Question

我有一个Keycloak服务器和我的Web应用程序。当我尝试登录该应用程序时，Keycloak始终会返回403-禁止访问。

这是我在Web项目中的配置，

application.properties

server.port = 38080
keycloak.realm=FocusocKeycloak
keycloak.auth-server-url=http://localhost:8080/auth
keycloak.ssl-required=external
keycloak.resource=login-provider-web
keycloak.public-client=false
keycloak.credentials.secret=XXXX
keycloak.securityConstraints[0].authRoles[0] = USER
keycloak.securityConstraints[0].securityCollections[0].patterns[0] = /*

# Turn off the logs
logging.level.root=OFF
logging.level.org.springframework.boot=OFF
spring.main.banner-mode=OFF

keycloak.json

{
  "realm": "FocusocKeycloak",
  "auth-server-url": "http://127.0.0.1:8080/auth",
  "ssl-required": "external",
  "resource": "login-app",
  "verify-token-audience": true,
  "credentials": {
    "secret": "XXXX"
  },
  "use-resource-role-mappings": true,
  "confidential-port": 0
}

这是客户端的配置，

我只注册了ROLE_USER角色。

Answer 1

解决了！ config类中的configure方法有点错误，我没有更改

...
@Override
    protected void configure(HttpSecurity http) throws Exception {
        super.configure(http);
        http.logout().logoutSuccessUrl("/home")
                .and()
                .authorizeRequests()
                .antMatchers("/**").hasAuthority("user");
    }
...

而且必须是

...
@Override
    protected void configure(HttpSecurity http) throws Exception {
        super.configure(http);
        http.logout().logoutSuccessUrl("/home")
                .and()
                .authorizeRequests()
                .antMatchers("/**").hasAuthority("ROLE_USER");
    }
...

现在没有出现错误403，但现在/ home页面没有显示。

登录后Keycloak返回403

1 个答案: