Showing posts with label spring boot keycloak. Show all posts
Showing posts with label spring boot keycloak. Show all posts

Thursday, April 13, 2023

How to create key cloak authentication server and spring boot

To create a Keycloak authentication server, you need to follow these steps: 

 1. Download and Install Keycloak: You can download Keycloak from the official website     

 Follow the installation instructions provided in the documentation. 

 2. Configure Keycloak: Once installed, you need to configure Keycloak by creating a new realm. 
     A realm is a container for all the users, roles, and groups in your application.

    To create a new realm, log in to the Keycloak admin console using the default credentials
      (admin/admin), then follow these steps:

      Click on the "Add Realm" button and provide a name for your realm. 

      Configure your realm settings, including themes, email settings, and login settings. 

      Create users and groups within your realm and assign roles to them. 

 3. Set Up Your Spring Boot Application: You can use the Keycloak Spring Boot Starter dependency to
      add Keycloak authentication to your Spring Boot application.

      Add the following dependency to your Maven or Gradle build file:

<dependency>
  <groupId>org.keycloak</groupId>
  <artifactId>keycloak-spring-boot-starter</artifactId>
</dependency>


4. Configure Your Spring Boot Application: You need to configure your Spring Boot application to
     connect to the Keycloak server. 

     You can do this by adding the following properties to your application.properties or application.yml file:
keycloak.auth-server-url=<keycloak-server-url>
keycloak.realm=<keycloak-realm>
keycloak.resource=<keycloak-client-id>
keycloak.credentials.secret=<keycloak-client-secret>


   Replace <keycloak-server-url>, <keycloak-realm>, <keycloak-client-id>, 
    and <keycloak-client-secret> with the appropriate values for your Keycloak instance.

 5.  Secure Your Spring Boot Application: You can secure your Spring Boot application by adding the
      Keycloak configuration to your Spring Security configuration. 

      You can do this by creating a new class that extends KeycloakWebSecurityConfigurerAdapter and
      override the configure method. 

Here's an example:
@Configuration
@EnableWebSecurity
@ComponentScan(basePackageClasses = KeycloakSecurityComponents.class)
public class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter {

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth.authenticationProvider(keycloakAuthenticationProvider());
    }

    @Bean
    public KeycloakSpringBootConfigResolver keycloakConfigResolver() {
        return new KeycloakSpringBootConfigResolver();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        super.configure(http);
        http.authorizeRequests().antMatchers("/admin/**").hasRole("admin")
          .antMatchers("/user/**").hasAnyRole("user", "admin")
          .anyRequest().permitAll();
    }
}
    This configuration class enables Keycloak authentication and authorization for specific URLs in the
     application.

 6. Test Your Application: You can test your application by running it and accessing the protected URLs.
     When a user tries to access a protected resource, they will be redirected to the Keycloak login page.
      Once they successfully authenticate, they will be redirected back to the original resource. 

That's it! we have created a Keycloak authentication server and secured your Spring Boot application with it.

AddToAny

Contact Form

Name

Email *

Message *