spring-bootspring-securityoauth-2.0keycloakspring-oauth2
How to skip the default spring security OAuth2 provider prompt on login
I have a basic integration with spring boot/security and Keycloak.
When I click on a protected resource I am redirected to the default Keycloak login page, but when I access the /login path on my application I am redirected to this prompt:
As you can see there is only one OAuth2 provider configured and this renders this page completely impractical.
How can I skip this page or disable the /login path leading to this page?
Spring security config:
Properties file:
spring.security.oauth2.client.registration.keycloak.client-id=some-client
spring.security.oauth2.client.registration.keycloak.client-secret=copied_secret
spring.security.oauth2.client.registration.keycloak.authorization-grant-type=authorization_code
spring.security.oauth2.client.registration.keycloak.scope=openid
spring.security.oauth2.client.provider.keycloak.issuer-uri=http://localhost:8180/realms/some_realm
spring.security.oauth2.client.provider.keycloak.user-name-attribute=preferred_username
spring.security.oauth2.resourceserver.jwt.issuer-uri=http://localhost:8180/realms/some_realm
Security config:
@EnableWebSecurity
@Configuration(proxyBeanMethods = false)
public class WebSecurityConfig {
private final KeycloakLogoutHandler keycloakLogoutHandler;
WebSecurityConfig(KeycloakLogoutHandler keycloakLogoutHandler) {
this.keycloakLogoutHandler = keycloakLogoutHandler;
}
@Bean
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl());
}
@Bean
public SecurityFilterChain clientFilterChain(HttpSecurity http) throws Exception {
http.authorizeHttpRequests(authorize ->
authorize.requestMatchers(
"/",
"/themes/**",
"/login")
.permitAll()
.anyRequest().authenticated()
);
http.oauth2Login(Customizer.withDefaults())
.logout(logoutCustomizer ->
logoutCustomizer.addLogoutHandler(keycloakLogoutHandler)
.logoutSuccessUrl("/"));
return http.build();
}
@Bean
public AuthenticationManager authenticationManager(HttpSecurity http) throws Exception {
return http.getSharedObject(AuthenticationManagerBuilder.class)
.build();
}
}
I have tried
Disabling the page with
formLogin().disable(). Also tried replacing this obsolete method with the new one accepting the customizer and disabling it from there.Creating and securing another path for example : loggedInUser to take advantage of the skipping of this page but the path /login still exists and seems like unfinished work.
Creating a
@Controllerfor/loginpath - controller is ignored.
Solution
You have two options:
- instead of redirecting to
/login, you redirect to the URI of the link in the login page (the authorization endpoint on Keycloak, something likehttp://localhost:8180/oauth2/authorization/some-client) - configure
http.oauth2Login(oauth2 -> oauth2.loginPage("/login"));and provide with your own@Controllerfor/loginand respond with a302withLocationheader pointing at at the URI of the link in the login page (same as above)
First option allows to keep the default page if you ever need it.
- LdapCtxFactory because module java.naming does not export com.sun.jndi.ldap to unnamed module
- Is it possible to use @Transactional and kotlin coroutines in spring boot?
- How to convert spring boot app with Okta to read okta groups
- How to add Header - Authorization for swagger 3, spring boot
- SpringBoot RestTemplate ignores spring.jackson.serialization.WRITE_DATES_AS_TIMESTAMPS = false
- Spring Boot 1.5.1 caches JSP
- How does Spring Boot control Tomcat cache?
- How can I change the default location of log4j2.xml in Java Spring Boot?
- Spring Boot application is encountering a NullPointerException after running for a while
- Problem connecting springboot to mysql with docker-compose
- Map as parameter in RestAPI Post request
- Cause ERROR Recursive call to appender. Is there a way to solve it?
- Swagger-ui keeps showing example petstore instead of my API
- Apache Spark with Spring boot - failed to start exception Factory method 'javaSparkContext' threw exception with message: javax/servlet/Servlet
- Reactive Mongo secondaryPreferred
- Flyway: Found non-empty schema(s) "public" without schema history table! Use baseline() - on Empty database
- Spring boot not loading log4j2.xml
- @Repository not necessary when implementing JpaRepository?
- Unknown entity: com.sun.proxy.$Proxy87
- How do I submit requests to REST api in batches in SpringBoot?
- Is it good idea to use the DAO design pattern with spring Boot, instead of using repository design pattern provided by spring data jpa?
- Why is Spring initialising my Aspect twice?
- java.lang.IllegalArgumentException: Not a managed type: @Entity
- Caused by: org.eclipse.jgit.api.errors.RefNotFoundException: Ref master cannot be resolved
- Accessing in-transit encryption enabled Elasticache with Spring Redis, throws an error for the stringRedisTemplate.keys method
- Using JUnit Mocked ObjectMapper shows Null. java.lang.NullPointerException: objectMapper is null
- How to get subquery values when using Hibernate Criteria API
- Spring Boot & MongoDB how to remove the '_class' column?
- Iterating using ForEach in Spring -boot
- Maven and Spring Boot - non resolvable parent pom - repo.spring.io (Unknown host)