Spring security adapter

relsayed · November 6, 2019, 7:40am

Hi,
I am using Keycloak 7.0.1 and configured it with Kerberos. My application uses spring-security adapter. I have the following configuration

  @Override
  protected void configure(HttpSecurity http) throws Exception {
    super.configure(http);
    http.csrf().disable().authorizeRequests()
    .antMatchers("/js/**", "/css/**", "/vendors/**", "/images/**").permitAll()
    .antMatchers("/**").authenticated()
    .and().logout().logoutSuccessUrl("/loggedout");
  }

In my application I handled the mapping of the login/logout success url in a @Controller class

'@Controller
'@RequestMapping("/")
public class ApplicationController {

  private static final String LOGOUT = "LOGOUT";
  @Autowired
  private SecurityService securityService;
  
  '@GetMapping
  public void showView(HttpServletRequest req, HttpServletResponse resp) throws Exception {
    String currentUserName = securityService.getCurrentUserName();
    System.out.println("userName= " + currentUserName);
    req.getSession().setAttribute("currentUserName", currentUserName);
    resp.sendRedirect("HomePage");
  }
  
  '@GetMapping("/loggedout")
  public String logout() {
    return LOGOUT;
  }
}

I am asking whether this is the best practice or is there a way to handle this in the adapter configuration?

Topic		Replies	Views
Spring security - logout from Keycloak not propagated Securing applications	1	1575	August 4, 2020
Spring boot + Spring Security + Keycloak - can't understand how it all should work Getting advice	3	5767	September 8, 2020
Javascript Adapter Logout multiple tabs issue Securing applications adapter-javascript	0	1750	March 6, 2021
Java OIDC adapter logs out via frontend URL instead of auth-server-url Securing applications oidc	1	492	March 25, 2022
Spring Security Keycloak Adapter cannot handle single sign-out when logout from another tab in browser Securing applications authentication , oidc	6	7308	May 9, 2024

Spring security adapter

Related Topics