hawtio icon indicating copy to clipboard operation
hawtio copied to clipboard

Published 20 hours ago verified publisher icon hawtio

Both `authenticationEnabled` and `keycloakEnabled` to `false` should disable Keycloak and authentication together on Spring Boot

Open tadayosi opened this issue 11 months ago • 1 comments

Right now, even if you apply the following config to application.properties in a Spring Boot application, the app is still configured to integrate with Keycloak and tries to dispatch authentication to Keycloak:

hawtio.authenticationEnabled = false
hawtio.keycloakEnabled = false

To disable keycloak integration with Spring Boot, you need to comment out this dependency:

    <dependency>
      <groupId>io.hawt</groupId>
      <artifactId>hawtio-springboot-keycloak</artifactId>
    </dependency>

tadayosi avatar Aug 24 '23 09:08 tadayosi

A temporary workaround to disable spring security in the tests I found is

    @Bean
    WebSecurityCustomizer webSecurityCustomizer() {
        if (activeProfiles.contains("keycloak")) {
            return (web) -> {};
        } else {
            return (web) ->  web.ignoring().anyRequest();
        }
    }

This way auth is still handled by hawtio auth and if the keycloak profile is used then the springboot-keycloak autoconfiguration is used.

mmuzikar avatar Aug 28 '23 10:08 mmuzikar