Java 在我的Spring应用程序上启用KeyClope时未重定向到KeyClope
我遵循本指南,尝试让我的Spring应用程序(由JHipster制作)使用keydape进行身份验证。我将keydape代码放入Java 在我的Spring应用程序上启用KeyClope时未重定向到KeyClope,java,spring,spring-boot,jhipster,keycloak,Java,Spring,Spring Boot,Jhipster,Keycloak,我遵循本指南,尝试让我的Spring应用程序(由JHipster制作)使用keydape进行身份验证。我将keydape代码放入依赖项和依赖项管理,并使用以下内容编辑src/main/resources/config/application.yml: 钥匙斗篷: 验证服务器url:https://my-keycloak-server.com/auth 领域:我的领域 资源:登录应用程序 公共客户:对 安全限制: -证券集合: -模式:/api/* 但当我加载该站点时,它不会将我重定向到我的Ke
依赖项
和依赖项管理
,并使用以下内容编辑src/main/resources/config/application.yml
:
钥匙斗篷:
验证服务器url:https://my-keycloak-server.com/auth
领域:我的领域
资源:登录应用程序
公共客户:对
安全限制:
-证券集合:
-模式:/api/*
但当我加载该站点时,它不会将我重定向到我的KeyClope服务器,我会在日志中看到下面的内容。该站点之前使用的是用户名/密码,这些凭据存储在我的H2数据库中。但我现在正试着把它换成我正在运行的钥匙斗篷
该页面确实讨论了从keydove获取access\u令牌
和refresh\u令牌
,但我不确定我拥有的keydove代码是否应该自动执行该操作,或者我是否有太多的代码用于其他操作
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-2] o.k.adapters.PreAuthActionsHandler : adminRequest http://localhost:9061/api/application-info
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-3] o.k.adapters.PreAuthActionsHandler : adminRequest http://localhost:9061/api/profile-info
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-1] o.k.a.a.ClientCredentialsProviderUtils : Using provider 'secret' for authentication of client 'login-app'
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-3] o.k.a.a.ClientCredentialsProviderUtils : Using provider 'secret' for authentication of client 'login-app'
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-2] o.k.a.a.ClientCredentialsProviderUtils : Using provider 'secret' for authentication of client 'login-app'
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-3] o.k.a.a.ClientCredentialsProviderUtils : Loaded clientCredentialsProvider secret
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-1] o.k.a.a.ClientCredentialsProviderUtils : Loaded clientCredentialsProvider secret
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-2] o.k.a.a.ClientCredentialsProviderUtils : Loaded clientCredentialsProvider secret
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-3] o.k.a.a.ClientCredentialsProviderUtils : Loaded clientCredentialsProvider jwt
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-2] o.k.a.a.ClientCredentialsProviderUtils : Loaded clientCredentialsProvider jwt
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-1] o.k.a.a.ClientCredentialsProviderUtils : Loaded clientCredentialsProvider jwt
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-1] o.k.a.a.ClientCredentialsProviderUtils : Loaded clientCredentialsProvider secret
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-2] o.k.a.a.ClientCredentialsProviderUtils : Loaded clientCredentialsProvider secret
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-3] o.k.a.a.ClientCredentialsProviderUtils : Loaded clientCredentialsProvider secret
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-1] o.k.a.a.ClientCredentialsProviderUtils : Loaded clientCredentialsProvider jwt
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-3] o.k.a.a.ClientCredentialsProviderUtils : Loaded clientCredentialsProvider jwt
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-2] o.k.a.a.ClientCredentialsProviderUtils : Loaded clientCredentialsProvider jwt
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-3] o.keycloak.adapters.KeycloakDeployment : resolveUrls
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-1] o.keycloak.adapters.KeycloakDeployment : resolveUrls
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-2] o.keycloak.adapters.KeycloakDeployment : resolveUrls
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-3] o.k.adapters.KeycloakDeploymentBuilder : Use authServerUrl: https://my-keycloak-server/auth, tokenUrl: https://my-keycloak-server/auth/realms/my-realm/protocol/openid-connect/token, relativeUrls: NEVER
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-1] o.k.adapters.KeycloakDeploymentBuilder : Use authServerUrl: https://my-keycloak-server/auth, tokenUrl: https://my-keycloak-server/auth/realms/my-realm/protocol/openid-connect/token, relativeUrls: NEVER
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-3] o.k.adapters.PreAuthActionsHandler : adminRequest http://localhost:9061/api/profile-info
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-1] o.k.adapters.PreAuthActionsHandler : adminRequest http://localhost:9061/api/account
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-3] o.k.a.a.ClientCredentialsProviderUtils : Using provider 'secret' for authentication of client 'login-app'
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-2] o.k.adapters.KeycloakDeploymentBuilder : Use authServerUrl: https://my-keycloak-server/auth, tokenUrl: https://my-keycloak-server/auth/realms/my-realm/protocol/openid-connect/token, relativeUrls: NEVER
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-1] o.k.a.a.ClientCredentialsProviderUtils : Using provider 'secret' for authentication of client 'login-app'
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-2] o.k.adapters.PreAuthActionsHandler : adminRequest http://localhost:9061/api/application-info
