[keycloak-user] Help for using Keycloak in Spring Boot

Sebastien Blanc sblanc at redhat.com
Tue May 7 01:24:28 EDT 2019


Hi Ali,

Have you tried this quickstart that shows how tu use the authz service from
KC
https://github.com/keycloak/keycloak-quickstarts/tree/latest/app-authz-springboot
Also make sure you enable the policy enforcer on the app side in the
configuration , i.e :
keycloak.policy-enforcer-config.on-deny-redirect-to=/accessDenied

sebi


On Tue, May 7, 2019 at 7:07 AM Ali Ahmadzadeh Asl <ahmadzadehasl at outlook.com>
wrote:

>
> Hi Michal,
>
> I'm configured my server exactly like this tutorial, but I'm not defined
> any keycloak.securityConstraints in application.properties file, I want to
> define permissions and policies in Keycloak admin panel. Does this require
> any special setting? Do anybody have any sample or tutorial for this?
> ________________________________
> From: Michal Hajas <mhajas at redhat.com>
> Sent: Monday, May 6, 2019 12:09 PM
> To: Ali Ahmadzadeh Asl
> Cc: keycloak-user at lists.jboss.org
> Subject: Re: [keycloak-user] Help for using Keycloak in Spring Boot
>
> Hi Ali,
>
> it looks like you have wrongly configured Spring Boot Keycloak adapter.
> Make sure you configured everything which is shown here (especially the
> part with security constraints):
> https://www.keycloak.org/docs/latest/securing_apps/index.html#_spring_boot_adapter
>
> Michal
>
> On Sat, May 4, 2019 at 2:21 PM Ali Ahmadzadeh Asl <
> ahmadzadehasl at outlook.com<mailto:ahmadzadehasl at outlook.com>> wrote:
> Hi
> First of all, excuse me for poor English.
>
> I am trying to use Keycloak in Spring Boot 2, I read many articles about
> this matter, such as follow link:
>
> https://www.keycloak.org/docs/2.5/securing_apps/topics/oidc/java/spring-boot-adapter.html
>
>
> There was an issue that i can't resolve it. Resource and policy and
> permissions defined in admin panel for client, does not any effect on my
> server. For example I defined a resource for URL pattern /rest/* and a
> policy for having ROLE_REST, also I defined a permission for mapping this
> resource and policy.
>
> But after running the server, I can use rest services without any
> limitation and authentication.
> Now the question is: How can I manage Spring Boot application security and
> permissions from Keycloak admin panel?
>
> Thank you
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>
> https://lists.jboss.org/mailman/listinfo/keycloak-user
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>


More information about the keycloak-user mailing list