Spring Boot,Keycloak和Vaadin集成问题 [英] Spring Boot, Keycloak and Vaadin integration issue
问题描述
我一直在使用Spring Boot,并成功地在不同的项目中分别使用Keycloak和Vaadin.现在,我想将两者结合起来以避免使用Vaadin来实现我自己的安全性.到目前为止,我的结果可以在这里找到: github项目.
我从共享安全示例开始由vaadin4spring提供.然后,我添加了 keycloak-spring-security-adapter 和
没有触发任何重定向来通过Keycloak进行身份验证.但是,如果我导航到不是由Vaadin管理的其他任何网址,例如 成功登录后,我可以无误地导航到 有什么想法可以解决我的配置问题吗?我认为这是因为Vaadin处理了CORS. 显然,在我的设置中,启动时,系统会将用户注册为匿名用户,而不是尝试进行实际身份验证. 将以上代码段添加到安全配置中可以防止这种情况的发生,并且系统可以正确地将用户重定向到KC登录. 一旦我开始工作,我发现我的观点也被打破了.这是由于方法安全代理设置影响了所有bean. Vaadin需要实际的运行时类,而不是例如代理.查找视图. 将 我将所有更改推送到github项目. I have been been playing with spring boot and been successful in using Keycloak and Vaadin separately in different projects. Now, I wanted to combine both to avoid having to implement my own security using Vaadin. The result I have so far can be found here: github project. I started from the shared security example given by vaadin4spring. I then added the Keycloak configuration as given by the keycloak-spring-security-adapter and the keycloak-spring-boot-adapter. I have now hit a wall in getting both to work together. When everything is up and running and I navigate to {"timestamp":...,"status":401,"error":"Unauthorized","message":"Unauthorized","path":"/"} No redirect is triggered to authenticate with Keycloak. However, if I navigate to any other url not managed by Vaadin, e.g. After logging in successfully, I can navigate to Any ideas how to fix my configuration? I am thinking it is due to Vaadin handling CORS. Apparently, in my setup, upon startup the system would register the user as being anonymous instead of trying to actually authenticate. Adding the above snippet to the security configuration prevents this from happening and the system correctly redirects the user to KC login. Once I got this working, I noticed my views were also broken. This was due to method security proxy settings affecting all beans. Vaadin requires actual run-time classes instead of proxies to e.g. find views. Changing I pushed all changes to the github project. 这篇关于Spring Boot,Keycloak和Vaadin集成问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!localhost:8080/login,将触发重定向.localhost:8080.但是,任何操作都将受到限制,受保护的视图将保持隐藏.http.anonymous().disable();
@EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = true, proxyTargetClass = true)
proxyTargetClass更改为true可以确保创建子类代理,从而避免与Vaadin发生任何冲突.localhost:8080, I get the following error:
localhost:8080/login, the redirect is triggered.localhost:8080 without an error. However, any operation remains restricted and the secured views remain hidden.http.anonymous().disable();
@EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = true, proxyTargetClass = true)
proxyTargetClass to true ensures subclass proxies are created avoiding any conflict with Vaadin.