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-3] o.k.a.a.ClientCredentialsProviderUtils : Loaded clientCredentialsProvider secret
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-1] o.k.a.a.ClientCredentialsProviderUtils : Loaded clientCredentialsProvider secret
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-2] o.k.a.a.ClientCredentialsProviderUtils : Using provider 'secret' for authentication of client 'login-app'
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-3] o.k.a.a.ClientCredentialsProviderUtils : Loaded clientCredentialsProvider jwt
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-1] o.k.a.a.ClientCredentialsProviderUtils : Loaded clientCredentialsProvider jwt
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-2] o.k.a.a.ClientCredentialsProviderUtils : Loaded clientCredentialsProvider secret
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-2] o.k.a.a.ClientCredentialsProviderUtils : Loaded clientCredentialsProvider jwt
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-3] o.k.a.a.ClientCredentialsProviderUtils : Loaded clientCredentialsProvider secret
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-3] o.k.a.a.ClientCredentialsProviderUtils : Loaded clientCredentialsProvider jwt
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-1] o.k.a.a.ClientCredentialsProviderUtils : Loaded clientCredentialsProvider secret
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-2] o.k.a.a.ClientCredentialsProviderUtils : Loaded clientCredentialsProvider secret
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-1] o.k.a.a.ClientCredentialsProviderUtils : Loaded clientCredentialsProvider jwt
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-2] o.k.a.a.ClientCredentialsProviderUtils : Loaded clientCredentialsProvider jwt
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-3] o.keycloak.adapters.KeycloakDeployment : resolveUrls
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-3] o.k.adapters.KeycloakDeploymentBuilder : Use authServerUrl: https://my-keycloak-server/auth, tokenUrl: https://my-keycloak-server/auth/realms/my-realm/protocol/openid-connect/token, relativeUrls: NEVER
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-2] o.keycloak.adapters.KeycloakDeployment : resolveUrls
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-1] o.keycloak.adapters.KeycloakDeployment : resolveUrls
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-1] o.k.adapters.KeycloakDeploymentBuilder : Use authServerUrl: https://my-keycloak-server/auth, tokenUrl: https://my-keycloak-server/auth/realms/my-realm/protocol/openid-connect/token, relativeUrls: NEVER
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-2] o.k.adapters.KeycloakDeploymentBuilder : Use authServerUrl: https://my-keycloak-server/auth, tokenUrl: https://my-keycloak-server/auth/realms/my-realm/protocol/openid-connect/token, relativeUrls: NEVER
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-3] o.k.a.undertow.ServletSessionTokenStore : session was null, returning null
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-1] o.k.a.undertow.ServletSessionTokenStore : session was null, returning null
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-2] o.k.a.undertow.ServletSessionTokenStore : session was null, returning null
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-1] o.k.adapters.OAuthRequestAuthenticator : there was no code
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-3] o.k.adapters.OAuthRequestAuthenticator : there was no code
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-2] o.k.adapters.OAuthRequestAuthenticator : there was no code
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-1] o.k.adapters.OAuthRequestAuthenticator : redirecting to auth server
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-3] o.k.adapters.OAuthRequestAuthenticator : redirecting to auth server
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-2] o.k.adapters.OAuthRequestAuthenticator : redirecting to auth server
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-3] o.k.adapters.OAuthRequestAuthenticator : callback uri: http://localhost:9061/api/profile-info
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-2] o.k.adapters.OAuthRequestAuthenticator : callback uri: http://localhost:9061/api/application-info
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-1] o.k.adapters.OAuthRequestAuthenticator : callback uri: http://localhost:9061/api/account
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-1] o.k.a.AuthenticatedActionsHandler : AuthenticatedActionsValve.invoke http://localhost:9061/api/account
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-2] o.k.a.AuthenticatedActionsHandler : AuthenticatedActionsValve.invoke http://localhost:9061/api/application-info
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-3] o.k.a.AuthenticatedActionsHandler : AuthenticatedActionsValve.invoke http://localhost:9061/api/profile-info
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-1] o.k.a.AuthenticatedActionsHandler : Policy enforcement is disabled.
