[keycloak-user] About using Spring Boot adapter
Amaeztu
amaeztu at tesicnor.com
Sun Oct 16 02:01:24 EDT 2016
So are you trying to access the rest endpoint using a browser? Try to access it using a dedicated tool like postman.
Just grab an access token from the authentication endpoint and use it in the authorization header to access it.
I originally had some problems with the browser similar to yours because of my reverse proxy filtering the cookie headers (which I think isn't your case).
Nire Sony Xperia™ telefonotik bidalita
---- java_os igorleak idatzi du ----
>Around same context, here in the pain i go through
>My rest war is spring boot which i want to protect it through keycloak
>spring security adapter with no luck. I can see that keycloak filter gets
>in first, authenticates fine bearer, but then spring sec gets in, it
>redirects internally to the root context of my rest end point and starts
>the dance getting into too many redirects. This is deployed on jboss eap
>7, goa all the adapters installed.
>Anyone here got a scenario like mine working, or are we saying spring sec
>not working under jboss eap/ undertow?
>thx
>
>> Hello there, I am using AngularJS client (fronted) and Spring Boot with
>> Keycloak adapter (backend). In the backend, I am trying to expose a
>> unprotected (naked) API for the client to use, so I would like to make
>> sure
>> that keycloak doesn't try to protect it. So I have the following questions
>> related to using Keycloak with Spring Boot:
>>
>> 1) How the Keycloak intercepts incoming HTTP requests: do incoming
>> requests
>> come the Spring Boot and at what point the Keycloak comes into the play?
>> Also, how can I make sure that certain Rest applications are left
>> unprotected? From the documentation I can see a simple way of protecting
>> certain URLs, but this brings me to my second question...
>>
>> 2) Where can I find full documentation about all the configuration
>> possibilities for the Spring Boot Adapter? If I'll have to dive into the
>> code, could some one kindly point a correct starting point and give
>> instructions how to learn to extract all of the configuration properties
>> like "security collections" etc. (see below). The traditional "web.xml" is
>> quite easy the read and understand, but it isn't one-to-one mapping with
>> "application.properties" file content. With further info it might be
>> possible to use Spring Boot's code based configuration methods too.
>>
>> Thanks in advance, best regards, Jari
>>
>> --- The current documentation ---
>>
>> You also need to specify the J2EE security config that would normally go
>> in
>> the web.xml. Here’s an example configuration:
>>
>> keycloak.securityConstraints[0].securityCollections[0].name = insecure
>> stuff
>> keycloak.securityConstraints[0].securityCollections[0].authRoles[0] =
>> admin
>> keycloak.securityConstraints[0].securityCollections[0].authRoles[0] = user
>> keycloak.securityConstraints[0].securityCollections[0].patterns[0] =
>> /insecure
>>
>> keycloak.securityConstraints[0].securityCollections[1].name = admin stuff
>> keycloak.securityConstraints[0].securityCollections[1].authRoles[0] =
>> admin
>> keycloak.securityConstraints[0].securityCollections[1].patterns[0] =
>> /admin
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
>_______________________________________________
>keycloak-user mailing list
>keycloak-user at lists.jboss.org
>https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list