3

I'm developing spring boot application (v 2.1.0) with keycloak to secure app (v 4.5.0). I already configured keycloak security in gradle and application.properties. However keycloak returns unauthorized (401 Error) even for urls which are not added to security constraints.

Gradle and application.properties file are provided following Gradle

    buildscript {
    ext.kotlin_version = '1.3.11' // Required for Kotlin integration
    ext.spring_boot_version = '2.1.0.RELEASE'
    ext.keycloak_version = '4.5.0.Final'
    repositories {
        jcenter()
    }
    dependencies {
        classpath "org.jetbrains.kotlin:kotlin-gradle-plugin:$kotlin_version" // Required for Kotlin integration
        classpath "org.jetbrains.kotlin:kotlin-allopen:$kotlin_version" // See https://kotlinlang.org/docs/reference/compiler-plugins.html#spring-support
        classpath "org.springframework.boot:spring-boot-gradle-plugin:$spring_boot_version"
    }
}

apply plugin: 'kotlin' // Required for Kotlin integration
apply plugin: "kotlin-spring" // https://kotlinlang.org/docs/reference/compiler-plugins.html#spring-support
apply plugin: 'org.springframework.boot'
apply plugin: 'io.spring.dependency-management'

jar {
    baseName = 'gs-rest-service'
    version = '0.1.0'
}

repositories {
    jcenter()
}
dependencies {
    compile('org.springframework.boot:spring-boot-starter-data-jpa')
    compile('org.springframework.boot:spring-boot-starter-data-rest')
    compile group: 'org.hibernate', name: 'hibernate-envers', version: '5.1.0.Final'

    compile "org.jetbrains.kotlin:kotlin-stdlib:$kotlin_version" // Required for Kotlin integration
    compile("org.jetbrains.kotlin:kotlin-reflect")
    compile "org.springframework.boot:spring-boot-starter-web"
//    compile 'org.springframework.boot:spring-boot-starter-security'

    //KeyCloak
    compile group: 'org.keycloak', name: 'keycloak-spring-boot-starter', version: '4.7.0.Final'
    compile group: 'org.keycloak', name: 'keycloak-spring-boot-adapter', version: '4.7.0.Final'

    compile "org.keycloak:keycloak-admin-client:$keycloak_version"

    //RestEasy
// https://mvnrepository.com/artifact/org.jboss.resteasy/resteasy-client
    compile group: 'org.jboss.resteasy', name: 'resteasy-client', version: '3.6.2.Final'
// https://mvnrepository.com/artifact/org.jboss.resteasy/resteasy-jaxrs
    compile group: 'org.jboss.resteasy', name: 'resteasy-jaxrs', version: '3.6.2.Final'
// https://mvnrepository.com/artifact/org.jboss.resteasy/resteasy-jackson2-provider
    compile group: 'org.jboss.resteasy', name: 'resteasy-jackson2-provider', version: '3.6.2.Final'

//    //Oauth2
//    // https://mvnrepository.com/artifact/org.springframework.security.oauth/spring-security-oauth2
//    compile group: 'org.springframework.security.oauth', name: 'spring-security-oauth2', version: '2.3.4.RELEASE'

    // https://mvnrepository.com/artifact/org.springframework/spring-jdbc
    compile group: 'org.springframework', name: 'spring-jdbc', version: '5.1.0.RELEASE'

    // https://mvnrepository.com/artifact/org.postgresql/postgresql
    compile group: 'org.postgresql', name: 'postgresql', version: '9.3-1100-jdbc41'

    compile group: 'org.postgresql', name: 'postgresql', version: '42.2.5'
    testCompile('org.springframework.boot:spring-boot-starter-test')

}

Application.properties

#Server
server.port = 8090
# Database
spring.jpa.database=postgresql
#spring.datasource.platform
spring.jpa.show-sql=false
spring.datasource.driver-class-name=org.postgresql.Driver
spring.datasource.url=jdbc:postgresql://localhost:5432/dbname
spring.datasource.username=postgres
spring.datasource.password=123
spring.jpa.generate-ddl=true
spring.jpa.hibernate.ddl-auto=update



# new
keycloak.realm = realm
keycloak.auth-server-url = http://localhost:8080/auth
keycloak.ssl-required = external
keycloak.resource = client_id
keycloak.credentials.secret = client_secret
keycloak.realm-key=public_key


keycloak.security-constraints[0].auth-roles[0]=USER
keycloak.security-constraints[0].security-collections[0].patterns[0]=/user/*
keycloak.security-constraints[0].security-collections[0].patterns[1]=/createStudent

keycloak.security-constraints[0].auth-roles[1]=admin
keycloak.security-constraints[0].security-collections[1].patterns[0]=/createStudent2
keycloak.security-constraints[0].security-collections[1].patterns[1]=/createRole
keycloak.security-constraints[0].security-collections[1].patterns[2]=/roles
keycloak.security-constraints[0].security-collections[1].patterns[3]=/assignRole
keycloak.security-constraints[0].security-collections[1].patterns[4]=/users

I want login and main page of the app to be public /login and /home Thanks in advance!

Ikromjon Mirzayev
  • 133
  • 1
  • 10

0 Answers0