[keycloak-user] Spring boot + keycloak
Sebastien Blanc
sblanc at redhat.com
Mon Dec 12 04:54:53 EST 2016
Hi,
Did you also added the SpringBoot Keycloak Adapter ? In this case it will
look for the configuration in application.properties but on the other side
the Spring Security won't work, so you have 2 options :
- Remove the SpringBoot adapter
- Or tell the SpringSecurity it has to use the SpringBoot Config resolver.
Add this in your SecurityConfig class :
@Bean
public KeycloakConfigResolver KeycloakConfigResolver(){
return new KeycloakSpringBootConfigResolver();
}
FYI We have a ticket to make this integration seamless
https://issues.jboss.org/browse/KEYCLOAK-4054?filter=12329075
On Mon, Dec 12, 2016 at 10:46 AM, Ondra Pala <pala.ondra at gmail.com> wrote:
> Hello We use this example: https://github.com/foo4u/keycloak-spring-demo
> (for Spring boot and Keycloak)
>
> I have keycloak.json(realm in this file exists) file in my WEB-INF folder,
> but when I run my application, I get exception:
>
> java.lang.RuntimeException: Must set 'realm' in config
>
> Full stack of this exception:
>
> java.lang.RuntimeException: Must set 'realm' in config
> at
> org.keycloak.adapters.KeycloakDeploymentBuilder.internalBuild(
> KeycloakDeploymentBuilder.java:53)
>
> ~[keycloak-adapter-core-2.4.0.Final.jar:2.4.0.Final]
> at
> org.keycloak.adapters.KeycloakDeploymentBuilder.build(
> KeycloakDeploymentBuilder.java:152)
>
> ~[keycloak-adapter-core-2.4.0.Final.jar:2.4.0.Final]
> at
> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(
> KeycloakSpringBootConfigResolver.java:37)
>
> ~[keycloak-spring-boot-adapter-2.4.0.Final.jar:2.4.0.Final]
> at
> org.keycloak.adapters.AdapterDeploymentContext.resolveDeployment(
> AdapterDeploymentContext.java:88)
>
> ~[keycloak-adapter-core-2.4.0.Final.jar:2.4.0.Final]
> at
> org.keycloak.adapters.PreAuthActionsHandler.preflightCors(
> PreAuthActionsHandler.java:107)
>
> ~[keycloak-adapter-core-2.4.0.Final.jar:2.4.0.Final]
> at
> org.keycloak.adapters.PreAuthActionsHandler.handleRequest(
> PreAuthActionsHandler.java:79)
>
> ~[keycloak-adapter-core-2.4.0.Final.jar:2.4.0.Final]
> at
> org.keycloak.adapters.tomcat.AbstractKeycloakAuthenticatorValve.invoke(
> AbstractKeycloakAuthenticatorValve.java:183)
>
> ~[keycloak-tomcat-core-adapter-2.4.0.Final.jar:2.4.0.Final]
> at
> org.apache.catalina.core.StandardHostValve.invoke(
> StandardHostValve.java:140)
>
> ~[tomcat-embed-core-8.5.5.jar:8.5.5]
> at
> org.apache.catalina.valves.ErrorReportValve.invoke(
> ErrorReportValve.java:79)
>
> [tomcat-embed-core-8.5.5.jar:8.5.5]
> at
> org.apache.catalina.core.StandardEngineValve.invoke(
> StandardEngineValve.java:87)
>
> [tomcat-embed-core-8.5.5.jar:8.5.5]
> at
> org.apache.catalina.connector.CoyoteAdapter.service(
> CoyoteAdapter.java:349)
> [tomcat-embed-core-8.5.5.jar:8.5.5]
> at
> org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:784)
> [tomcat-embed-core-8.5.5.jar:8.5.5]
> at
> org.apache.coyote.AbstractProcessorLight.process(
> AbstractProcessorLight.java:66)
>
> [tomcat-embed-core-8.5.5.jar:8.5.5]
> at
> org.apache.coyote.AbstractProtocol$ConnectionHandler.process(
> AbstractProtocol.java:802)
>
> [tomcat-embed-core-8.5.5.jar:8.5.5]
> at
> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.
> doRun(NioEndpoint.java:1410)
>
> [tomcat-embed-core-8.5.5.jar:8.5.5]
> at
> org.apache.tomcat.util.net.SocketProcessorBase.run(
> SocketProcessorBase.java:49)
>
> [tomcat-embed-core-8.5.5.jar:8.5.5]
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(
> ThreadPoolExecutor.java:1142)
>
> [na:1.8.0_101]
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(
> ThreadPoolExecutor.java:617)
>
> [na:1.8.0_101]
> at
> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(
> TaskThread.java:61)
>
> [tomcat-embed-core-8.5.5.jar:8.5.5]
> at java.lang.Thread.run(Thread.java:745) [na:1.8.0_101]
>
> Our configuration of security looks like:
>
> /**
> * Application security configuration.
> *
> *
> * @author Scott Rossillo
> */
> @Configuration
> @EnableWebSecurity
> @ComponentScan(basePackageClasses = KeycloakSecurityComponents.class)
> public class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter
> {
>
> @Autowired
> public void configureGlobal(AuthenticationManagerBuilder auth)
> throws Exception {
> auth
> .authenticationProvider(keycloakAuthenticationProvider());
> }
>
> @Autowired
> public KeycloakClientRequestFactory keycloakClientRequestFactory;
>
> @Bean
> public CacheControlHandlerInterceptor
> cacheControlHandlerInterceptor() {
> return new CacheControlHandlerInterceptor();
> }
>
>
> @Bean
> public FilterRegistrationBean
> keycloakAuthenticationProcessingFilterRegistrationBean(
> KeycloakAuthenticationProcessingFilter filter) {
> FilterRegistrationBean registrationBean = new
> FilterRegistrationBean(filter);
> registrationBean.setEnabled(false);
> return registrationBean;
> }
>
> @Bean
> public FilterRegistrationBean
> keycloakPreAuthActionsFilterRegistrationBean(
> KeycloakPreAuthActionsFilter filter) {
> FilterRegistrationBean registrationBean = new
> FilterRegistrationBean(filter);
> registrationBean.setEnabled(false);
> return registrationBean;
> }
>
>
> @Bean
> @Scope(ConfigurableBeanFactory.SCOPE_PROTOTYPE)
> public KeycloakRestTemplate keycloakRestTemplate() {
> return new KeycloakRestTemplate(keycloakClientRequestFactory);
> }
>
> @Bean
> @Override
> protected SessionAuthenticationStrategy
> sessionAuthenticationStrategy() {
> return new RegisterSessionAuthenticationStrategy(new
> SessionRegistryImpl());
> }
>
> @Override
> protected void configure(HttpSecurity http) throws Exception
> {
> System.out.println("config");
> super.configure(http);
> http
> .authorizeRequests()
> .antMatchers("/*").denyAll();
> }
>
> }
>
>
> Can you please tell me, where it could by mistake.
>
> Thanks for your answer and time.
>
> Ondrej Pala
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
More information about the keycloak-user
mailing list