Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Using spring security annotations with keycloak

Tags:

spring

spring-security

keycloak

pre-authentication

I'm just a beginner in Spring Security, but I would like to know is it possible to configure keycloak in a way that I can use @PreAuthorize, @PostAuthorize, @Secured and other annotations. For example, I've configured the keycloak-spring-security-adapter and Spring Security in my simple Spring Rest webapp so that I have access to Principal object in my controller, like this:

@RestController
public class TMSRestController {

     @RequestMapping("/greeting")
     public Greeting greeting(Principal principal, @RequestParam(value="name") String name) {
        return new Greeting(String.format(template, name));
     }
...
}

But when I try this (just an example, actually I want to execute custom EL expression before authorization):

@RestController
public class TMSRestController {

    @RequestMapping("/greeting")
    @PreAuthorize("hasRole('ADMIN')")
    public Greeting greeting(Principal principal, @RequestParam(value="name") String name) {
        return new Greeting(String.format(template, name));
    }
...
}

I get exception:

org.springframework.security.authentication.AuthenticationCredentialsNotFoundException: An Authentication object was not found in the SecurityContext

In my spring security config I enabled global method security:

What do I need to make this spring security annotations work? Is it possible to use this annotation in this context at all?

like image 985
Andrey Sarul Avatar asked Dec 31 '15 22:12

Andrey Sarul

2 Answers

You still have to configure Spring Security using Keycloak. Take a look at the adapter documentation for an annotation based configuration. Once that's set up your Spring Security annotations will work on authorized calls.

like image 192
Scott Avatar answered Nov 01 '22 20:11

Scott

here is example code:

@EnableWebSecurity
@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true,
                        securedEnabled = true,
                        jsr250Enabled = true)
@ComponentScan(basePackageClasses = KeycloakSecurityComponents.class)
public class WebSecurityConfig extends KeycloakWebSecurityConfigurerAdapter {
 }

and 

@PreAuthorize("hasRole('ROLE_ADMIN')")

Apart from this code. you need to do the role mapping for realm roles and client(application roles). the application roles will be put in @PreAuthorize

like image 22
Rahul Baghaniya Avatar answered Nov 01 '22 21:11

Rahul Baghaniya
Sign in to Comment

Related questions

How to configure spring HandlerExceptionResolver to handle NullPointerException thrown in jsp?
Setup and Tear Down of Complex Database State With Hibernate / Spring / JUnit
spring + SQLite in multi-threaded application
MySQL UTF8 with Hibernate 3 and Spring
Timing out the execution time of a controller/method in Spring
Spring AOP: Annotation on any method called x not working
Why form submit opens new window/tab?
(Spring + JSP + jQuery-AJAX + JSON ) setting environment for UTF-8 issue?
How to create a Path bean
Multiple keyspace support for spring-data-cassandra repositories?
Spring: nested exception is java.lang.NoClassDefFoundError: org/aopalliance/aop/Advice
Spring JUnit Test not loading full Application Context
Spring Boot and Spring Data application with multiple DataSources created in runtime
Spring boot with authentication - login page not found (404)
How to make simple property validation when using Spring @Value
how can i load jpa properties to datasource in Spring?
How to use Spring MVC @JsonView when returning an object hierarchy from a Rest Controller
How does spring autowire generic converters?
What's the best way to convert pojo to JSON in Spring
How to make multiple REST requests transactional/atomic?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!