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-2] o.k.a.AuthenticatedActionsHandler : Policy enforcement is disabled.
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-3] o.k.a.AuthenticatedActionsHandler : Policy enforcement is disabled.
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-1] o.k.a.AuthenticatedActionsHandler : AuthenticatedActionsValve.invoke http://localhost:9061/api/account
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-2] o.k.a.AuthenticatedActionsHandler : AuthenticatedActionsValve.invoke http://localhost:9061/api/application-info
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-3] o.k.a.AuthenticatedActionsHandler : AuthenticatedActionsValve.invoke http://localhost:9061/api/profile-info
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-1] o.k.a.AuthenticatedActionsHandler : Policy enforcement is disabled.
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-2] o.k.a.AuthenticatedActionsHandler : Policy enforcement is disabled.
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-3] o.k.a.AuthenticatedActionsHandler : Policy enforcement is disabled.
2020-04-14T18:41:14Z INFO 29291 - [ XNIO-2 task-1] io.undertow.servlet : Initializing Spring FrameworkServlet 'dispatcherServlet'
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-3] o.k.a.AuthenticatedActionsHandler : AuthenticatedActionsValve.invoke http://localhost:9061/error
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-2] o.k.a.AuthenticatedActionsHandler : AuthenticatedActionsValve.invoke http://localhost:9061/error
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-1] o.k.a.AuthenticatedActionsHandler : AuthenticatedActionsValve.invoke http://localhost:9061/error
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-3] o.k.a.AuthenticatedActionsHandler : Policy enforcement is disabled.
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-2] o.k.a.AuthenticatedActionsHandler : Policy enforcement is disabled.
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-1] o.k.a.AuthenticatedActionsHandler : Policy enforcement is disabled.
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-3] o.k.a.AuthenticatedActionsHandler : AuthenticatedActionsValve.invoke http://localhost:9061/error
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-2] o.k.a.AuthenticatedActionsHandler : AuthenticatedActionsValve.invoke http://localhost:9061/error
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-1] o.k.a.AuthenticatedActionsHandler : AuthenticatedActionsValve.invoke http://localhost:9061/error
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-3] o.k.a.AuthenticatedActionsHandler : Policy enforcement is disabled.
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-2] o.k.a.AuthenticatedActionsHandler : Policy enforcement is disabled.
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-1] o.k.a.AuthenticatedActionsHandler : Policy enforcement is disabled.
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-4] o.k.adapters.PreAuthActionsHandler : adminRequest http://localhost:9061/api/profile-info
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-4] o.k.adapters.PreAuthActionsHandler : adminRequest http://localhost:9061/api/profile-info
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-4] o.k.a.undertow.ServletSessionTokenStore : session was null, returning null
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-4] o.k.adapters.OAuthRequestAuthenticator : there was no code
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-4] o.k.adapters.OAuthRequestAuthenticator : redirecting to auth server
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-4] o.k.adapters.OAuthRequestAuthenticator : callback uri: http://localhost:9061/api/profile-info
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-4] o.k.a.AuthenticatedActionsHandler : AuthenticatedActionsValve.invoke http://localhost:9061/api/profile-info
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-4] o.k.a.AuthenticatedActionsHandler : Policy enforcement is disabled.
