tutorials
tutorials copied to clipboard
eugenp
Spring Keycloak : Getting error 403
Hello there,
After following the article which is updated today I am getting 403 error code. Even after cloning the source its not working. I am hosting Keycloak server on port 8180
I am hosting Keycloak server 20.0.3 on local port 8180
Application properties
` spring.security.oauth2.client.registration.keycloak.client-id=demo-app spring.security.oauth2.client.registration.keycloak.authorization-grant-type=authorization_code spring.security.oauth2.client.registration.keycloak.scope=openid spring.security.oauth2.client.provider.keycloak.issuer-uri=http://localhost:8180/realms/SpringBootKeycloak spring.security.oauth2.client.provider.keycloak.user-name-attribute=preferred_username
spring.security.oauth2.resourceserver.jwt.issuer-uri=http://localhost:8180/realms/SpringBootKeycloak `
SecurityConfig.java
` @Configuration @EnableWebSecurity class SecurityConfig {
private final KeycloakLogoutHandler keycloakLogoutHandler;
SecurityConfig(KeycloakLogoutHandler keycloakLogoutHandler) {
this.keycloakLogoutHandler = keycloakLogoutHandler;
}
@Bean
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl());
}
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.authorizeHttpRequests().requestMatchers("/customers*").hasRole("USER").anyRequest().permitAll();
http.oauth2Login().and().logout().addLogoutHandler(keycloakLogoutHandler).logoutSuccessUrl("/");
http.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt);
return http.build();
}
} `
I have uploaded the source on Github https://github.com/TusharGirase/keycloak-spring-boot
Hey, @TusharGirase.
Thanks for the feedback. We'll look into this and update the article if necessary.
Hi @TusharGirase The article https://www.baeldung.com/spring-boot-keycloak shows the Keycloak server running on port 8080. If you want to use a different port, you'll have to make sure all instances are properly updated. Have you followed all the other steps in the article to set up the realm and users? On what request are you getting error 403?
Hi @lor6 I have completed all the steps including creation of realm and user. After clicking on login Keycloak server redirects to server there I am getting error 403. Looks spring boot sever is not getting authentication information.
Hi all, I had the same issue. I solved it by adding the .oauth2Client() to the filter chain and creating a custom GrantedAuthoritiesMapper as suggested in this Stack Overflow post.
@ShawnRG Please, just write the config of .oauth2Client() and here GrantedAuthoritiesMapper ! i have the same issue, Thanks !
Here you can find Keycloak/Spring-Security roles mapping fixes for both Oauth2.0 Client and Resource - https://stackoverflow.com/a/69333676
Hi @Parwand Have you made any extra changes to the tutorial's code? Please provide a link to your project, so we can check it. Thanks
Hi @xSawk Have you made any extra changes to the tutorial's code? Please provide a link to your project, so we can check it. Thanks
Related: https://github.com/eugenp/tutorials/issues/15249
UPDATE: figured out a solution .. working on it .. will inserted here
UPDATE 28.11.2023: Solution refactored and tested successfully multiple times. Will be released in this thread within this week. Thanks all for your patience.
[PLACEHOLDER FOR THE CODE]
Closing this as handled in https://github.com/eugenp/tutorials/issues/15249