这真让我发疯。
我正在尝试使用Spring Boot和Keycloak设置最基本的身份验证。一切正常,直到我实际通过领域登录屏幕登录。我被重定向回安全位置,然后返回到keycloak身份验证页面,再回到安全位置(因为我已经通过身份验证)。最后,进入400页,并在日志中看到以下警告:
2020-06-08 15:36:38.646 WARN 12028 --- [io-8080-exec-10] o.k.adapters.OAuthRequestAuthenticator : No state cookie
有时我得到err_to_many_redirects。
pom.xml:
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>sso-demo</groupId>
<artifactId>sso-demo-app1</artifactId>
<version>1.0-SNAPSHOT</version>
<properties>
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
<spring.boot.version>2.3.0.RELEASE</spring.boot.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
<version>${spring.boot.version}</version>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-spring-boot-starter</artifactId>
<version>10.0.1</version>
</dependency>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.keycloak.bom</groupId>
<artifactId>keycloak-adapter-bom</artifactId>
<version>10.0.1</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
application.properties:
keycloak.auth-server-url=http://keycloakserver/auth
keycloak.realm=Realm Name
keycloak.public-client=true
keycloak.resource=demo-login-app
keycloak.ssl-required=external
keycloak.securityConstraints[0].authRoles[0]=test-user-role
keycloak.securityConstraints[0].securityCollections[0].patterns[0]=/secured
server.port=8080
配置:
@Configuration
public class KeycloakConfig {
@Bean
public KeycloakSpringBootConfigResolver keycloakConfigResolver() {
return new KeycloakSpringBootConfigResolver();
}
}
Controller:
@Controller
@RequestMapping("/secured")
public class MainController {
@GetMapping
public String mainController(HttpServletRequest request, HttpServletResponse httpServletResponse, Model model) {
return "secured.html";
}
}
由于域名称配置不正确,我遇到了这个问题。
[首先,我将我的领域命名为“ Main Realm Name”。我认为这里的问题是空格。
第二次在主领域上进行测试时,我在应用程序属性文件中指定了“ Master”,而不是“ master”。
将领域名称配置为“ MainRealmName”解决了该问题