Reputation: 1605
Spring boot + keycloak application not working when deployed to tomcat
I've integrated keycloak with my spring boot application. It's working when I run it using spring boot run. But when I create a war and deploy to tomcat, I get an exception:
java.lang.NullPointerException: null
at org.keycloak.adapters.KeycloakDeploymentBuilder.internalBuild(KeycloakDeploymentBuilder.java:57) ~[keycloak-adapter-core-9.0.2.jar:9.0.2]
Is there anything I need to do to deploy this to tomcat?
Here is my application.properties file:
# keycloak configuration
keycloak.realm=salary-plus
keycloak.auth-server-url=http://localhost:8080/auth
keycloak.ssl-required=external
keycloak.resource=salary-plus-api
keycloak.credentials.secret=8dd03031-60ac-4ef5-9ae5-19a2e3460da2
keycloak.use-resource-role-mappings = true
And here is my spring security config class:
@Configuration
@EnableWebSecurity
@ComponentScan(basePackageClasses = KeycloakSecurityComponents.class)
class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter {
@Autowired
public void configureGlobal(
AuthenticationManagerBuilder auth) throws Exception {
KeycloakAuthenticationProvider keycloakAuthenticationProvider
= keycloakAuthenticationProvider();
keycloakAuthenticationProvider.setGrantedAuthoritiesMapper(
new SimpleAuthorityMapper());
auth.authenticationProvider(keycloakAuthenticationProvider);
}
@Bean
public KeycloakSpringBootConfigResolver KeycloakConfigResolver() {
return new KeycloakSpringBootConfigResolver();
}
@Bean
@Override
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
return new NullAuthenticatedSessionStrategy();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
super.configure(http);
http
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
http
.csrf()
.disable();
http.authorizeRequests()
.antMatchers(HttpMethod.GET, "/api/disbursement/**").hasAnyRole(
"disbursement_maker", "disbursement_checker")
.antMatchers(HttpMethod.POST, "/api/disbursement/request").hasRole("disbursement_maker")
.antMatchers(HttpMethod.PUT, "/api/disbursement/item/*").hasRole("disbursement_maker")
.antMatchers(HttpMethod.PATCH, "/api/disbursement/request/update/*").hasRole("disbursement_maker")
.antMatchers("/api/auth/**").permitAll()
.anyRequest()
.denyAll();
}
}
Upvotes: 2
Views: 2061
Answers (1)
Reputation: 31669
For deploying as a WAR file you need to use the Keycloak Spring Security adapter or the Tomcat adapter, instead of the Spring Boot adapter. From the docs:
If you plan to deploy your Spring Application as a WAR then you should not use the Spring Boot Adapter and use the dedicated adapter for the application server or servlet container you are using. Your Spring Boot should also contain a web.xml file.
Upvotes: 3
Related Questions
- Spring app with Keycloak returns 401 error
- Keycloak: Failed to load URLs in Spring Boot Application
- Problem in integrating spring boot application with Keycloak
- Example keycloak spring-boot app fails to find bean KeycloakSpringBootConfigResolver
- KeyCloak - Spring boot only get requests work
- Tomcat 9 with keycloak configuration
- Keycloak with spring boot issue when deploying on tomcat
- Keycloak configuration for spring boot in application.properties
- Spring Boot Configuration -- keycloak
- Spring boot and Keycloak