Server response is 403 after the Spring Boot application has restarted

harold · November 9, 2021, 6:41am

Hello,

I have an application that allows the user to restart the Spring Boot service from the browser.
The user case is like this:

1 - The user restart the application
2 - The application is redirected to the Keycloak login page (OK)
3 - The user tries to login
4 - The application responds with 500 since the application still not ready (OK)
→ The browser tries to navigate to the /sso/login page, something like this:

https://10.161.54.36/sso/login?redirect_url=/sctools/&state=e2a9b217-8f54-4bfe-8611-14bb1886eb18&session_state=86cafb2e-25af-4136-940c-f04ba0fcf903&code=7086961d-8cb1-47be-8ee0-d403400b6c1b.86cafb2e-25af-4136-940c-f04ba0fcf903.442a440e-6df0-40c7-b8cb-3a52123430a0

5 - After a while when the application is up, the user resend the request (F5 in the browser)
6 - The application responds with a 403 Forbidden exception

The only way to stop getting the 403 is to manipulate the url in the browser and delete the [code] parameter or to write the right url.

Is any way to redirect to a specific page when getting 403 exception?

I tried to extend KeycloakAuthenticationFailureHandler with the following code, but since the request has already committed it is not possible to redirect to any page.

public class McdKeycloakAuthenticationFailureHandler extends KeycloakAuthenticationFailureHandler {
    private static final Logger LOGGER = LoggerFactory.getLogger(McdKeycloakAuthenticationFailureHandler.class);

    @Autowired
    DefaultErrorHandler defaultErrorHandler;

    @Override
    public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
                                        AuthenticationException exception) throws IOException, ServletException {

        LOGGER.debug("onAuthenticationFailure {}",  exception.toString());

        // Check that the response was not committed yet (this may happen when another
        // part of the Keycloak adapter sends a challenge or a redirect).
        if (!response.isCommitted()) {
            if (KeycloakCookieBasedRedirect.getRedirectUrlFromCookie(request) != null) {
                response.addCookie(KeycloakCookieBasedRedirect.createCookieFromRedirectUrl(null));
            }

            defaultErrorHandler.handleCommonException(HttpStatus.UNAUTHORIZED, exception);
        } else {
            LOGGER.debug("onAuthenticationFailure - response isCommitted - Status: {}",  response.getStatus());
            if (200 <= response.getStatus() && response.getStatus() < 300) {
                throw new RuntimeException("Success response was committed while authentication failed!", exception);
            }
        }
    }
}

Thank you

Topic		Replies	Views
Spring boot cloud gateway and keycloak 401 error	0	1195	May 18, 2021
Receive a 403 error while using the client credentials flow for machine to machine service (spring boot) Configuring the server authentication	0	545	February 1, 2022
Springboot application with keycloak adapter not working behind an HTTPS proxy Securing applications	17	5913	June 21, 2023
How customize 403 and 500 error messages Getting advice	0	1220	November 24, 2021
All URLs getting redirected to keycloak login page in springboot app Getting advice authentication	0	859	February 11, 2022

Server response is 403 after the Spring Boot application has restarted

Related Topics