Easily Secure your Spring Boot Apps with Keycloak
Home Page: https://developers.redhat.com/blog/?p=432287
This is the support repository for :
The full instructions to setup the Keycloak Server can be found in the Blog Post.
To start the app from the command line :
mvn clean spring-boot:run
If you don't want to create and configure the initial Keycloak Realm manually, you can just import it through the Keycloak Web Console. Import the springdemo.json which is located at the root of this repo.
This is on the Master branch
This is on the Spring Security branch
TODO
Hi,
you have create an app, which does not have any tests.
Please show what aproach do you use for tests.
The spring security code is left on feature branch.
Looking at ProductAppApplication.java, in the tutorial,
@GetMapping(path = "/products")
public String getProducts(Principal principal, Model model){
model.addAttribute("principal",principal);
model.addAttribute("products", productService.getProducts());
return "products";
}
whereas in GitHub
@GetMapping(path = "/products")
public String getProducts(Model model){
model.addAttribute("products", Arrays.asList("iPad","iPhone","iPod"));
return "products";
}
So GitHub has not been updated?
When I logged into the client app using the created user account with correct credentials KeyCloak allows me to log in, but application directs me into the access forbidden 403 page. stackoverflow.com/questions/44739006/spring-boot-keycloak-directed-to-403-forbidden I thnk there is an issue with Spring Boot project as KeyCloak
I am new to Keycloak, I am using the official tutorial project on https://github.com/sebastienblanc/spring-boot-keycloak-tutorial
for integrating with Spring Boot application, I have setup the KeyCloak server successfully and the spring boot application also directing to the client application I have created on the Realm I have created on KeyCloak, after providing the correct credentials it directs to the forbidden page.
@Controller
class ProductController {
@GetMapping(path = "/products")
public String getProducts(Model model){
model.addAttribute("products", Arrays.asList("iPad","iPhone","iPod"));
return "products";
}
@GetMapping(path = "/logout")
public String logout(HttpServletRequest request) throws ServletException {
request.logout();
return "/";
}
}
Application.properties file
keycloak.auth-server-url=http://localhost:8080/auth
keycloak.realm=springdemo
keycloak.resource=product-app
keycloak.public-client=true
keycloak.security-constraints[0].authRoles[0]=testuser
keycloak.security-
constraints[0].securityCollections[0].patterns[0]=/products/*
server.port=8081
I am not getting any error message from KeyCloak console or spring embedded tomcat console.
Check the tomcat console here - no error enter image description here
Thank you.
i wan't to use #oauth2.hasScope but not working, if u know pls help me. thanks
this is my issue detail
https://stackoverflow.com/questions/64550346/oauth2-hasscope-in-spring-boot-keycloak
Hello,
Thanks a lot for the great tutorial on keycloak.
Could you help me a little more?
I have a REST API implemented in Spring Boot and a Desktop app that makes HTTP calls to this api.
My question is: how can my application log in to my api using keycloak?
Thank you very much.
Logout API didn't work
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.