[keycloak-user] Help for using Keycloak in Spring Boot

Michal Hajas mhajas at redhat.com
Tue May 7 02:57:22 EDT 2019


Hi Ali,

as far as I understand, you have to specify securityContrains (it is also
in authz quickstart:
https://github.com/keycloak/keycloak-quickstarts/blob/latest/app-authz-springboot/src/main/resources/application.properties#L10)
so that Keycloak know about your resources. You can specify your
permissions and policies afterward.

Michal

On Tue, May 7, 2019 at 7:24 AM Sebastien Blanc <sblanc at redhat.com> wrote:

> Hi Ali,
>
> Have you tried this quickstart that shows how tu use the authz service
> from KC
> https://github.com/keycloak/keycloak-quickstarts/tree/latest/app-authz-springboot
> Also make sure you enable the policy enforcer on the app side in the
> configuration , i.e :
> keycloak.policy-enforcer-config.on-deny-redirect-to=/accessDenied
>
> sebi
>
>
> On Tue, May 7, 2019 at 7:07 AM Ali Ahmadzadeh Asl <
> ahmadzadehasl at outlook.com> wrote:
>
>>
>> Hi Michal,
>>
>> I'm configured my server exactly like this tutorial, but I'm not defined
>> any keycloak.securityConstraints in application.properties file, I want to
>> define permissions and policies in Keycloak admin panel. Does this require
>> any special setting? Do anybody have any sample or tutorial for this?
>> ________________________________
>> From: Michal Hajas <mhajas at redhat.com>
>> Sent: Monday, May 6, 2019 12:09 PM
>> To: Ali Ahmadzadeh Asl
>> Cc: keycloak-user at lists.jboss.org
>> Subject: Re: [keycloak-user] Help for using Keycloak in Spring Boot
>>
>> Hi Ali,
>>
>> it looks like you have wrongly configured Spring Boot Keycloak adapter.
>> Make sure you configured everything which is shown here (especially the
>> part with security constraints):
>> https://www.keycloak.org/docs/latest/securing_apps/index.html#_spring_boot_adapter
>>
>> Michal
>>
>> On Sat, May 4, 2019 at 2:21 PM Ali Ahmadzadeh Asl <
>> ahmadzadehasl at outlook.com<mailto:ahmadzadehasl at outlook.com>> wrote:
>> Hi
>> First of all, excuse me for poor English.
>>
>> I am trying to use Keycloak in Spring Boot 2, I read many articles about
>> this matter, such as follow link:
>>
>> https://www.keycloak.org/docs/2.5/securing_apps/topics/oidc/java/spring-boot-adapter.html
>>
>>
>> There was an issue that i can't resolve it. Resource and policy and
>> permissions defined in admin panel for client, does not any effect on my
>> server. For example I defined a resource for URL pattern /rest/* and a
>> policy for having ROLE_REST, also I defined a permission for mapping this
>> resource and policy.
>>
>> But after running the server, I can use rest services without any
>> limitation and authentication.
>> Now the question is: How can I manage Spring Boot application security
>> and permissions from Keycloak admin panel?
>>
>> Thank you
>>
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>


More information about the keycloak-user mailing list