Hello,
I have an application that allows the user to restart the Spring Boot service from the browser.
The user case is like this:
1 - The user restart the application
2 - The application is redirected to the Keycloak login page (OK)
3 - The user tries to login
4 - The application responds with 500 since the application still not ready (OK)
→ The browser tries to navigate to the /sso/login page, something like this:
https://10.161.54.36/sso/login?redirect_url=/sctools/&state=e2a9b217-8f54-4bfe-8611-14bb1886eb18&session_state=86cafb2e-25af-4136-940c-f04ba0fcf903&code=7086961d-8cb1-47be-8ee0-d403400b6c1b.86cafb2e-25af-4136-940c-f04ba0fcf903.442a440e-6df0-40c7-b8cb-3a52123430a0
5 - After a while when the application is up, the user resend the request (F5 in the browser)
6 - The application responds with a 403 Forbidden exception
The only way to stop getting the 403 is to manipulate the url in the browser and delete the [code] parameter or to write the right url.
Is any way to redirect to a specific page when getting 403 exception?
I tried to extend KeycloakAuthenticationFailureHandler with the following code, but since the request has already committed it is not possible to redirect to any page.
public class McdKeycloakAuthenticationFailureHandler extends KeycloakAuthenticationFailureHandler {
private static final Logger LOGGER = LoggerFactory.getLogger(McdKeycloakAuthenticationFailureHandler.class);
@Autowired
DefaultErrorHandler defaultErrorHandler;
@Override
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
AuthenticationException exception) throws IOException, ServletException {
LOGGER.debug("onAuthenticationFailure {}", exception.toString());
// Check that the response was not committed yet (this may happen when another
// part of the Keycloak adapter sends a challenge or a redirect).
if (!response.isCommitted()) {
if (KeycloakCookieBasedRedirect.getRedirectUrlFromCookie(request) != null) {
response.addCookie(KeycloakCookieBasedRedirect.createCookieFromRedirectUrl(null));
}
defaultErrorHandler.handleCommonException(HttpStatus.UNAUTHORIZED, exception);
} else {
LOGGER.debug("onAuthenticationFailure - response isCommitted - Status: {}", response.getStatus());
if (200 <= response.getStatus() && response.getStatus() < 300) {
throw new RuntimeException("Success response was committed while authentication failed!", exception);
}
}
}
}
Thank you