mehmetcemyucel · May 25, 2020 15:31
diff --git a/KeycloakConfiguration.java b/KeycloakConfiguration.java
 package com.cem.oauth2.configuration;

 import org.keycloak.adapters.KeycloakConfigResolver;
 import org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver;
 import org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationProvider;
 import org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.core.authority.mapping.SimpleAuthorityMapper;
 import org.springframework.security.core.session.SessionRegistryImpl;
 import org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy;
 import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;

 @org.keycloak.adapters.springsecurity.KeycloakConfiguration
 @EnableGlobalMethodSecurity(prePostEnabled = true)
 public class KeycloakConfiguration extends KeycloakWebSecurityConfigurerAdapter {
    @Bean
    @Override
    protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
        return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl());
    }

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) {
        KeycloakAuthenticationProvider provider = keycloakAuthenticationProvider();
        provider.setGrantedAuthoritiesMapper(new SimpleAuthorityMapper());
        auth.authenticationProvider(provider);
    }

    @Bean
    KeycloakConfigResolver keycloakConfigResolver() {
        return new KeycloakSpringBootConfigResolver();
    }

    @Override
    protected void configure(HttpSecurity httpSecurity) throws Exception {
        super.configure(httpSecurity);
        httpSecurity.authorizeRequests()
                .anyRequest().permitAll();
    }
 }
	package com.cem.oauth2.configuration;

	import org.keycloak.adapters.KeycloakConfigResolver;
	import org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver;
	import org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationProvider;
	import org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter;
	import org.springframework.beans.factory.annotation.Autowired;
	import org.springframework.context.annotation.Bean;
	import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
	import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
	import org.springframework.security.config.annotation.web.builders.HttpSecurity;
	import org.springframework.security.core.authority.mapping.SimpleAuthorityMapper;
	import org.springframework.security.core.session.SessionRegistryImpl;
	import org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy;
	import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;

	@org.keycloak.adapters.springsecurity.KeycloakConfiguration
	@EnableGlobalMethodSecurity(prePostEnabled = true)
	public class KeycloakConfiguration extends KeycloakWebSecurityConfigurerAdapter {
	@Bean
	@Override
	protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
	return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl());
	}

	@Autowired
	public void configureGlobal(AuthenticationManagerBuilder auth) {
	KeycloakAuthenticationProvider provider = keycloakAuthenticationProvider();
	provider.setGrantedAuthoritiesMapper(new SimpleAuthorityMapper());
	auth.authenticationProvider(provider);
	}

	@Bean
	KeycloakConfigResolver keycloakConfigResolver() {
	return new KeycloakSpringBootConfigResolver();
	}

	@Override
	protected void configure(HttpSecurity httpSecurity) throws Exception {
	super.configure(httpSecurity);
	httpSecurity.authorizeRequests()
	.anyRequest().permitAll();
	}
	}