[keycloak-user] keycloak-spring-security-adapter : KeycloakAuthenticationProcessingFilter doesn’t skip user authentication if it's already authenticated

[Pharande Rahul]

Hi,

While evaluating keycloak spring security adapter for one of my requirement (as below) I realized KeycloakAuthenticationProcessingFilter doesn’t skip
authentication if user is already authenticated in other/prev filters.

Requirement I’ve –

·         Service-to-service authentication.

·         Support  multiple authentication schemes in fallback

o   OAuth (Using keycloak)

o   Basic (Application maintains username/password)


Problems I see –

·         KeycloakAuthenticationProcessingFilter doesn’t have mechanism to skip authentication if user already authenticated. Like –
protected boolean requiresAuthentication(HttpServletRequest request,
                HttpServletResponse response) {
            Authentication existingAuth = SecurityContextHolder.getContext()
                    .getAuthentication();
            if (existingAuth == null || !existingAuth.isAuthenticated()) {
                return true;
            }
            return false;
        }

Please suggest me If there is any configuration in keycloak to support it?

Thanks,
Rahul Pharande