Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Keycloak + Spring Security, through local login form

Tags:

java

spring-boot

spring-security

keycloak

I am trying to integrate keycloak into my spring security layer. I have achieved that, the only issue I have yet to solve is the following:

When an endpoint is hit, that requires the user to be authenticated, the site redirects to my keycloak login page. After login, the user is redirected back to the page they initially requested. What I'm trying to achieve is: I do not want my users redirecting from my app to the keycloak login page, and back again, but better yet, to login through a form on my app and "proxy" those captured details to keycloak and get the login token back.

If anyone can shed light on the above, whether it be possible or not, and if so, some direction to the solution would be smashing.

pom.xml:

<dependency>
    <groupId>org.keycloak</groupId>
    <artifactId>keycloak-spring-boot-adapter</artifactId>
    <version>2.4.0.Final</version>
</dependency>
<dependency>
    <groupId>org.keycloak</groupId>
    <artifactId>keycloak-tomcat8-adapter</artifactId>
    <version>2.4.0.Final</version>
</dependency>

application.properties:

keycloak.realm=MY_REALM
keycloak.realmKey=MY_REALM_KEY
keycloak.auth-server-url=MY_SERVER_URL
keycloak.resource=MY_RESOURCE
keycloak.ssl-required=external
keycloak.public-client=true
keycloak.use-resource-role-mappings=true

keycloak.securityConstraints[0].securityCollections[0].name=static-resources
keycloak.securityConstraints[0].securityCollections[0].patterns[0]=/css/*
keycloak.securityConstraints[0].securityCollections[0].patterns[1]=/fonts/*
keycloak.securityConstraints[0].securityCollections[0].patterns[2]=/js/*

keycloak.securityConstraints[1].securityCollections[0].name=application
keycloak.securityConstraints[1].securityCollections[0].authRoles[0]=MY_ROLE
keycloak.securityConstraints[1].securityCollections[0].patterns[0]=/api/*
like image 683
Tristan.G Avatar asked Mar 28 '17 11:03

Tristan.G

1 Answers

What you are trying to achieve contradicts the generell purpose of keycloak to keep user information separated from the application itself. Therefore there is (as fas a I know) no default/clean way to achieve this.

Instead you could consider styling the login page to fit your applications visual appearance.

like image 92
David Klassen Avatar answered Oct 08 '22 12:10

David Klassen

Sign in to Comment

Related questions

Regex replace all match with symbol with same length
Unsatisfied dependencies for type Set<Service> with qualifiers
Spring cloud config - loading additional files
A list contains at least one value from another list (Java 8)
Project Reactor - How to create a sliding window Flux from a Java 8 stream
Java sensitive data: char[] vs String? What is the point?
Concern regarding piece of code
Callable / Runnable Controller methods: What's the point?
Weblogic 12c (12.1.3) - String index out of range: 51968
Velocity with Springboot 1.5.x
Maven executable Jar throws error on start [duplicate]
Android - Jackson JSON parser returns null value in 'release' builds
How I can rewrite this classic Java-code to Java Stream API code?
Quartz status job reporting
One-to-many select in Jooq
Java IO vs NIO vs Tasks queue
spark - How to reduce the shuffle size of a JavaPairRDD<Integer, Integer[]>?
How to manage different maven setting in eclipse for different projects?
Spring Boot Preprocess JSON data
What is the purpose of a signature file (*.SF) when signing a jar file?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!