Keycloak Springboot bearer only for specific endpoint and non bearer for another

1.2k Views Asked by Ezekiela Rakotoarijaona At 20 October 2024 at 19:43

I am trying to use keycloak springboot adapter. I want to make some endpoints with "/api" work with bearer only to true.

But I also want the endpoint "/login" to not be a bearer only endpoint and redirect the user to the keycloak OIDC login page if he is not authenticated.

How can I achieve that ?

All I have now is just bearer only for every endpoints in my application properties.

Thanks in advance for your answers :)

Original Q&A

There are 1 best solutions below

ch4mp On 29 July 2022 at 19:52

In web-security conf,

enable anonymous
in http-security ant-matchers, add an entry for your public routes with permitAll()

    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        http.anonymous();
        http.authorizeRequests()
                .antMatchers("/login").permitAll()
                .anyRequest().authenticated();
        return http.build();
    }

PS

Keycloak spring adapters are deprecated

As an alternative, you can use:

spring-addons-webmvc-jwt-resource-server tutorial here
spring-boot-starter-oauth2-resource-server tutorial there (it requires more Java conf)

Keycloak Springboot bearer only for specific endpoint and non bearer for another

There are 1 best solutions below

PS

Related Questions in SPRING-BOOT

Related Questions in SPRING-SECURITY

Related Questions in KEYCLOAK

Related Questions in KEYCLOAK-SPRING-BOOT-STARTER

Trending Questions

Popular # Hahtags

Popular Questions