mohalaoui / keycloak_spring_boot

spring boot app Security with keycloak using OpenId using JWT Token and thymeleaf template for front test

keycloak oidc jwt jwt-token spring-security springboot

Keycloak spring-boot simple

template

thymeleaf starter
spring-boot-starter-thymeleaf
path : /src/main/resources/templates

security

Spring security


	  http
            .authorizeRequests()
            .antMatchers("/products").hasRole("user")
            //.antMatchers("/products/*").hasRole("admin")
            .anyRequest().permitAll();
      
      http.csrf().disable();

use HttpSecurity to set our authorization strategy
we can use role annotations instead

keycloak

create a realm
create a client
create a role(s)
create a user
add role(s) to user

keycloak spring config

application.properties :


keycloak.auth-server-url=http://your_keyclok_url:port/auth
keycloak.realm=springDemo 
keycloak.resource=product-app # client name
keycloak.public-client=true

keycloak.principal-attribute=preferred_username # default claim send in JWT, you can create a custom one via user attributes

spring.main.allow-bean-definition-overriding=true

About

spring boot app Security with keycloak using OpenId using JWT Token and thymeleaf template for front test

keycloak oidc jwt jwt-token spring-security springboot

Languages

Language:Java 79.9%Language:HTML 20.1%