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-4] o.k.a.AuthenticatedActionsHandler : AuthenticatedActionsValve.invoke http://localhost:9061/api/profile-info
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-4] o.k.a.AuthenticatedActionsHandler : Policy enforcement is disabled.
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-4] o.k.a.AuthenticatedActionsHandler : AuthenticatedActionsValve.invoke http://localhost:9061/error
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-4] o.k.a.AuthenticatedActionsHandler : Policy enforcement is disabled.
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-4] o.k.a.AuthenticatedActionsHandler : AuthenticatedActionsValve.invoke http://localhost:9061/error
2020-04-14T18:41:14Z DEBUG 29291 - [ XNIO-2 task-4] o.k.a.AuthenticatedActionsHandler : Policy enforcement is disabled.
同样在SecurityConfiguration.java中,我还有如下内容
http.addFilterBefore(corsFilter,UsernamePasswordAuthenticationFilter.class)
...
.antMatchers(“/api/**”).authenticated()
。我是否必须更改以前查看用户名/密码进行身份验证的大部分代码
这是我完整的SecurityConfiguration.java-WebSecurityConfigureAdapter
private final AuthenticationManagerBuilder authenticationManagerBuilder;
private final UserDetailsService userDetailsService;
private final TokenProvider tokenProvider;
private final CorsFilter corsFilter;
private final SecurityProblemSupport problemSupport;
private final ApplicationProperties applicationProperties;
private final SSOUserService ssoUserService;
public SecurityConfiguration(AuthenticationManagerBuilder authenticationManagerBuilder, UserDetailsService userDetailsService,
TokenProvider tokenProvider, CorsFilter corsFilter, SecurityProblemSupport problemSupport,
ApplicationProperties applicationProperties, SSOUserService ssoUserService) {
this.authenticationManagerBuilder = authenticationManagerBuilder;
this.userDetailsService = userDetailsService;
this.tokenProvider = tokenProvider;
this.corsFilter = corsFilter;
this.problemSupport = problemSupport;
this.applicationProperties = applicationProperties;
this.ssoUserService = ssoUserService;
}
@PostConstruct
public void init() {
try {
authenticationManagerBuilder
.userDetailsService(userDetailsService)
.passwordEncoder(passwordEncoder());
} catch (Exception e) {
throw new BeanInitializationException("Security configuration failed", e);
}
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring()
.antMatchers(HttpMethod.OPTIONS, "/**")
.antMatchers("/app/**/*.{js,html}")
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.addFilterBefore(corsFilter, UsernamePasswordAuthenticationFilter.class)
.exceptionHandling()
.authenticationEntryPoint(problemSupport)
.accessDeniedHandler(problemSupport)
.and()
.csrf()
.disable()
.headers()
.frameOptions()
.disable()
.and()
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeRequests()
.antMatchers("/api/**").authenticated()
.apply(securityConfigurerAdapter());
if(applicationProperties.getSso().isEnabled()) {
http.apply(ssoConfigurerAdapter());
}
}
private JWTConfigurer securityConfigurerAdapter() {
return new JWTConfigurer(tokenProvider);
}
private IdAMSSOConfigurer ssoConfigurerAdapter() {
/*
* Set password encoder from this bean in this class.
* We can't use dependency injection because it
* creates a dependency cycle.
*/
ssoUserService.setPasswordEncoder(passwordEncoder());
return new IdAMSSOConfigurer(tokenProvider, ssoUserService);
}
@Bean
public SecurityEvaluationContextExtension securityEvaluationContextExtension() {
return new SecurityEvaluationContextExtension();
}
你将不得不发布你的完整信息websecurityconfigureradapter@MarcoBehler我编辑了ITI如果您使用的是JHipster,只需选择OAuth 2.0/OIDC作为您的身份验证类型,默认情况下它将使用keydape。你将不得不发布你的完整信息websecurityconfigureradapter@MarcoBehler我编辑了ITI如果您使用的是JHipster,只需选择OAuth 2.0/OIDC作为您的身份验证类型,默认情况下它将使用keydape。