我的应用程序已登录表单,现在我想使用Keycloak集成我的freeIPA帐户。
我有2 WebSecurityConfigurerAdapter以下
SecurityConfiguration.java
@Configuration
@EnableWebSecurity
@Order(1)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
private final AccountDetailsService accountDetailsService;
private static final String[] IGNORED_RESOURCE_LIST = new String[]{
"/resources/**",
"/static/**",
"/webjars/**",
"/plugins/**",
"/imgs/**",
"/fonts/**",
"/vendors/**",
"/flags/**",
"/js/**",
"/sso/login",
"/css/**"};
private static final String[] PERMIT_ALL_RESOURCE_LIST = new String[]{
"/actuator/health/**",
"/login/**",
"/json/**",
"/auth/**",
"/error/**"};
@Autowired
public SecurityConfiguration(AccountDetailsService accountDetailsService) {
this.accountDetailsService = accountDetailsService;
}
@Override
public void configure(WebSecurity web) {
web.ignoring().antMatchers(IGNORED_RESOURCE_LIST);
}
@Override
protected void configure(AuthenticationManagerBuilder auth) {
auth.authenticationProvider(authenticationProvider());
}
@Bean
public DaoAuthenticationProvider authenticationProvider() {
DaoAuthenticationProvider authProvider
= new DaoAuthenticationProvider();
authProvider.setUserDetailsService(accountDetailsService);
authProvider.setPasswordEncoder(encoder());
return authProvider;
}
@Bean
public PasswordEncoder encoder() {
return new BCryptPasswordEncoder();
}
@Bean
public SessionRegistry sessionRegistry() {
return new SessionRegistryImpl();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
http.authorizeRequests()
.antMatchers(PERMIT_ALL_RESOURCE_LIST).permitAll()
.anyRequest().authenticated()
.and().formLogin().loginPage("/auth/login").failureUrl("/auth/login?message=error").permitAll()
.and().logout().permitAll();
http.sessionManagement().maximumSessions(1).sessionRegistry(sessionRegistry()).expiredUrl("/auth/login");
}
}
和KeycloakSecurityConfig.java
@Configuration
@EnableWebSecurity
@ComponentScan(basePackageClasses = KeycloakSecurityComponents.class)
@Order(2)
public class KeycloakSecurityConfig extends KeycloakWebSecurityConfigurerAdapter {
@Autowired
public void configureGlobal(
AuthenticationManagerBuilder auth) throws Exception {
KeycloakAuthenticationProvider keycloakAuthenticationProvider
= keycloakAuthenticationProvider();
keycloakAuthenticationProvider.setGrantedAuthoritiesMapper(
new SimpleAuthorityMapper());
auth.authenticationProvider(keycloakAuthenticationProvider);
}
@Bean
public KeycloakSpringBootConfigResolver KeycloakConfigResolver() {
return new KeycloakSpringBootConfigResolver();
}
@Bean
@Override
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
return new RegisterSessionAuthenticationStrategy(
new SessionRegistryImpl());
}
@Bean
public SessionRegistry sessionRegistry() {
return new SessionRegistryImpl();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
super.configure(http);
http.authorizeRequests().anyRequest().authenticated();
}
}
从登录页面我有一个按钮登录Keycloak。它使用url /sso/login重定向到Keycloak登录页面,但登录后我被重定向回应用程序登录页面。
任何人都可以在这种情况下让我高兴。如何在我的应用程序中实现表单登录和SSO登录?
提前致谢。任何帮助将不胜感激。