我使用的是Spring Security KeyCloak适配器
我已成功配置它,因此行为如下:
那么,我怎样才能实现(2)行为?
这是Spring Security配置:
@Configuration
@EnableWebSecurity
@ComponentScan(basePackageClasses = KeycloakSecurityComponents.class)
public class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter {
/**
* Registers the KeycloakAuthenticationProvider with the authentication manager.
*/
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(keycloakAuthenticationProvider());
}
@Override
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl());
}
@Bean
public FilterRegistrationBean keycloakAuthenticationProcessingFilterRegistrationBean(
KeycloakAuthenticationProcessingFilter filter) {
FilterRegistrationBean registrationBean = new FilterRegistrationBean(filter);
registrationBean.setEnabled(false);
return registrationBean;
}
@Bean
public FilterRegistrationBean keycloakPreAuthActionsFilterRegistrationBean(
KeycloakPreAuthActionsFilter filter) {
FilterRegistrationBean registrationBean = new FilterRegistrationBean(filter);
registrationBean.setEnabled(false);
return registrationBean;
}
@Override
protected KeycloakLogoutHandler keycloakLogoutHandler() throws Exception {
return super.keycloakLogoutHandler();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
super.configure(http);
http
.logout().logoutUrl("/logout").addLogoutHandler(keycloakLogoutHandler())
.and()
.authorizeRequests()
.anyRequest().authenticated();
}
}
答案 0 :(得分:1)
这样的事情可以解决问题:
http
.authorizeRequests()
.antMatchers("/xyz*").hasRole("user") //replace with your role
.anyRequest().permitAll();
答案 1 :(得分:0)
我有同样的问题。 http://localhost:8080/myapp 不会重定向,但是 http://localhost:8080/myapp/index.html 可以。你能找到解决方案吗?
答案 2 :(得分:0)
在autorizeRequests修复程序之前添加此'.antMatcher(“ * / **”)....“会重定向我的问题。 SbringBoot 2.0.2,SpringSecurity 5.0.5和keycloak-spring-boot-2-starter 4.0.0.Beta2
.antMatcher("*/**")
.authorizeRequests()
答案 3 :(得分:0)
仅需更改logoutSuccessUrl(默认值为/ with allowAll)
例如 .and()。logout()。logoutSuccessUrl(“ / loggedout”);