Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- package cyclone.keycloak.adapterclient;
- import org.keycloak.adapters.KeycloakConfigResolver;
- import org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver;
- import org.keycloak.adapters.springsecurity.KeycloakConfiguration;
- import org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationProvider;
- import org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter;
- import org.springframework.beans.factory.annotation.Autowired;
- import org.springframework.context.annotation.Bean;
- import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
- import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
- import org.springframework.security.config.annotation.web.builders.HttpSecurity;
- import org.springframework.security.core.authority.mapping.SimpleAuthorityMapper;
- import org.springframework.security.web.authentication.session.NullAuthenticatedSessionStrategy;
- import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
- @KeycloakConfiguration
- @EnableGlobalMethodSecurity(prePostEnabled = true)
- public class WebSecurityConfig extends KeycloakWebSecurityConfigurerAdapter {
- @Override
- protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
- return new NullAuthenticatedSessionStrategy();
- }
- @Autowired
- public void configureGlobal(AuthenticationManagerBuilder authManagerBuilder) {
- KeycloakAuthenticationProvider keycloakAuthenticationProvider = keycloakAuthenticationProvider();
- // adding proper authority mapper for prefixing role with "ROLE_"
- keycloakAuthenticationProvider.setGrantedAuthoritiesMapper(new SimpleAuthorityMapper());
- authManagerBuilder.authenticationProvider(keycloakAuthenticationProvider);
- }
- @Bean
- public KeycloakConfigResolver keycloakConfigResolver() {
- return new KeycloakSpringBootConfigResolver();
- }
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- super.configure(http);
- http
- .authorizeRequests()
- .antMatchers("/api/anonymous/**").permitAll()
- .anyRequest().fullyAuthenticated();
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement