am trying to get this sample application working against a local
keycloak instance
https://github.com/spring-cloud-samples/sso
As I understand it, it's a Spring Boot application using Spring Security
to support SSO. And I can't get it (as the client) to interact with the
KeyCloak authentication server.
If I just add the configuration for the Spring Boot adapter alone, it
attempts to call out to KeyCloak but the url always includes a redirect_uri
parameter, which Keycloak doesn't like and displays an error instead of a
login screen.
I've then tried to add, in addition to the Spring Boot configuration, the
integration with Spring Security (the next section in the KeyCloak
documentation). When I that, however, the server complains because it
cannot find the keycloak.json file. Which isn't there because I've added
the details to the application.yml file (as directed by the Spring Boot
config)
Is there some last step that I need to do to get these working? I'm new
to Spring Boot. so I'm not sure I know how to step through it's
configuration to see why it insists on sending the redirect_uri, and
including Spring Security seems like a miss.
Thanks for any help,
Ed
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
3422
days inactive
3422
days old
2 comments
2 participants
participants (2)
-
Ed Hillmann -
Scott Rossillo