Spring Boot 整合 Keycloak
Spring Boot Keycloak About 1,355 words注意
如果Keycloak
是以Docker
方式启动,注意容器时区问题,创建容器时需指定,否则可能出现403
错误。
-v /etc/localtime:/etc/localtime:ro
Keycloak Clients 配置
Valid Redirect URIs
:*
Web Origins
:*
Maven 依赖
<dependencies>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-spring-boot-starter</artifactId>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.keycloak.bom</groupId>
<artifactId>keycloak-adapter-bom</artifactId>
<version>18.0.0</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
Spring Boot 配置
/hello
为不需要权限即可访问(白名单,不设置auth-roles
)。
/*
路径下所有roles
(配置了auth-roles="*"
)都需要验证。
keycloak:
enabled: true
public-client: true
auth-server-url: http://localhost:8080
realm: myrealm
resource: myclient
security-constraints:
- security-collections:
- patterns:
- /*
auth-roles:
- "*"
- security-collections:
- patterns:
- /hello
流程
请求非/hello
接口后会跳转到Keycloak
中定义的登录页面,正确输入Keycloak
中配置的User
即可跳转到请求接口。
参考
https://www.keycloak.org/docs/latest/securing_apps/#java-adapters
Views: 1,614 · Posted: 2022-09-28
————        END        ————
Give me a Star, Thanks:)
https://github.com/fendoudebb/LiteNote扫描下方二维码关注公众号和小程序↓↓↓
Loading...