Hi all,
We are using keycloak 7.0.0 as microservice in cloud for users logins and
for microservice-to-microservice communications. All our services use a
spring boot and keycloak spring bott 2 adapter to validate/parse token.
We found that in case if token is expired we see at least 4 error messages
about that in our logs.
This is due to that keycloak adapter provides 4 filters:
- KeycloakAuthenticatedActionsFilter
- KeycloakAuthenticationProcessingFilter
- KeycloakPreAuthActionsFilter
- KeycloakSecurityContextRequestFilter
As i understand there is only KeycloakAuthenticationProcessingFilter filter
required to initialize a security context. Can any one explain the goal for
other filtes? Are they really needed? Or it is used for special cases like
sso/login/logout and so on...
I could not find any java doc or documents on keycloak site related to it.
Thanks in advance,
Andrey.
Show replies by date