问题:
如何从Keyclope安全的Spring Boot应用程序中获取主体
秦时铭
我正在尝试修改我在网上多个地方找到的KeyClope和Spring Boot教程中的代码(代码看起来已经被复制)。在任何情况下,尽管keybeapt保护正确的url,Spring Security性也很方便,但在尝试检索主体时,它返回为null。这是我的申请表。属性文件:
keycloak.auth-server-url=http://localhost:9090/auth
keycloak.realm=<some realm>
keycloak.resource=<some resource>
keycloak.ssl-required=external
keycloak.public-client=true
keycloak.principal-attribute=preferred_username
keycloak.use-resource-role-mappings=true
server.port=8100
这是我的安全配置。java文件(教程中的原始文件):
package com.bme.keycloakdemo.configuration;
import org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver;
import org.keycloak.adapters.springsecurity.KeycloakSecurityComponents;
import org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationProvider;
import org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.core.authority.mapping.SimpleAuthorityMapper;
import org.springframework.security.core.session.SessionRegistryImpl;
import org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy;
import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
@Configuration
@EnableWebSecurity
@ComponentScan(basePackageClasses = KeycloakSecurityComponents.class)
class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter {
// Submits the KeycloakAuthenticationProvider to the AuthenticationManager
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
KeycloakAuthenticationProvider keycloakAuthenticationProvider = keycloakAuthenticationProvider();
keycloakAuthenticationProvider.setGrantedAuthoritiesMapper(new SimpleAuthorityMapper());
auth.authenticationProvider(keycloakAuthenticationProvider);
}
@Bean
public KeycloakSpringBootConfigResolver KeycloakConfigResolver() {
return new KeycloakSpringBootConfigResolver();
}
// Specifies the session authentication strategy
@Bean
@Override
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl());
}
@Override
protected void configure(HttpSecurity http) throws Exception {
super.configure(http);
http.authorizeRequests()
.antMatchers("/demo*")
.hasRole("user")
.anyRequest()
.permitAll();
}
}
我的web控制器如下所示:
package com.bme.keycloakdemo.controllers;
import java.security.Principal;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.MediaType;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
@RequestMapping("/demo")
public class DemoController {
private final Logger logger = LoggerFactory.getLogger(this.getClass());
@GetMapping(value = "/first", produces = {MediaType.APPLICATION_JSON_VALUE})
public String first(Principal principal) {
logger.info("WE GOT HERE");
String retval = "WE GOT HERE! ";
if (principal != null) {
retval += principal.toString();
}
else {
retval += "PRINCIPAL IS NULL";
}
return retval;
}
@GetMapping(value = "/second", produces = {MediaType.APPLICATION_JSON_VALUE})
public String second(Principal principal) {
logger.info("WE GOT HERE");
String retval = "WE GOT HERE! " + principal.getName();
return retval;
}
@GetMapping(value = "/third", produces = {MediaType.APPLICATION_JSON_VALUE})
public String third(HttpServletRequest request) {
logger.info("WE GOT HERE");
Principal principal = request.getUserPrincipal();
String retval = "WE GOT HERE! ";
if (principal != null) {
retval += principal.toString();
}
else {
retval += "PRINCIPAL IS NULL";
}
return retval;
}
}
最后,这是我的Maven配置,以防它有所不同:
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.batman-evolution</groupId>
<artifactId>keycloakjournal</artifactId>
<version>0.0.1-SNAPSHOT</version>
<packaging>jar</packaging>
<name>keycloakjournal</name>
<description>Journal Secured with Keycloak</description>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.5.16.RELEASE</version>
<relativePath/>
</parent>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<java.version>1.8</java.version>
<keycloak.version>3.4.0.Final</keycloak.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-spring-boot-starter</artifactId>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.keycloak.bom</groupId>
<artifactId>keycloak-adapter-bom</artifactId>
<version>${keycloak.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
因此,为了重述这个问题,我希望从Keyclope获得校长。我目前正在使用Spring Security返回主体,但只要主体可用,我真的不在乎这种或那种方式。谢谢你的帮助!
共有1个答案
隆钊
这对我很有用:
@GetMapping("/details")
public MyUserDetails getUserDetails(Principal principal) {
KeycloakAuthenticationToken kp = (KeycloakAuthenticationToken) principal;
SimpleKeycloakAccount simpleKeycloakAccount = (SimpleKeycloakAccount) kp.getDetails();
AccesToken token = simpleKeycloakAccount.getKeycloakSecurityContext().getToken();
return new MyUserDetails(token.getGivenName(), token.getFamilyName(), token.getEmail());
}
类似资料:
-
要获取请求URL,可以在堆栈溢出中找到以下方法。 第一种方法: 第二种方法: 第三种方法: 我不知道在spring boot应用程序中使用哪一个来获取请求URL。 如果我使用第三种方法,那么我是否需要在配置类中创建RequestContextListener的bean,如下所示?
-
您好,我有一个带有嵌入式按键锁的SpringBoot应用程序,使用下面的示例 https://www.baeldung.com/keycloak-embedded-in-spring-boot-app 我正在尝试将Keycloak从12升级到14,并将reeasy升级到3.15.1.Final,infinispan升级到11.0.9.Final。应用程序无法启动,并且除了 NullPointerE
-
这是我使用SpringBoot的第一天,我试图理解体系结构,因此我开始构建一个hello world应用程序: 在我的pom.xml中,在maven-shade-plugin下,我将mainClass声明如下: 文件目标是src/main/java/com/demo/helloworld.java,该文件中的代码是: 我错过了什么?
-
我已经从谷歌阅读了这个标准描述:https://developer.android.com/training/sharing/receive 在此之后,我更新了我的AndroidManifest.xml,以包括一个意图过滤器来接受来自其他应用程序的共享(对于各种哑剧类型)。 我可以将我的应用程序视为其他应用程序中的共享选项,当我在其他应用程序中选择一个文件(例如,照片应用程序中的图像文件)并选择与
-
我正在使用keycloak来保护我的servlet。我必须添加新角色并动态地将它们分配给用户。它使用管理应用编程接口在keycloak中工作,但是我不知道如何在servlet中获得特定用户的角色。 我尝试了这个解决方案,但我得到了空集:
-
我尝试过各种各样的解决方案,从堆栈溢出没有运气。我想要什么。 我知道不同应用程序的包名 例如,我有一个包名。如何获取此应用程序图标并在ImageView中显示?