那些遇到过的问题

小编HaV*_*nTe的帖子

如何将Spring Security RemoteTokenService与Keycloak一起使用

我设置了一个Keycloak服务器.配置领域和客户端等.我成功地编写了一个带有"org.keycloak:keycloak-spring-boot-starter"的Spring Boot服务并保护了我的RestController.奇迹般有效.

但是当我尝试使用Spring Security(没有keycloak特定的依赖项)时,我陷入困境.

这是我的傻瓜:

dependencies {
compile('org.springframework.boot:spring-boot-starter-security')
compile('org.springframework.security.oauth:spring-security-oauth2')

compile('org.springframework.boot:spring-boot-starter-web')
compileOnly('org.projectlombok:lombok')
testCompile('org.springframework.boot:spring-boot-starter-test')
testCompile('org.springframework.security:spring-security-test')
Run Code Online (Sandbox Code Playgroud)

}

这是我的SecurityConfig:

@Configuration
@EnableResourceServer
public class ResourceServerConfiguration extends 
ResourceServerConfigurerAdapter {

@Override
public void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests()
        .antMatchers("/person/**").hasRole("DEMO_SPRING_SECURITY")
        .anyRequest().authenticated()
        .and().formLogin().disable();
}

@Override
public void configure(ResourceServerSecurityConfigurer resources) throws Exception {

    resources.resourceId("demo-client");
    RemoteTokenServices tokenServices = new RemoteTokenServices();
    tokenServices.setCheckTokenEndpointUrl(
        "http://localhost:8280/auth/realms/demo-realm/protocol/openid-connect/token/introspect");
    tokenServices.setClientId("demo-client");
    tokenServices.setClientSecret("80e19056-7770-4a4a-a3c4-06d8ac8792ef");
    resources.tokenServices(tokenServices);
}
}
Run Code Online (Sandbox Code Playgroud)

现在我尝试访问服务器:

  1. 获取访问令牌(通过REST客户端)解码的JWT如下所示:
{
"jti": "78c00562-d80a-4f5a-ab08-61ed10cb575c",
"exp": 1509603570,
"nbf": 0,
"iat": 1509603270,
"iss": "http://localhost:8280/auth/realms/demo-realm",
"aud": "demo-client",
"sub": "6ee90ba4-2854-49c1-9776-9aa95b6ae598",
"typ": "Bearer",
"azp": "demo-client",
"auth_time": 0, …
Run Code Online (Sandbox Code Playgroud)

spring-security keycloak

HaV*_*nTe
lucky-day
5
推荐指数
2
解决办法
1911
查看次数

如何使用 KeycloakRestTemplate

我想实现一个简单的 Spring Boot 客户端应用程序。哪个应该访问 OAauth2 安全服务。某种代理。这个“代理服务”不应该受到保护。

我想KeycloakRestTemplate用于远程 REST 调用。

按照文档:http : //www.keycloak.org/docs/latest/securing_apps/index.html#_spring_boot_adapter

到目前为止,我包含了以下依赖项:

dependencyManagement {
  imports {
    mavenBom "org.keycloak.bom:keycloak-adapter-bom:3.4.0-FINAL"
  }
}

dependencies {
  compile('org.springframework.boot:spring-boot-starter')
  compile('org.springframework.boot:spring-boot-starter-web')
  compile('org.springframework.boot:spring-boot-starter-security')
  compile('org.keycloak:keycloak-spring-boot-starter')
  compile('org.keycloak:keycloak-spring-security-adapter')
}
Run Code Online (Sandbox Code Playgroud)

我添加了一个配置类:

@KeycloakConfiguration
public class KeycloakWebSecurityContextConfig extends 
KeycloakWebSecurityConfigurerAdapter {

@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
    auth.authenticationProvider(keycloakAuthenticationProvider());
}

/**
 * Defines the session authentication strategy.
 */
@Bean
@Override
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
    return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl());
}

@Bean
public KeycloakConfigResolver KeycloakConfigResolver() {
    return new KeycloakSpringBootConfigResolver();
}

@Autowired
public …
Run Code Online (Sandbox Code Playgroud)

spring-boot keycloak

HaV*_*nTe
lucky-day
0
推荐指数
1
解决办法
9919
查看次数

标签 统计

keycloak ×2

spring-boot ×1

spring-security ×1