当我的 Keycloak-Auth-Server 关闭时(我知道它不应该关闭,但我无法控制这个实例)发送到我的 spring-api 的每个请求都会返回 401 Unauthorized。 相反,我想返回一个 500 - 内部服务器错误,以便在前端更好地处理错误。
我很确定这个问题可以在 SecurityConfig 中解决,但我还没有在文档中找到任何东西
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
@ComponentScan(basePackageClasses = KeycloakSecurityComponents.class)
public class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter \{
@Override protected void configure(HttpSecurity http) throws Exception {
super.configure(http);
http.cors()
.and()
.csrf().disable().sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and().authorizeRequests()
.anyRequest().authenticated();
}
@Override protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
/**Returning NullAuthenticatedSessionStrategy means
*app will not remember session
*/
return new NullAuthenticatedSessionStrategy();
}
@Autowired public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
KeycloakAuthenticationProvider keycloakAuthenticationProvider = keycloakAuthenticationProvider();
keycloakAuthenticationProvider.setGrantedAuthoritiesMapper(new SimpleAuthorityMapper());
auth.authenticationProvider(keycloakAuthenticationProvider);
}
@Bean public FilterRegistrationBean<?> keycloakAuthenticationProcessingFilterRegistrationBean(
KeycloakAuthenticationProcessingFilter filter) {
FilterRegistrationBean<?> registrationBean = new FilterRegistrationBean<>(filter);
registrationBean.setEnabled(false);
return registrationBean;
}
@Bean public FilterRegistrationBean<?> keycloakPreAuthActionsFilterRegistrationBean(
KeycloakPreAuthActionsFilter filter) {
FilterRegistrationBean<?> registrationBean = new FilterRegistrationBean<>(filter);
registrationBean.setEnabled(false);
return registrationBean;
}
@Bean public FilterRegistrationBean<?> keycloakAuthenticatedActionsFilterBean(
KeycloakAuthenticatedActionsFilter filter) {
FilterRegistrationBean<?> registrationBean = new FilterRegistrationBean<>(filter);
registrationBean.setEnabled(false);
return registrationBean;
}
@Bean public FilterRegistrationBean<?> keycloakSecurityContextRequestFilterBean(
KeycloakSecurityContextRequestFilter filter) {
FilterRegistrationBean<?> registrationBean = new FilterRegistrationBean<>(filter);
registrationBean.setEnabled(false);
return registrationBean;
}
@Bean @Override @ConditionalOnMissingBean(HttpSessionManager.class) protected HttpSessionManager httpSessionManager() {
return new HttpSessionManager();
}
}