Reputation: 6110
Unable to define properties which start with keycloak
Unable to define properties which start with keycloak. keycloak-spring-boot-starter starter jar fails to load the properties if it observes keycloak properties which aren't known to the jar. The issue gets resolved if we prefix "sso" to the properties, is there a way to avoid this error even when keeping the keycloak prefixes.
keycloak.admin.username=
keycloak.admin.password=
sso.keycloak.admin.username=
sso.keycloak.admin.password=
this is the error seen with Spring Boot 2.5.0 and Keycloak 13.0.0
Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is java.lang.NullPointerException
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:185)
at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:653)
... 21 more
Caused by: java.lang.NullPointerException
at org.springframework.security.config.annotation.web.builders.HttpSecurity.addFilterAtOffsetOf(HttpSecurity.java:2654)
at org.springframework.security.config.annotation.web.builders.HttpSecurity.addFilterAfter(HttpSecurity.java:2645)
at org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter.configure(KeycloakWebSecurityConfigurerAdapter.java:123)
at com.foo.config.KeycloakSecurityConfig.configure(KeycloakSecurityConfig.java:36)
at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.getHttp(WebSecurityConfigurerAdapter.java:217)
at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.init(WebSecurityConfigurerAdapter.java:315)
at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.init(WebSecurityConfigurerAdapter.java:93)
at com.foo.config.KeycloakSecurityConfig$$EnhancerBySpringCGLIB$$501f46fb.init(<generated>)
at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.init(AbstractConfiguredSecurityBuilder.java:338)
at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.doBuild(AbstractConfiguredSecurityBuilder.java:300)
at org.springframework.security.config.annotation.AbstractSecurityBuilder.build(AbstractSecurityBuilder.java:38)
at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration.springSecurityFilterChain(WebSecurityConfiguration.java:127)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:564)
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:154)
Upvotes: 6
Views: 519
Answers (2)
Reputation: 6308
This error was introduced in version 5.5.0 of Spring Security which comes with Spring Boot 2.5.0. This is happening because KeyCloak adds two filters successively after another, like this:
@Override
protected void configure(HttpSecurity http) throws Exception {
http
...
.addFilterAfter(keycloakSecurityContextRequestFilter(), SecurityContextHolderAwareRequestFilter.class)
.addFilterAfter(keycloakAuthenticatedActionsRequestFilter(), KeycloakSecurityContextRequestFilter.class)
...
}
And there's a bug right now in which the custom filter order is not being persisted, thus resulting in a NullPointerException when trying to add a filter relative to another custom filter recently added.
What I advise you to do right now is to use a lower version of Spring Boot, like 2.4.x until the issue in GitHub gets resolved.
Upvotes: 6
Reputation: 396
From the Keycloak code it seems they have hardwired the properties to specific properties only.
From KeycloakSpringBootProperties
/* this is a dummy property to avoid re-rebinding problem with property keycloak.config.resolver when using spring cloud - see KEYCLOAK-2977 */
From their code, its seems we can make use of a workaround they have to include additional properties. But to do that we have to add 'config' in it.
keycloak.config.admin.username=asd
keycloak.config.admin.password=sss
Upvotes: 0
Related Questions
- Failed to introspect Class [org.keycloak.adapters.springboot.KeycloakAutoConfiguration]
- Keycloak Spring boot configuration
- NullPointerException encountered when integrating Spring Security with Keycloak
- Unable to build spring based project for authentication using keycloak
- java.lang.IllegalArgumentException : org.keycloak.adapters.springboot.KeycloakSpringBootProperties
- Keycloak 4.0.0 Beta 2 with Spring Boot 2
- Keycloak configuration for spring boot in application.properties
- Keycloak configuration in application.properties for spring boot
- Spring Boot Configuration -- keycloak
- Fail to setup Keycloak with Spring Boot Security UnsatisfiedDependencyException with KeycloakAutoConfiguration