Java keydape在登录后返回403
我有一个KeyClope服务器和我的web应用程序。当我尝试登录应用程序时,总是keydepeat返回403-禁止 这是我在web项目中的配置 应用程序属性Java keydape在登录后返回403,java,spring-security,keycloak,Java,Spring Security,Keycloak,我有一个KeyClope服务器和我的web应用程序。当我尝试登录应用程序时,总是keydepeat返回403-禁止 这是我在web项目中的配置 应用程序属性 server.port = 38080 keycloak.realm=FocusocKeycloak keycloak.auth-server-url=http://localhost:8080/auth keycloak.ssl-required=external keycloak.resource=login-provider-web
server.port = 38080
keycloak.realm=FocusocKeycloak
keycloak.auth-server-url=http://localhost:8080/auth
keycloak.ssl-required=external
keycloak.resource=login-provider-web
keycloak.public-client=false
keycloak.credentials.secret=XXXX
keycloak.securityConstraints[0].authRoles[0] = USER
keycloak.securityConstraints[0].securityCollections[0].patterns[0] = /*
# Turn off the logs
logging.level.root=OFF
logging.level.org.springframework.boot=OFF
spring.main.banner-mode=OFF
keydape.json
{
"realm": "FocusocKeycloak",
"auth-server-url": "http://127.0.0.1:8080/auth",
"ssl-required": "external",
"resource": "login-app",
"verify-token-audience": true,
"credentials": {
"secret": "XXXX"
},
"use-resource-role-mappings": true,
"confidential-port": 0
}
这是客户端的配置,
我只注册了角色用户。已解决!config类中的configure方法有点错误,我没有更改它
...
@Override
protected void configure(HttpSecurity http) throws Exception {
super.configure(http);
http.logout().logoutSuccessUrl("/home")
.and()
.authorizeRequests()
.antMatchers("/**").hasAuthority("user");
}
...
这是必须的
...
@Override
protected void configure(HttpSecurity http) throws Exception {
super.configure(http);
http.logout().logoutSuccessUrl("/home")
.and()
.authorizeRequests()
.antMatchers("/**").hasAuthority("ROLE_USER");
}
...
现在没有出现错误403,但是现在没有显示/主页