spring-bootspring-securityoauth-2.0keycloakspring-oauth2
How to skip the default spring security OAuth2 provider prompt on login
I have a basic integration with spring boot/security and Keycloak.
When I click on a protected resource I am redirected to the default Keycloak login page, but when I access the /login path on my application I am redirected to this prompt:
As you can see there is only one OAuth2 provider configured and this renders this page completely impractical.
How can I skip this page or disable the /login path leading to this page?
Spring security config:
Properties file:
spring.security.oauth2.client.registration.keycloak.client-id=some-client
spring.security.oauth2.client.registration.keycloak.client-secret=copied_secret
spring.security.oauth2.client.registration.keycloak.authorization-grant-type=authorization_code
spring.security.oauth2.client.registration.keycloak.scope=openid
spring.security.oauth2.client.provider.keycloak.issuer-uri=http://localhost:8180/realms/some_realm
spring.security.oauth2.client.provider.keycloak.user-name-attribute=preferred_username
spring.security.oauth2.resourceserver.jwt.issuer-uri=http://localhost:8180/realms/some_realm
Security config:
@EnableWebSecurity
@Configuration(proxyBeanMethods = false)
public class WebSecurityConfig {
private final KeycloakLogoutHandler keycloakLogoutHandler;
WebSecurityConfig(KeycloakLogoutHandler keycloakLogoutHandler) {
this.keycloakLogoutHandler = keycloakLogoutHandler;
}
@Bean
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl());
}
@Bean
public SecurityFilterChain clientFilterChain(HttpSecurity http) throws Exception {
http.authorizeHttpRequests(authorize ->
authorize.requestMatchers(
"/",
"/themes/**",
"/login")
.permitAll()
.anyRequest().authenticated()
);
http.oauth2Login(Customizer.withDefaults())
.logout(logoutCustomizer ->
logoutCustomizer.addLogoutHandler(keycloakLogoutHandler)
.logoutSuccessUrl("/"));
return http.build();
}
@Bean
public AuthenticationManager authenticationManager(HttpSecurity http) throws Exception {
return http.getSharedObject(AuthenticationManagerBuilder.class)
.build();
}
}
I have tried
Disabling the page with
formLogin().disable(). Also tried replacing this obsolete method with the new one accepting the customizer and disabling it from there.Creating and securing another path for example : loggedInUser to take advantage of the skipping of this page but the path /login still exists and seems like unfinished work.
Creating a
@Controllerfor/loginpath - controller is ignored.
Solution
You have two options:
- instead of redirecting to
/login, you redirect to the URI of the link in the login page (the authorization endpoint on Keycloak, something likehttp://localhost:8180/oauth2/authorization/some-client) - configure
http.oauth2Login(oauth2 -> oauth2.loginPage("/login"));and provide with your own@Controllerfor/loginand respond with a302withLocationheader pointing at at the URI of the link in the login page (same as above)
First option allows to keep the default page if you ever need it.
- Spring Boot 3 TaskExecutor context propagation in micrometer tracing
- ElasticSearch in Spring with @Query
- Upgrading to Spring Boot 3/ JDK 17/ Spring 6 - JAXB conflict issue IllegalAnnotationsException
- Issues with Lazy Loading and Transactions in JPA
- How to handle asynchronous thread processing with same transaction in SpringBoot?
- How to enable ExecutorServiceMetrics in SpringBoot 2.1.2?
- org.apache.commons.logging.LogFactory was unintentionally initialized at build time
- Should I add application.properties to .gitignore if the Git repository is private and both the server and DB are on an internal network?
- Spring Data JPA - @Query annotation with qualifier for the database it applies to
- Unable to run Spring Boot native application with InheritanceType.JOINED
- What Exception class type does Spring Boot throw when the user tries to access a REST endpoint whose path does not exist at the @RestController?
- Mongo driver with @Testcontainers, throws exceptions after tests run successfully
- Wiremock GRPC demo example is not returning response
- How to modify default spring boot not found url exception with custom message
- Why is my Angular app not receiving Server-Sent Events (SSE) from a WebFlux backend?
- How to use Wildcard in mongoDB using Spring boot?
- Return string type from Spring Boot to Angular
- org.springframework.beans.factory.BeanCreationException while try to connect my mongodb cloud data base to my spring application
- Springboot not triggering custom authentication for my loaduserbyusername method
- Update spring-boot 3.4.1 Spring Security Error: A filter chain that matches any request has already been configured
- How do I allow null values in a POST request body? Java and Spring Framework
- NullPointerException for Springboot @Autowired component in interceptor
- Including spring boot endpoint path variable as a metric dimension
- Getting data back from @Async function call
- Spring security JWT without OAuth
- How to implement nested loops using spring webflux
- Dockerfile multi-stage for gradle spring boot application, use mavenLocal
- Spring boot: can a springboot app be deployed to upcloud or vultr cloud services
- Modify Cas overlay 7.1.3 to add custom RestController
- How to upper case custom field in logback