[keycloak-user] Spring Security annotation problem
Andrey Saroul
andrey.saroul at gmail.com
Thu Dec 31 17:07:26 EST 2015
Hello! I'm just a begginer in Spring Security, but I would like to know is
it possible to configure keycloak in a way that I can use @PreAuthorize,
@PostAuthorize, @Secured and other annotations.
For example, I've configured the keycloak-spring-security-adapter and
Spring Security in my simple Spring Rest webapp so that I have access to
Principal object in my controller, like this:
@RestController
public class TMSRestController {
@RequestMapping("/greeting")
public Greeting greeting(Principal principal,
@RequestParam(value="name") String name) {
return new Greeting(String.format(template, name));
}
...
}
But when I try this (just an example, actually I want to execute custom EL
expression before authorization):
@RestController
public class TMSRestController {
@RequestMapping("/greeting")
@PreAuthorize("hasRole('ADMIN')")
public Greeting greeting(Principal principal,
@RequestParam(value="name") String name) {
return new Greeting(String.format(template, name));
}
...
}
... I get
exception: org.springframework.security.authentication.AuthenticationCredentialsNotFoundException:
An Authentication object was not found in the SecurityContext
What do I need to make this spring security annotations work?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160101/62f069a7/attachment.html
More information about the keycloak-user
mailing list