我的应用程序具有表单登录名,现在我想使用Keycloak集成我的freeIPA帐户。
我下面有2 WebSecurityConfigurerAdapter
SecurityConfiguration.java
@Configuration
@EnableWebSecurity
@Order(1)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
private final AccountDetailsService accountDetailsService;
private static final String[] IGNORED_RESOURCE_LIST = new String[]{
"/resources/**",
"/static/**",
"/webjars/**",
"/plugins/**",
"/imgs/**",
"/fonts/**",
"/vendors/**",
"/flags/**",
"/js/**",
"/sso/login",
"/css/**"};
private static final String[] PERMIT_ALL_RESOURCE_LIST = new String[]{
"/actuator/health/**",
"/login/**",
"/json/**",
"/auth/**",
"/error/**"};
@Autowired
public SecurityConfiguration(AccountDetailsService accountDetailsService) {
this.accountDetailsService = accountDetailsService;
}
@Override
public void configure(WebSecurity web) {
web.ignoring().antMatchers(IGNORED_RESOURCE_LIST);
}
@Override
protected void configure(AuthenticationManagerBuilder auth) {
auth.authenticationProvider(authenticationProvider());
}
@Bean
public DaoAuthenticationProvider authenticationProvider() {
DaoAuthenticationProvider authProvider
= new DaoAuthenticationProvider();
authProvider.setUserDetailsService(accountDetailsService);
authProvider.setPasswordEncoder(encoder());
return authProvider;
}
@Bean
public PasswordEncoder encoder() {
return new BCryptPasswordEncoder();
}
@Bean
public SessionRegistry sessionRegistry() {
return new SessionRegistryImpl();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
http.authorizeRequests()
.antMatchers(PERMIT_ALL_RESOURCE_LIST).permitAll()
.anyRequest().authenticated()
.and().formLogin().loginPage("/auth/login").failureUrl("/auth/login?message=error").permitAll()
.and().logout().permitAll();
http.sessionManagement().maximumSessions(1).sessionRegistry(sessionRegistry()).expiredUrl("/auth/login");
}
}
和KeycloakSecurityConfig.java
@Configuration
@EnableWebSecurity
@ComponentScan(basePackageClasses = KeycloakSecurityComponents.class)
@Order(2)
public class KeycloakSecurityConfig extends KeycloakWebSecurityConfigurerAdapter {
@Autowired
public void configureGlobal(
AuthenticationManagerBuilder auth) throws Exception {
KeycloakAuthenticationProvider keycloakAuthenticationProvider
= keycloakAuthenticationProvider();
keycloakAuthenticationProvider.setGrantedAuthoritiesMapper(
new SimpleAuthorityMapper());
auth.authenticationProvider(keycloakAuthenticationProvider);
}
@Bean
public KeycloakSpringBootConfigResolver KeycloakConfigResolver() {
return new KeycloakSpringBootConfigResolver();
}
@Bean
@Override
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
return new RegisterSessionAuthenticationStrategy(
new SessionRegistryImpl());
}
@Bean
public SessionRegistry sessionRegistry() {
return new SessionRegistryImpl();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
super.configure(http);
http.authorizeRequests().anyRequest().authenticated();
}
}
并且在登录页面上,我有一个使用Keycloak登录的按钮。它使用URL /sso/login
重定向到Keycloak登录页面,但登录后我被重定向回应用程序登录页面。
有人能启发我这种情况吗?如何在我的应用程序中同时实现表单登录和SSO登录?
谢谢。任何帮助,将不胜感激。
您执行此要求了吗?