Spring security adapter

relsayed · November 6, 2019, 7:40am

Hi,
I am using Keycloak 7.0.1 and configured it with Kerberos. My application uses spring-security adapter. I have the following configuration

  @Override
  protected void configure(HttpSecurity http) throws Exception {
    super.configure(http);
    http.csrf().disable().authorizeRequests()
    .antMatchers("/js/**", "/css/**", "/vendors/**", "/images/**").permitAll()
    .antMatchers("/**").authenticated()
    .and().logout().logoutSuccessUrl("/loggedout");
  }

In my application I handled the mapping of the login/logout success url in a @Controller class

'@Controller
'@RequestMapping("/")
public class ApplicationController {

  private static final String LOGOUT = "LOGOUT";
  @Autowired
  private SecurityService securityService;
  
  '@GetMapping
  public void showView(HttpServletRequest req, HttpServletResponse resp) throws Exception {
    String currentUserName = securityService.getCurrentUserName();
    System.out.println("userName= " + currentUserName);
    req.getSession().setAttribute("currentUserName", currentUserName);
    resp.sendRedirect("HomePage");
  }
  
  '@GetMapping("/loggedout")
  public String logout() {
    return LOGOUT;
  }
}

I am asking whether this is the best practice or is there a way to handle this in the adapter configuration?

Topic		Replies	Views
Spring Security: Multi Tenant support Securing applications	0	430	March 31, 2021
Spring boot adapter can't logout under Jetty Securing applications	0	652	March 10, 2020
Spring Security Adapter: how to fallback to form login if Keycloak server is not available? Getting advice	0	651	January 5, 2021
CORs error with OpenID 1.0 Connect Logout Securing applications oidc	2	1373	March 24, 2022
I'm having trouble integrating my jax-rs app with keycloak Securing applications adapter-java , authentication , oidc	0	225	November 18, 2023

Spring security adapter

Related Topics